Hi can anyone help? I'm using the below code to insert some text fields from a form into a database. I've noticed that if we type something using a ' (i.e we're all going out for the day) in the text field then we get a insert error back from mysql saying it can't insert into the text field. I kind of think I know what the problrem is but need someone in the know to clear it up for me.

Thanks in advance -

<?php
include('common.php');
//establish user connection
$connection=mysql_connect($dbhost,$dbuser,$dbpasswd) or die ("Couldn't connect to Server!");
//select database
mysql_select_db($dbname,$connection) or die ("Couldn't connect to database");
$id = $_POST['id'];
$title = $_POST['title'];
$description = $_POST['description'];
$further_info = $_POST['further_info'];
$active = $_POST['active'];
$salary = $_POST['salary'];
$reference = $_POST['reference'];
$ftpt = $_POST['ftpt'];
$permtemp = $_POST['permtemp'];
$year = $_POST['year'];
$day = $_POST['day'];
$month = $_POST['month'];
$date = "$year-$month-$day";

$target_path = "descriptions/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
$document = $_FILES['uploadedfile']['name'];}

$query = "UPDATE jobs SET title='$title', description='$description', further_info='$further_info', date='$date', active='$active', salary='$salary', reference='$reference', ftpt='$ftpt', permtemp='$permtemp', document='$document' WHERE id = '$id'";

$result = mysql_query($query,$connection) or die(mysql_error());

mysql_close();