diff --git a/js/sql.js b/js/sql.js
index 96483e0e7..53d6a292d 100644
--- a/js/sql.js
+++ b/js/sql.js
@@ -619,7 +619,7 @@ $(document).ready(function() {
             if(value.length == 0) {
                 value = 'NULL'
             }
-           sql_query += ' ' + key + "='" + value + "' , ";
+           sql_query += ' ' + key + "='" + value.replace(/'/g, "''") + "' , ";
         })
         //Remove the last ',' appended in the above loop
         sql_query = sql_query.replace(/,\s$/, '');