Ok I'm creating a sql query with a string variable and executing it in vb.

The string would look something like:

Insert Into Table (vara,varb,varc) Values ('vara','varb','varc')

This works fine.

But I have an instance where one of the values passed has a ''' character in it like so:

Insert Into Table (vara,varb,varc) Values ('la'vara','varb','varc')

Which messes everything up. I was thinking about using the controlchars but wouldn't the ending string be the same and still mess up?

How can I get around this? Sorry if the question is silly, I've just never had this problem.

Thanks,

Justin