I'm using VB6 against an sql server database.
I use a single quote to string together my sql statements and,as you can imagine, if a user enters a string with a single quote in it, the statement bombs in sql server.
Here's the completed string:
update Programs set agencycode = 'INSUR', programcode = 'XTS', description = 'Stock Workmen's Compensation Security Fund', sequence = '5', lastactionuser = 'Trapatsos ', lastactiondate = getdate(), recordstatus = 'Active ' where id = 207
and the string chokes with:
"Incorrect syntax near 's'"
Does anyone have the best advice for stringing together sql statements with values that may contain single quotes?
Thanks in Advance