I'm trying to execute a query using pyodbc with this kind of code

cursor.execute("SELECT x from y where Name='%s'"%namepar)

The parameter may have a quote and so it needs to be escaped in order to work, how do i do thos? I tried by simply replacing " ' " with " \\' " in namepar and it still doesn't work, I get a pyodbc.ProgrammingError

You can pass parameters, and that will be escaped.

cursor.execute("SELECT x from y where Name = ?", (namepar,))

http://www.python.org/dev/peps/pep-0249/#id15

http://code.google.com/p/pyodbc/wiki/Cursor