I would strongly suggest that you use prepared statement and then execute it using the variable:
$stmt = $dbh->prepare("SELECT * FROM directory WHERE department IN (SELECT id FROM departments WHERE name=?) ORDER BY Lastname");
if ($stmt->execute(array("Women's Softball coach"))) {
while ($row = $stmt->fetch()) {
print_r($row);
}
}
See PHP documentation on prepared statement for more info.
In your specific case, you'd have something like this:
$stmt = $dbh->prepare("SELECT * FROM directory WHERE department IN (SELECT id FROM departments WHERE name=?) ORDER BY Lastname");
for ($i=0; $i<mssql_num_rows($result); $i++) {
if ($stmt->execute(array($result))) {
$info = $stmt->fetch();
...
}