A popular way to escape quotes in SQL strings is to prepend a backslash:
SELECT * FROM a WHERE b = 'John\'s dog'
SELECT * FROM a WHERE b= "Gimme a \"quote\", man"
But this is actually:
- Non-standard, non-portable
- Only working with some database servers like MySQL and PostgreSQL
- But it isn’t even supported by default any more by recent PostgreSQL versions, and it might become deprecated by MySQL as well
The standard, portable, reliable way of inserting quotes in SQL strings is to write them twice:
SELECT * FROM a WHERE b = 'John''s dog'
SELECT * FROM a WHERE b = "Gimme a ""quote"", man"
And yes, it works with your current database server, even MySQL.