SQL中转义字符串的标准函数

I'm writing a program in .NET2.0 and I need to escape the inputs before using them. Unfortunately the standard parameter method system does not fully work in the system I'm using. Using the ODBCCommand class I cannot place a ? parameter in the select part of the statement (which is required for the little bit of trickiness I'm doing) without getting an error, so I need to manually escape strings that may or may not contain a single quote ('). Any suggestions?I'm writing a program in .NET2.0 and I need to