If you use stored procedures, you dont need a lot of the quote and
other escaping you need to do otherwise. That being said, the only
"quote" issue you have (no pun intended) is with single quotes. In
this case, double the single quotes. A common way of doing this is
with the Replace method ...
sql = replace(str, "'", "''")
That's a single quote surrounded by double quotes as the 2nd parameter
and two single quotes surrounded by double quotes as the 3rd
parameter.
On Tue, 25 May 2004 02:56:08 +0200, "Stefan Richter"
<sp**@spammenot.com> wrote:
How do I encode double quotes and quotes and in a string in VB.NET?
It also has to be save for MS SQL Server...
Stefan