Many many many sites and posts on how to avoid MySQL Injection.
But how to do it depends on what platform you are using: PHP/ASP/ASP.NET/JSP/other.
An optimist sees the glass as half full.
A pessimist sees the glass as half empty.
A realist drinks it no matter how much there is.