As far as I can tell, you dont, you use prepared statements and
placeholders.
Regards
Alan
James Grant wrote:
I know this probably isnt the right place to ask, but I figured someone here
might know (and google seems useless in this case) -- how do you escape a
string in C# for use in an SQL query? in php/mysql I would do
mysql_escape_string("string with ' or ` in it")
all i'm doing is a simple SQL SELECT based on the input of a text box, but the
text box must handle all input (apostrophe's, quotes, etc) -- here's what
Npgsql is saying when I enter "apo'strophe" in the textbox.
Npgsql.NpgsqlException:
syntax error at or near "strophe"
Severity: ERROR
Code: 42601
in <0x00061> Npgsql.NpgsqlConnection:CheckErrors ()
Thanks,
James
_______________________________________________
Mono-list maillist - [email protected]
http://lists.ximian.com/mailman/listinfo/mono-list
