This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
Amir, If you are using JDBC, you could use a prepared statement. If you are using raw SQL directly to Oracle, you need to use an escape character. This tells Oracle to use a special character (backslashes are common) to give the single quote special meaning.