03 Feb, 2009, Rojan QDel wrote in the 21st comment:
Oh, I thought it was only one… Now that I think of it, I'm not sure that the special character even needs to be escaped… I don't believe MySQL recognizes it as ending your statement. Unless it is an actual double or single quote " or ', and not a special quote character, it shouldn't be a risk.
I'm still a little confused as to why this is necessary in the first place. As Tyche and I have both pointed out, hex92 is not a single quote and so shouldn't be confusing MySQL. I'm not sure why it's confusing Joomla, unless Joomla itself is replacing hex92 with an actual single quote somewhere.
<- What he said!
If mysql_real_escape_string is not recognizing it as needing to be escaped, then it likely will not mess up MySQL or Joomla (unless Joomla is using a very strange char-set, which I don't believe it is by default.)
The difference between mysql_escape_string and mysql_real_escape_string, is that the latter takes into consideration the character set of the connection (to correctly handle/escape utf-8 sequences, for example.) With this as a clue, check the character sets of your codebases/connections. That may be the problem.