escape special SQL chars in where clauses (patch 1204728)

git-svn-id: https://svn.wxwidgets.org/svn/wx/wxWidgets/trunk@42676 c3d73ce0-8a6f-49c7-b76d-6d57e0e08775

src/common/dbtable.cpp

@@ -1308,7 +1308,7 @@ void wxDbTable::BuildWhereClause(wxString &pWhereClause, int typeOfWhere,
                 case SQL_C_WCHAR:
 #endif
                 //case SQL_C_WXCHAR:  SQL_C_WXCHAR is covered by either SQL_C_CHAR or SQL_C_WCHAR
-                    colValue.Printf(wxT("'%s'"), (UCHAR FAR *) colDefs[colNumber].PtrDataObj);
+                    colValue.Printf(wxT("'%s'"), GetDb()->EscapeSqlChars((UCHAR FAR *)colDefs[colNumber].PtrDataObj).c_str());
                     break;
                 case SQL_C_SHORT:
                 case SQL_C_SSHORT: