How to properly add apostrophes into a mySQL INSERT command

I am trying to add some data into a MySQL database using a text area. However, when someone adds in an apostrophe it breaks the INSERT command because it acts as a single quote. How can this be fixed?

Here is what the command would look like if you stipped out all the variables that I am using.

INSERT INTO skills09 (name, birthday, skills) VALUES ('Tom Haverford', '31_02_1987', 'Being Awesome, Announcing cool things, Treatin' Yo Self, Failing');

As I was looking at this I had a thought.

Is it as simple as using double quotes around my variable names rather than single quotes? This seems like an easy fix but I have always used single quotes in MySQL.

Answer

PHP How to replace customers text area apostrophes with a escape character

$lastname  = "O'Reilly";
$_lastname = mysqli_real_escape_string($lastname);

$query = "SELECT * FROM actors WHERE last_name = '$_lastname'";