Lum,
You actually shouldn't be doing it at all. When you have strings that
you need to embed in your sql statements, create a parameterized query, and
then pass the string to the parameter object itself. The provider will be
responsible for handling the correct quoting for you.
It also adds security to your system overall (you won't be subject to
SQL injection attacks).
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
-
mv*@spam.guard.caspershouse.com
"Luminal" <luminal_NOSPAM@hotpop_NOSPAM.com> wrote in message
news:O0**************@TK2MSFTNGP09.phx.gbl...
greetings
i'm developing an C# application using Access as database and I'm having
problems inserting data containing the ' char and the " char. What is the
best practice to insert this chars on database?
TIA
Lum