I need to have mysql_real_escape_string added to my classified program on my website [url removed, login to view]
There is no escaping of
quotes done during translating your request to SQL language. Instead of an SQL
insert command with an even number of quotes you end up with something invalid
by entering a description containing one or more single quotes.
I strongly recommand using another software or fixing this one to escape quotes.
This is the info I was given from my hosting provider.