If possible don't sanitize your strings. Use parameterized queries instead, as they handle all sanitization.
For MS-SQL
//Convert single quotes to two single quotes
TagDescription = TagDescription->Replace("'", "''");
For MySQL
//Convert single quotes to two single quotes
TagDescription = TagDescription->Replace("'", "\'");
Feel free to comment if you can add help to this page or point out issues and solutions you have found. I do not provide support on this site, if you need help with a problem head over to stack overflow.