vb.net escape reserved keywords in sql statement

Question

I\'m trying to execute an sql statement in vb.net to an Access database, I am escaping the reserverd word using square brackets []. This has worked in all my SELECT

Answer 1

Always use parameters. What you're doing is very dangerous and leaves the door open to SQL injection.

Then you won't have to worry about escaping the values you're inserting into the database.