Index: branches/5.2.x/core/kernel/utility/formatters/left_formatter.php
===================================================================
diff -u -N -r14244 -r14585
--- branches/5.2.x/core/kernel/utility/formatters/left_formatter.php	(.../left_formatter.php)	(revision 14244)
+++ branches/5.2.x/core/kernel/utility/formatters/left_formatter.php	(.../left_formatter.php)	(revision 14585)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: left_formatter.php 14244 2011-03-16 20:53:41Z alex $
+* @version	$Id: left_formatter.php 14585 2011-09-24 12:04:17Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -32,7 +32,7 @@
 		if( !isset($options['options'][$value]) )
 		{
 			// required option is not defined in config => query for it
-			$sql = sprintf($options['left_sql'],$options['left_title_field'],$options['left_key_field'],$value);
+			$sql = sprintf($options['left_sql'],$options['left_title_field'],$options['left_key_field'], $db->escape($value));
 			$options['options'][$value] = $this->Conn->GetOne($sql);
 			if ($options['options'][$value] === false) return $value;
 		}
@@ -59,7 +59,7 @@
 		}
 
 		// requested option is not found in field options -> query for it
-		$sql = sprintf($options['left_sql'], $options['left_key_field'], $options['left_title_field'], $value);
+		$sql = sprintf($options['left_sql'], $options['left_key_field'], $options['left_title_field'], $db->escape($value));
 		$found = $this->Conn->GetOne($sql);
 		if ($found !== false) {
 			// option successfully retrieved from db -> cache it