It sounds like you are injecting the submitted data directly in to the database. This is very bad!!
Not only will you find issues with apostrophes like you have now but you would be completely open to SQL Injection attacks against the database which could be used to view sensitive data or even drop whole tables.
You should sanitise the submitted data before it is used. If you are using SQL Server or Access you need to escape apostrophes by replacing single apostrophes with two of them (eg '').
It is also worth looking up SQL Injections in Bing or Google so that you know how to also protect against this type of attack.