Swiched to escape() rather then escape_str(), as per bug report #4680
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php
index cd61633..e7920d0 100644
--- a/system/database/DB_active_rec.php
+++ b/system/database/DB_active_rec.php
@@ -701,7 +701,7 @@
$prefix = (count($this->ar_like) == 0) ? '' : $type;
- $v = $this->escape_str($v);
+ $v = $this->escape($v);
if ($side == 'before')
{
@@ -851,7 +851,7 @@
if ($v != '')
{
- $v = ' '.$this->escape_str($v);
+ $v = ' '.$this->escape($v);
}
$this->ar_having[] = $prefix.$k.$v;