I am doing an insert into a database where one of the columns that I am trying to escape are single quotes that a user might type. For example, it's
,
I am using the codeigniter framework and did the following to escape my column:
$test=$this->db->escape($test);
But I get an SQL-Server error when I submit. For example if I type it's
, its trying to do this
INSERT INTO table (test) VALUES(''it''s'')
When it should be
INSERT INTO table (test) VALUES('it''s')
Why is it inserting extra single quotes?