I have a bunch of hql statements that my site uses. Often these queries are made from input on the web page. For something like a description field it is not unusual to have an apostrophe (') in the query. SQL does not like this one bit, and yells at me for it every time.
Any suggestions on how I would go about putting an escape character in for an ' every time it appeared in the query?
(with out putting an if statement on each hql statement )