SQL from VB app question...

Ok I'm creating a sql query with a string variable and executing it in vb.

The string would look something like:

Insert Into Table (vara,varb,varc) Values ('vara','varb','varc')

This works fine.

But I have an instance where one of the values passed has a ''' character in it like so:

Insert Into Table (vara,varb,varc) Values ('la'vara','varb','varc')

Which messes everything up. I was thinking about using the controlchars but wouldn't the ending string be the same and still mess up?

How can I get around this? Sorry if the question is silly, I've just never had this problem.

Thanks,

Justin

From db faq/tutorial: Why should I use parameters?

Answer: Your problem is exactly why.

-tg

Sweet! I'll just change my existing DatabaseOps class to have the Base Execute functions use parameters instead of just a single string variable : ).

Thanks for the link.