Same for SQL statements, single quotes in a query string should generate a warning to just use prepared statements instead :-)