Assuming you are using dynamic sql (not recommended), use Replace() to
double up the single quote character. Characters are "escaped" by doubling
them up. The escaped characters are automatically converted into the single
literal character when the string is processed.
This whole issue can be avoided (along with preventing SQL Injection) y
passing data via parameters.
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.