Not so quick but really dirty. The mysql documentation contains list of symbols that must be quoted so the real solution is much easier.

The real solution? What is the real solution?

Had a fun time trying to get that snippet to come out right, this site's character conversions are wreaking havoc on my code. The &'s above should be actual ampersand characters.

Use the download link to ensure that the code you are using contains the correct characters. If you just copy and paste, you run into trouble with the word wrap and character escaping.

PHP has a built in function for this: mysql_real_escape_string(), and this is the recommended fuction from the manual.

Yeah, I know about the PHP funciton, this is VBScript. PHP has so many great functions that I always miss while I'm coding in VBScript.