Data retrieval problem with qu and jQuery

I'm building a form that has a look-ahead input box (using jQuery UI). The input chosen (in this case, bands) is sent to the database via Ajax, then displayed below the input box in either a Plaintiff, Defendant, or Other bin.

For 90% of the cases, it works just fine, asynchronously glorious. The issue arises when a band happens to have quotes or an apostrophe in it. I'm escaping the characters with mysql_real_escape_string in my PHP form handler, but the problem appears to be originating when the data is Ajax'd over.

description=Watts, Michael "5000" becomes description=Watts%2C+Michael+%225000%22.

Here's my jQuery code (nothing fancy, just the serialization) and my PHP code. Note that it works just fine if I manually enter description=Watts, Michael "5000" into my PHP file (as in, it can grab the data that it otherwise cannot).

jQuery code:

$('#party_add').live('click', function(){
//grab the form
var thisform=$(this).parents('form');
//serialize the data
var toSend=thisform.serialize();
//add the caseID we stored in #caseId
var storedCaseId=$('#caseId').text();
toSend=toSend+'&caseId='+storedCaseId;
$.ajax({
    type    : "POST",
    url     : 'cases_form_handl开发者_如何学编程er.php',
    data    : toSend,
    dataType:'json',
    success : function(data){
        alert(toSend);
        //conjure the relevant parties into their respective places in the table below with some sexy json action
        $('.party').empty();
           for(var x=0; x < data.length; x++){
               if(data[x].partyType==1){
                   $('.party:first').append('<span class=party_addition id='+data[x].partyId+'>'+data[x].description+'</span><br/>');
               }else{
                   //if defendant, put them in the defendant box
                   if(data[x].partyType==2){
                       $('.party:first').next('.party').append('<span class=party_addition id='+data[x].partyId+'>'+data[x].description+'</span><br/>');
                   }else{
                       //if other, put them in the other box
                       if(data[x].partyType==3){
                           $('.party:first').next('.party').next('.party').append('<span class=party_addition id='+data[x].partyId+'>'+data[x].description+'</span><br/>');
                       }
                   }
               }
           }
       }
   });

PHP code and failing SQL call:

    $description=mysql_real_escape_string($_POST['description']);
    $sql="SELECT id FROM varParties WHERE description='$description'";
    $result=mysql_query($sql);

    while($row=mysql_fetch_assoc($result)){
        $partyId=$row['id'];
    }

UPDATE:

Here's the json portion of my php

$sql = "SELECT varParties.*,relCasesParties.partyType,relCasesParties.active FROM varParties INNER JOIN relCasesParties ON relCasesParties.partyId = varParties.id WHERE relCasesParties.caseId = '$caseId' AND relCasesParties.active='1'";
        //build array of results
        $query=mysql_query($sql);
         for ($x = 0, $numrows = mysql_num_rows($query); $x < $numrows; $x++) {  
                $row = mysql_fetch_assoc($query);  
                $parties[$x] = array('description'=>$row['description'],'partyId'=>$row['id'],'partyType'=>$row['partyType']);  
        }  
            //send it back
           echo json_encode($parties);

Where would I use htmlentities?

Use

$description=mysql_real_escape_string(urldecode($_POST['description']));

Now, when it's visible, that you are trying to output JSON string, the answer is different.

for the loop use:

for ($x = 0, $numrows = mysql_num_rows($query); $x < $numrows; $x++) {  
                $row = mysql_fetch_assoc($query);  
                $parties[$x] = array('description'=>addcslashes($row['description'],'"'),'partyId'=>$row['id'],'partyType'=>$row['partyType']);  
        }