>>Yes, but think of how many places it takes to apply this - literally every field out there which may contain an apostrophe. Do this
>>
cSqlInsert = "INSERT INTO EMAILSEND (FROM_NAME, FROM_EMAIL, TO_EMAIL) values " + ;
>> "(?lcSendName, ?lcSenderEmail, ?lcRecipientEmail)"
>>and Fox will handle the escaping, putting dates/datetimes, logicals and everything else into proper format. Just make sure the variables are in scope when the actual sqlexecute() happens.
>
>This is a good approach. But it would require quite a few/many changes in my code. Because, as you correctly said, the variable should be in scope.
>Thank you.
Changes are inevitable, as you find more and more places where a string value may contain an apostrophe... Once you start looking, you'll be amazed how many you'll find. So do this in the places you find - if you have to change, change to simpler. Makes life easier.