When entering a search string, using addslashes like below works. This would be useful in custom code. Phprunner takes care of this in it's generated code.
For example, if $t1 below is a search string of O (letter O, not zero), and the the pets name is O'brian, an error could happen without addslashes.
$t1 = $_POST['t1'];
// Maybe other code here as needed
$query = "SELECT petid, petname, species, sex, ownerid, petowner, ostreet, dogpic";
$query = $query . " FROM pets";
$query = $query . " WHERE petname Like '".addslashes("$t1%")."'";
$query = $query . " ORDER BY petname asc ";
Everyone needs to at least read the sections in the php manual on addslashes, stripslashes, and mysql_real_escape_string, and understand their usage if you plan on any custom coding. Also read about magic quotes and testing if they are on. These functions can be tricky to porperly use, so test your understanding on a little test database before using on a real production database.