Mika, you're right, so here's my solution:
before I solved it, I used a class for SQL inserts and updates. I passed 2 args to that class: a string with the values separating them with letter ß, and the name of the database, something like this: TableData.WriteID(columnString, db)
the columnString had this kind of string: "data1ßdata2ßdata3"
then the class splitted the incoming string (Split('ß')) into a string array and then I inserted/updated the sql (using NameValueCollection). This was not working. I got the sample from
Mohammed Hadi. It's a really cool stuff.
Then I got back to the reeeeeal old school version:
string sql = "INSERT INTO Table (ID,username,comment,date) VALUES (@id,@username,@comment,@date)";
SqlCommand cmd = new SqlCommand(sql, myConnection);
cmd.Parameters.Add("@id", id.Text);
cmd.Parameters.Add("@username", username.Text);
cmd.Parameters.Add("@comment", comment.Text);
cmd.Parameters.Add("@date", date.Text);
cmd.ExecuteNonQuery();
And this one's working!