Some time ago I resolved the problem with special characters and INSERT by modifying my code as follows:
Code:
$progname=mysql_real_escape_string($_POST['progname']);
This allowed me to use quotes, apostrophies, etc. without having to use "\" or a special character code like "'"

I tried replacing
Code:
$progname=mysql_result($result,$i,"progname");
in UPDATE with
Code:
$progname=mysql_real_escape_string($_POST['progname']);
but that doesn't work. In fact, it does nothing at all.