If you are prepping this string for use in a query, then try : mysql_escape_string (unescaped_string); It returns a string that is formatted for use in an mySQL query. From the horse : http://www.php.net/manual/en/function.mysql-escape-string.php hth, Burhan Khalid