Hi Sneha Neil,
Are you using Java/JDBC? If you are then just use a PreparedStatement rather than a plain old Statement and all your worries go away!
Maybe I should give an example. Instead of the following (which will break):
Use the following:
The
JDBC driver knows that you're supplying a String parameter and takes care of any escaping required for you.
If you're not using Java, what technology are you using with Oracle?
Jules