mysql_real_escape_string and single quote

Question

I\'m quite frustrated. I want to be able to insert into my database names with single quotes - for example, O\'Connor.

So, when inserting into the DB, I do:

Answer 1

All you need to do is take the search query, mysql_real_escape_string it, and it should be perfectly fine. The best way to do this though is to never store it escaped, and instead just escape it everything is goes into the database.

Instead, do this:

 $_SESSION['search'] = $_GET['search'];
 $search = mysql_real_escape_string($_GET['search']);