Easiest way,
Line 7: strSQL = "SELECT * FROM data.csv WHERE column1 = '" + sDataValue.Replace("'", "''") + "'";
Proper way,
Use parameterised query.
Line 7: strSQL = "SELECT * FROM data.csv WHERE column1 = ?";
Line 8: OdbcCommand cmdSelect = new OdbcCommand(strSQL, CsvConn);
cmdSelect.Parameters.AddWithValue("@column1", sDataValue);
Line 9: cmdSelect.Connection = CsvConn;