Thanks for the reply mate,
I'm not exactly sure what that code is that you typed but I do understand your meaning (I think)
Basically, if hackers can close the quotes, they can alter the code and get information from the database or get access to information?

So by escaping the ' with a slash \' it stops them getting access?
Like I said, I'm a green as a leaf noob with PHP nd most scripting languages lol

Thanks again CV, this is the second time you helped me out :P