Sanitizing text being stored in text fields - some characters cause problems

Hi all,

I have another question, this one related to storing text in fields.

The DB in question is very old, and has an html/php based (so, basically
just a lot of web forms with a Submit button on them) front end.

We have recently upgraded the code so that it will run on newer versions
of postgresql (9.1) (and php/apache). Everything seems to be working
well, with one exception...

We have always had a very few minor problems with saving some of the web
forms if the text fields had certain characters in them.

For example, one of the fields would simply not save if the text field
had the characters 'char' anywhere in the field. So, if my comment was
'Charles is a bonehead', it wouldn't save this text.

Since we updated, we no longer have this *particular* problem, but we
have many other similar ones - for example, an apostrophe entered
anywhere in the text will cause the record to not be saved properly (I
think it may get saved somewhere, but not linked to the correct record).

One problem is, the people using this DB will copy/paste stuff from all
kinds of sources (emails, from web sites, etc) and paste the text into
these fields (basically notes/comments fields), so we need to learn the
correct way to 'sanitize' the text so that pretty much any characters
that can be typed on a keyboard should be able to be used.

Wo, would someone point me to the section(s) in tfm that relate
specifically to the proper way to store text that could contain
basically any of the characters that you can type on a keyboard? And is
the proper place/way to fix this on the back-end (in postgresql), or in
the php/html code - or a combination?

As you may have surmised, I am not a programmer, I'm simply trying to
get some pointers for our developers. Like I said in my last email, they
are not very well versed in postgresql yet - they are mainly Microsoft
SQLSERVER guys who are learning postgresql in preparation to switching
to it as their primary SQL DB engine for all of their projects, but our
project is what they are cutting their teeth on (shudder)... and yes,
I'm pushing one or more of them to sign up to these lists themselves,
and I'm sure they will, but they have a lot on their plate at the moment.

Thanks, and again, pointers to documentation that I can pass on to our
developers on this question are most welcome.

Simon