I'm still somewhat new to Java and trying to insert data into a database. I'm getting an error when inserting a string containing 's so my end result would be to escape the apostrophe. How can I accomplish?
That's dependent on the database you are using. Usually '' works (I only have firsthand knowledge with SQL Server).
What database are you using?
Depends on the database, but you can use '' in SqlServer.
EDIT: In MySql you can use a double apostrophe or backslash: http://www.faqts.com/knowledge_base/view.phtml/aid/630
Use prepared statements. As well as handling any special characters, they are much more robust and help prevent sql injection attacks.
The issue really isn't with Java, rather with the underlying database. Most likely you are stringing your parameters together like this:
String sql = "select * from sometable where somefield = " + someObject.getSomeField();
Don't do that. Use PreparedStatement's instead.
That has the added advantage of preventing SQL injection attacks, if this is an application that has to be concerned about such things.
I assume you are using a java.sql.Statement, and calling the executeQuery method with a String. That's bad, because it's possible to do SQL injection. You should use a java.sql.PreparedStatement instead, and then you can set any String that you want as a parameter, and you won't have your problem.
For example:
PreparedStatement pstmt = con.prepareStatement("UPDATE MY_TABLE SET TEXT_FIELD = ?");
pstmt.setString(1, "any String 'will work here!");
Using StringEscapeUtils:
StringEscapeUtils.escapeSql(yourstring);