Escaping single quotes for SQL
/** * Escape the single-quote character for SQL statements. Same optimization * comment as above. */ public static String sqlArmor(String s) { StringBuffer result = new StringBuffer(); int max = s.length(); char c; for (int i=0; i<max; i++) { c = s.charAt(i); result.append(c); if (c == '\'') result.append(c); } return result.toString(); }