Firstly you really should be using a parameterized query as suggested by 'Patrice T and 'Maciej Los' to protect your database from SQL Injection.
If you had used a parameterized parameterized query you would not have to worry about balancing the single and double quotes especially when you get really large insert statements.
Your SQL statement is missing a few single quotes which is causing the problem.
However if you still want to use a string query the statement below should work.
string sqlInsert = "INSERT INTO " + tableName;
sqlInsert += " VALUES('" + username + "','" + id + "','" + firstname + "','" + Iage + "','" + prefix + "','" + telephone + "')";
I tested this and it does insert a record into the DB.