Как экранировать кавычку '

int search_year = Convert.ToInt32(numericUpDown_yer_search.Value);
 
            string search_name = textBox_serach_name.Text; 
 
            var countStatementBuilder = new CountStatementBuilder();
            //countStatementBuilder.CommandText(@"SELECT COUNT(*) FROM people WHERE name LIKE '%" + search_name+"%' AND year = " + search_year);
            countStatementBuilder.CommandText(@"SELECT COUNT(*) FROM people WHERE name LIKE '%Д'а%' AND year = 2018");
            // This statement will be used to query the actually data of the table.
            // There are 3 placeholders: {0} - table name, {1} - max records, {2} - page offset.
            // The libary will pass corresponding data to these placeholders on demand.
            var rowsStatementBuilder = new RowsStatementBuilder();
            //rowsStatementBuilder.CommandText(@"SELECT id, name, date, home FROM people WHERE name LIKE '%" + search_name + "%' AND year = "+ search_year +" ORDER BY id DESC LIMIT {1} OFFSET {2}");
            rowsStatementBuilder.CommandText(@"SELECT id, name, date, home FROM people WHERE name LIKE '%Д'а%' AND year = 2018 ORDER BY id DESC LIMIT {1} OFFSET {2}");
 
            dataGridViewPaging1.DbRequestHandler = new DbRequestHandler
            {
                Connection = new SQLiteConnection(CFolder.Connect_DB),
                CountStatementBuilder = countStatementBuilder,
                RowsStatementBuilder = rowsStatementBuilder
            };

rowsStatementBuilder.CommandText(@"SELECT id, name, date, home FROM people WHERE name LIKE '%Д'а%' AND year = 2018 ORDER BY id DESC LIMIT {1} OFFSET {2}");

public static string SQLLikeString(string s)
        {
            System.Text.StringBuilder sb = new System.Text.StringBuilder(s);
            sb.Replace("'", "''");
            sb.Replace("[", "[[]");
            sb.Replace("%", "[%]");
            sb.Replace("_", "[_]");
            return sb.ToString(); ;
        }

 string search_name = SQLLikeString(textBox_serach_name.Text);

 var cmd = new SqlCommand("select id from users where nickname like @nickname", con);
 cmd.Parameters.AddWithValue("nickname", "%подстрока%");

 string sql = "@SELECT id, name, date, home FROM people WHERE name LIKE = name AND year = @year";
 
            SQLiteCommand command = new SQLiteCommand(sql, connection);
 
            //name
            command.Parameters.AddWithValue("name", "%"+search_name+"%");
 
            command.Parameters.AddWithValue("year", "%" + search_year + "%");

string sql = "@SELECT id, name, date, home FROM people WHERE name LIKE  @name AND year = @year";