Escaping values in SQL queries (C# with SQL connector)

Question

I know I can use the parameters, but what is the right way to escape string sequences? The query could be like this:

\"INSERT INTO records (ReferenceID,Name,         


        

Answer 1

use commnd parameters instead. It takes care of escaping itself. It's the solution also against sql injections.