hi
i am using MS Access as my database in c#.
to insert a row in a table i write queries like:
string.Format(“INSERT INTO TABLE VALUES( ‘{0}’, ‘{1}’)”, value1, value2);
suppose value1 = apple which is obtained from a textbox.
while executing the query it works well.
but if the content of the text box is appl’e then there occurs an error because of the ’ character.
also if i use “{0}” instead of ‘{0}’ and if the content of text box is app"le then again a syntax error occurs while executing the SQL query.
how can i escape those characters so that they get inserted into the database.
