Best way to get quoted text in mysql?

It took me a lot of trial and error to get text from an HTML form into MySQL to
account for quotation marks being entered. I came up with the following. It
works fine but I was wondering if this is the best way. Here are the relevant
snippets:

1) User enters data via post.html:

<form method="POST" action="post_confirm.php" name="form">
<textarea NAME="comments" ROWS=4 COLS=60 onkeyup="textLimit(comments,
800);"></TEXTAREA>
<input type="submit" name="Submit2" value="Submit" onClick="return
validate(form)">
</form>

2) User is presented with the confirmation form post_confirm.php:

Strips html tags, and displays without the slashes that PHP puts in:
<?php $comments=stripslashes(strip_tags($_POST['comments'])); ?> You can turn of the slashes that are put in, by using the ini_set with
magic_quotes_gpc. My suggestion is to turn it off.

Displays the user comments:
<?php echo $comments; ?>

If ok, user sends it to be posted:
<form method="POST" action="postnotice.php">
<input type="hidden" name="comments" value="<?php echo
htmlspecialchars($comments, ENT_QUOTES ); ?>">
</form>

3) Stuff is posted in MySQL via postnotice form:

<?php $comments=addslashes($_POST['comments']); ?>
Better way or OK?

You may get around the one stripslashes with my suggestion.

I tried your suggestion but there is problem: when I do a mysql_query, it bombs
with _single_ quotes in the user text.

Better way or OK?