use addslashes() around the variable. this will add the appropriate slashes so it won't do funky stuff.
