Should properly escape single quotes in String values.
Some methods are inherently unsafe and this has been documented. The rule of thumb is: USe SQL binding instead of dynamically created SQL statements.
Authored by: keess 2014-11-12
Parent: [r2612]
Child: [r2614]
