Here's my query and code:

$_POST[msg] = strip_tags($_POST[msg]);
$_POST[room] = strip_tags($_POST[room]);
$_POST[color] = strip_tags($_POST[color]);
$_POST[value] = strip_tags($_POST[value]);

@mysql_query("INSERT INTO messages SET
user = '$uid',
value = '$_POST[value]',
message = '$_POST[msg]',
style = '$color',
latest = '$utime',
ip ='$ip',
room='$room'");
}


However whenever i submit a posting that has ' in the posting it doesnt post it, how can i get around this? i've tried so many different things but it just gives me parse errors.

You need mysql_escape_string() or addslashes(). Some input validation would be a good idea, too. Never know what people will submit out of incompetence, nevermind malice.

Thanks, i knew it would be something as obvious as that.

I'm working on validation once i get all my small bugs sorted :)

Why do you use $_POST to put new values in it? Suggested Code:

$msg = addslashes($_POST[msg]);
$room = addslashes($_POST[room]);
$color = addslashes($_POST[color]);
$value = addslashes($_POST[value]);

@mysql_query("INSERT INTO messages (user,value,message,style,latest,ip,room) VALUES ('$uid','$value','$msg','$color','$utime','$ip','$room')");
}

where

(user,value,message,style,latest,ip,room) = The Table coloumns

And when reading the value of message from DB you should use: strip_tags()
Regards