ServerProvider.escapeString
string escapeString(gda.connection.Connection cnc, string str)Escapes str for use within an SQL command (to avoid SQL injection attacks). Note that the returned value still needs to be enclosed in single quotes before being used in an SQL statement.
Parameters
cnc | a #GdaConnection object, or null |
str | a string to escape |
Returns
a new string suitable to use in SQL statements