From 891bd0576d342a1b560672e905f42daa5da12d5d Mon Sep 17 00:00:00 2001
From: shennetsind <ind@henn.et>
Date: Sat, 8 Feb 2014 19:16:13 -0200
Subject: [PATCH] Fixed vending title escaping

Thanks to Haruna

Signed-off-by: shennetsind <ind@henn.et>
---
 src/map/pc.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/map/pc.c b/src/map/pc.c
index 8768c83c617..38466dc01cd 100644
--- a/src/map/pc.c
+++ b/src/map/pc.c
@@ -10391,15 +10391,20 @@ void pc_autotrade_update(struct map_session_data *sd, enum e_pc_autotrade_update
 			if (SQL_ERROR == SQL->Query(map->mysql_handle, "DELETE FROM `%s` WHERE `char_id` = '%d' LIMIT 1",map->autotrade_merchants_db,sd->status.char_id))
 				Sql_ShowDebug(map->mysql_handle);
 			break;
-		case PAUC_START:
+		case PAUC_START: {
+			char title[MESSAGE_SIZE*2+1];
+			
+			SQL->EscapeStringLen(map->mysql_handle, title, sd->message, strnlen(sd->message, MESSAGE_SIZE));
+
 			if (SQL_ERROR == SQL->Query(map->mysql_handle, "INSERT INTO `%s` (`account_id`,`char_id`,`sex`,`title`) VALUES ('%d','%d','%d','%s')",
 										map->autotrade_merchants_db,
 										sd->status.account_id,
 										sd->status.char_id,
 										sd->status.sex,
-										sd->message
+										title
 										))
 				Sql_ShowDebug(map->mysql_handle);
+		}
 			/* yes we want it to fall */
 		case PAUC_REFRESH:
 			for( i = 0; i < sd->vend_num; i++ ) {