>>>Nick
>>
>>Before sending the string to the SQL Server replace all occurances of " ' " with " ` " (the character to the left of the "1" key.). To the user, they basically appear the same, but the SQL server will not throw an error. The " ' " character is a reserved character in SQL server.
>
>That's another good idea if we don't want to use parameters.
The embedded single quote problem has bitten me several times when converting databases to SQL Server.
Greg Reichert