I am using the following insert statement within a tool pulling data from one DB into another one.

我在一个工具中使用以下插入语句，将数据从一个数据库提取到另一个数据库中。

INSERT INTO act_vulnerabilities_internal_test (device_type, ip_address, user_tag,       
repositoryID, severity, pluginID, pluginName, pluginText)

VALUES ("@Data.device_type~", "@Data.ip_address~", "@Data.user_tag~",    
"@Data.repositoryID~", "@Data.severity~", "@Data.pluginID~", "@Data.pluginName~",   
 @Data.pluginText~)

Error message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\nSynopsis :\n\nIt is possible to retrieve file backups from the remote web serv' at line 3

错误消息：您的 SQL 语法有错误；检查与您的 MySQL 服务器版本相对应的手册，以了解在“\nSynopsis :\n\nIt is possible to retrieve file backups from the remote web serv”（第 3 行）附近的正确语法

The data I am trying to pull from one of the columns has a lot of single and double quotes in it (this is pulling from a proprietary tool and I cannot edit the data). The column giving me the problems is the one named pluginText. Is there a way to make the db ignore the ' and " contained within the rows?

我试图从其中一列中提取的数据中有很多单引号和双引号（这是从专有工具中提取的，我无法编辑数据）。给我带来问题的那一栏是 pluginText。有没有办法让数据库忽略行中包含的 ' 和 "？

Is mysql_real_escape_string what I need to do this properly?

mysql_real_escape_string 是我需要正确执行此操作的吗？