Since submissions with apostrophes were breaking the teacher registration form (
http://www.canadianmysteries.ca/teachers/login/indexen.php ) - for example, "Queen's University" - I added a loop that passes all of the POST variables through
mysql_real_escape_string
before inserting into the DB.