Jira issue originally created by user ogmueller:
$test = "foo ' bar";
$quoted = $conn->quote( $test );
RESULT: 'foo ' bar'
EXPECTED: 'foo \' bar'
Comment created by @guilhermeblanco:
Fixed in 82cc921
Issue was closed with resolution "Fixed"
Comment created by @beberlei:
Backported to 2.0.9
Fix was modified to use the Zend Framework code for quoting OCI input: 97638ed
This code is now in DBAL 2.1.4 and 2.0.9 and i have added some tests to very some simple SQL Injection vectors don't work on any supported platform.