Basically Tim you need to replace all single quotes(') with two single quotes('').Not double quotes but two singles
strField = replace(strField,"'","''")
This is also important for security so you need to do it with every text field input in your DB from ASP forms.
I also do a replace on "--" with "" to help stop people messing with your db.
I do this in one function
safeTextField = replace(replace(strIn,"'","''"),"--","")
See Ken Schaefers' web site www.openstatic.com.au
for some info into this kind security.