Yes, those are commonly called single quotes. Whether or not they're bad depends entirely on how you're quoting your data within your query. If you do:
mysql_query("select * from blah where blah2='somedata' ");
Then somedata containing an ' would indeed break out of that string enclosing and may be interpreted as data. However that should be a non-issue here as that is one, of the many things, mysql_real_escape_string() escapes.
The sanitizing i was mentioning was many in reference to cross-site scripting (aka, xss). What if someone made their name:
Technically, any bad characters would be escaped by mysql_real_escape_string... but all that does is let you safely store this malicious script, if you echo this value to the browser, maybe as part of a list of users for example, the script will then be interpreted as html code within your page and executed. For this you can protect yourself by: