MySQL Query not inserted when PHP variable contains single quotes

Question

This query not inserted when variable $subject has single quotes . Is there any possible solution available ?

mysql_query(\"INSERT INTO  table  (to_email_id,         


        

Answer 1

You need to use mysql_real_escape_string() on your values $to and $subject

Also if you weren't doing this before you are open to sql injection