-
Dries Buytaert authored
- Patch 13180 by chx: renamed check_query() to db_escape_string() and implemtented it properly per database backend. Read the manual for pg_escape_string: "Use of this function is recommended instead of addslashes()." Or read sqlite_escape_string: "addslashes() should NOT be used to quote your strings for SQLite queries; it will lead to strange results when retrieving your data."
fa978390