Index: modules/dba/dba.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/dba/dba.module,v
retrieving revision 1.50
diff -u -p -r1.50 dba.module
--- modules/dba/dba.module	23 Jun 2007 18:40:30 -0000	1.50
+++ modules/dba/dba.module	23 Jun 2007 18:57:11 -0000
@@ -1398,10 +1398,26 @@ function dba_backup_table($table, $add_d
     $line = "INSERT INTO $table VALUES(";
     $i = 0;
     foreach ($row as $value) {
-      $value = addslashes($value);
-      $value = ereg_replace("\n","\\n",$value);
-      $line .= (isset($value)) ? "\"$value\"" : "\"\"";
-      $line .= (++$i < $num_fields) ? ',' : ");\n";
+      if (!empty($value) && ($fields[$i]->Type == 'longblob' || $fields[$i]->Type == 'blob')) {
+        $line .= '0x'. bin2hex($value);
+      }
+      else if (is_numeric($value)) {
+        $line .= (!empty($value) ? $value : 0);
+      }
+      else {
+        // Value escaping, based on phpMyAdmin dumps
+        // Escape backslashes first
+        $value = str_replace('\\', '\\\\', $value);
+        // Escape newlines and carriage returns
+        $value = str_replace("\n", "\\n", $value);
+        $value = str_replace("\r", "\\r", $value);
+        // Escape single quotes
+        // This works in Oracle, PostGreSQL and MySQL for sure.
+        $value = str_replace("'", "''", $value);
+        
+        $line .= (!empty($value)) ? '\''. $value .'\'' : "''";
+      }
+      $line .= (++$i < $num_fields) ? ', ' : ");\n";
     }
     $output .= $line;
     if ($verbose) {