How to handle quotes in a form

To edit data in a database, I first read it and use it to populate a form like this:

This will work, as long as $description does not contain double quotes.

I can also do
<input type='<?=$description?>'>

as long as $description does not contain apostrophes.

But what happens if $description does contain both apostrophes and double quotes?

If I do this:
<input type=<?=$description?>>, i.e. no quotes, my experience is that a form will not submit anything after the first space.

In other words, if I had <input type=new york, a city that never sleeps>

The form would only submit (the).

So what is the solution to this problem?

addslashes()

Search php.net for it, you'll get a better overview.

But html doesn't understand escaped characters.

So, how do I display the following in a form:

Paul's "purple" shirt

This doesn't work:

This should help.

or htmlentities(). It does more than htmlspecialchars(), but may be overkill for what you need.