How to escape symbols in SQL query?

In PHP-script i need to update title, content fields. If I put "@" into content I get error "Description: Incorrect syntax near '@'." I fixed with symbols ' ". Is there any solution for escaping or framework for DB layer?

I'm forced to use f**ng MS SQL :(

Code:

$conn = new COM ("ADODB.Connection")
$db_conn = $conn->open('bla-bla-passwo开发者_高级运维rd...');
$query = sprintf( "UPDATE page SET title='%s', page_content='%s' WHERE id=%d;", addslashes($title), addslashes($content), intval($id));
$rs = $db_conn->execute($query);

Use PDO prepared statements to escape special characters … not sprintf or addslashes.