public static String sqlEscape(String aString) {
  if (aString == null) return "";
  if (aString.indexOf("'") == -1) {
    return aString;
  }
  StringBuffer aBuffer = new StringBuffer(aString);
  int insertOffset = 0;
  for (int i = 0; i < aString.length(); i++) {
    if (aString.charAt(i) == '\'') {
      aBuffer.insert(i + insertOffset++, "'");
    }
  }
  return aBuffer.toString();
}