Inserting a value containing ' into a db
Further to my previous question about passing a querystring containing &, I have done further testing and am now having a problem inserting a record into my db when a field contains the apostrophe (').
I have tried using Server.HTMLEncode, but it doesn't encode the '.
Here's the code :
strSQL = "INSERT INTO tblBookCdDvd_Item (Item, [LastPost]) VALUES ('" & Server.HTMLEncode(strItem) & " ', '" & Now() & "')"
And here's the error :
Syntax error in query expression ''' & < > ? ', '11/10/2004 12:37:46 PM')'.
I'm passing ' & < > ? in the Item field... (Ok, I'm really trying to break it - but if I don't, someone else will. Then I'll have people yelling at me.)