Hi, I know I can use the parameters, but what is the right way to escape string sequences? The query could be like this:
"INSERT INTO records (ReferenceID,Name,Note,Author) VALUES ('" + ID+ "','" + addlevel.textBox1.Text + "','"+addlevel.textBox2_note.Text+ "','"+Program.Username+"')";
I am ONLY curious, just want to know :)
EDIT: But what about that? "CREATE TABLE "+string" .... parameters cannot be used here!