Taleb,
I use this frequently. The function Checkstring looks for the ' and replaces it with '', thus allowing users to type as they normally do and keep the data intact. The 2nd part of this code is where I call the function Checkstring when I write a form field's contents to a database.
<%
Function CheckText(checkstring)
If instr(checkstring,"'") > 0 then
checkstring = replace(checkstring,"'","''")
end if
CheckText = checkstring
End Function %>
.... and then call the function like this...
Sql = Sql & ", '" & CheckText(Request.Form("outagetime")) & "'"
Hope this helps.
