When attempting to update a database file with a field containing the apostrophe special character ('), I have to manually escape that character in order to successfully pass the entry to the action file. Is there a way, similar to mysql_real_escape_string, to do this without using the escape \?

For example, I use an update.html to enter the unique parameter
Code:
	
  <form method="post" action="update.php">
  <fieldset>
	<label>Program Name</label><input type="text" name="progname" size="40">
	<input type="submit" value="Submit" style="margin:0 1em"/>
 	<input type="reset" value="Reset" style="margin-left:1em"/>
  </fieldset>
  </form>
The update.php file receives the parameter and posts the complete record, then passes changes to updated.php
Code:
  $query="SELECT * FROM programs WHERE progname='$progname'";
  $result=mysql_query($query)or die(mysql_error());

  $num=mysql_numrows($result); 
  $i=0;
  mysql_close();

  while ($i < $num) {
  $progname=mysql_result($result,$i,"progname");
If the "progname" entry contains an apostrophe (ex: Leanin' Tree), and is entered in the .html file without the escape character, when submitted it returns an error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Tree'' at line 1

The "progname" entry in the example above must be entered with the escape character (Leanin\' Tree) in order to successfully pass to the update.php file. Same applies when the update.php file passes the data to updated.php file. Even though the update.php file displays the progname correctly (Leanin' Tree), I must manually add the escape character again before submitting to updated.php.

Of course, updated.php has no problem passing to the database, since it uses
Code:
$progname=mysql_real_escape_string($_POST['progname']);
Keep in mind, I am not attempting to change the "progname" entry, just other data associated with that entry.

Is it possible to perform the update on such entries without having to manually enter the escape character, just like when entering the "progname" for the first time using
Code:
$progname=mysql_real_escape_string($_POST['progname']);
and
Code:
$query = "INSERT INTO programs 
	VALUES (
  	'$progname',
That is accomplished without the need to enter the escape character.