Hi Mike,
RC is using prepared statements. Even so, just quoting the character might not be the total answer because ticket: 1463946 claims that if this single quote were stored, it would cause problems down the line. So there is still a question of escaping, storing and fixing later problems or rejecting in the first place.
Cheers, Ziba
Michael Baierl wrote:
If you need to convert single quotes it means you don't use your DB
properly. Just use prepared statements only and this problem won't
exist any longer!lg, Mike
List info: http://lists.roundcube.net/dev/