Some one built a terrible database and it's now up to me to put the data they captured in a new database that's been designed.
I am querying a table and pulling out its text and sending that text into the new database via a query:
Problem is... that if the text I'm grabbing contains a single quote, the SQL or whatever things that's the end of the string. How can I change my code that no special characters ruins my query???
For Each record In listOfRecords
queryStr = "SELECT * FROM t_user_ldr WHERE recnum=" & record
cmd = New OleDbCommand(queryStr, con)
Using reader As OleDbDataReader = cmd.ExecuteReader()
recnum = reader.GetValue(0)
qryStart = "INSERT INTO tbl_user_ldr_responses VALUES(" & recnum & ", "
Dim i As Integer = 4
Dim j As Integer = 11
For i = 4 To 42
insert(qryStart & i & ", '" & reader.GetValue(j) & "', '" & reader.GetValue(j + 1) & "')")
j = j + 2