Index: trunk/kernel/include/emailmessage.php
===================================================================
diff -u -r1384 -r2899
--- trunk/kernel/include/emailmessage.php	(.../emailmessage.php)	(revision 1384)
+++ trunk/kernel/include/emailmessage.php	(.../emailmessage.php)	(revision 2899)
@@ -895,7 +895,7 @@
 			$sendTo = $ToAddr;
 		}
         $sendTo=addslashes($sendTo);
-	    $sql = "INSERT INTO ".GetTablePrefix()."EmailLog VALUES ('', '$FromName', '$sendTo', '".str_replace("Subject:", "", $Subject)."', $time, '$SendEvent')";
+	    $sql = "INSERT INTO ".GetTablePrefix()."EmailLog VALUES ('', ".$conn->qstr($FromName).", ".$conn->qstr($sendTo).", ".$conn->qstr( str_replace("Subject:", "", $Subject) ).", $time, '$SendEvent')";
 	    $conn->Execute($sql); 		
         
 		if($HasFile)