Inserting Row in MySQL From Existing Row That Contains Quotes

[Suckmeoff]

Just wondering, to sanitize user input, I use mysql_real_escape_string() on data before it is inserted into a table. Therefore when a user enters something like this:\[code\]Hi I'm just testing this\[/code\]It gets placed into the table just fine, exactly as above. Question is, if I were to pull that data and place it into a variable via PHP, say $string, what would happen if I then used that variable to insert data into a new row in the table? Such as:\[code\]<?php$result = mysql_query( "SELECT data FROM table WHERE id='1'" ); //data = http://stackoverflow.com/questions/3571323/Hi I'm just testing this$result_array = mysql_fetch_array( $result );$string = $result_array['data']; //string = Hi I'm just testing this$insert = mysql_query( "INSERT INTO table (data) VALUES ('$string')" ) or die(mysql_error());?>\[/code\]Would the single quote (') cause problems in this scenario? Should I be using $string = mysql_real_escape_string( $result_array['data'] ) in this case as well?Thanks!