Escape double quotes in SQL 2005/2008

Question

I have an international company that has recently been added, which is named \"BLA \"BLAHBLAH\" Ltd. (The double quotes are part of the name. )

Whenever a user tries

Answer 1

Use a parameterized query and all your quoting woes will be gone.

Edit: If you're not letting them enter more than one word in the CONTAINS, sanitize the parameter by removing the quotes. Sanitizing the input by removing the quotes may work anyhow, regardless of the multi-word search.