Caught by the old 'SQL injection' trick
Opps, just got caught out by this, which reminded me of the above xkcd comic. Luckily this happended in testing, thanks to a Mr O'Connor in my data set. He will now be known as Mr O\'Connor. Anyone else with similarly dangerous characters lurking in their name will be mangled in the same manner.