Subject Insert String question: more detail
Author Screawn
If a user enters into a form <input name="company" type='text'>

Company_name: Dave's Company

A single quote is used to show ownership.

The php variable $company is placed within an insert statement.

$sqlstring="Insert into Customers(customer_no,company_name)values

This works fine as long as the user doesnt enter a single quote in
the Company name field. How can the user enter a single quote without
generating an error?