Index: branches/5.1.x/core/kernel/utility/formatters/left_formatter.php
===================================================================
diff -u -N -r14241 -r14322
--- branches/5.1.x/core/kernel/utility/formatters/left_formatter.php	(.../left_formatter.php)	(revision 14241)
+++ branches/5.1.x/core/kernel/utility/formatters/left_formatter.php	(.../left_formatter.php)	(revision 14322)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: left_formatter.php 14241 2011-03-16 20:24:35Z alex $
+* @version	$Id: left_formatter.php 14322 2011-05-20 08:01:44Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -33,7 +33,7 @@
 		{
 			// required option is not defined in config => query for it
 			$db =& $this->Application->GetADODBConnection();
-			$sql = sprintf($options['left_sql'],$options['left_title_field'],$options['left_key_field'],$value);
+			$sql = sprintf($options['left_sql'],$options['left_title_field'],$options['left_key_field'], $db->escape($value));
 			$options['options'][$value] = $db->GetOne($sql);
 			if ($options['options'][$value] === false) return $value;
 		}
@@ -61,7 +61,7 @@
 
 		// requested option is not found in field options -> query for it
 		$db =& $this->Application->GetADODBConnection();
-		$sql = sprintf($options['left_sql'], $options['left_key_field'], $options['left_title_field'], $value);
+		$sql = sprintf($options['left_sql'], $options['left_key_field'], $options['left_title_field'], $db->escape($value));
 		$found = $db->GetOne($sql);
 		if ($found !== false) {
 			// option successfully retrieved from db -> cache it