After much playing around and problems I finally figured how to add safe parameters into an odbc command. Here is a sample….
OdbcCommand postcomment = new OdbcCommand(“insert into comments values (‘”+newguid+”‘,'”+itemid+”‘,?)”, temp);
Here the ? represents the first and only parameter to be passed into the command using..
If you were to include > 1 ? symbols, the parameters must be added in the order they appear in your original command.