I don't know why I am struggling with this so bad, but I have a simple form field (text area) that gets inserted into a database. After switching to mssql instead of mysqli I can't figure out how to escape the single quotes and get the insert or update to work.
if I have this form field
Comments: <textarea name="RACOMMENTS" cols="100" rows="10" /></textarea>
and this update:
"update table set RACOMMENTS='" . $_POST['RACOMMENTS'] . "' ";
How do I escape that field to allow a word like don't or can't or sister's