"connection" needs to be protected - causes sql errors

Yes, and this has to be extended to code like this:

$sql = 'SELECT MIN(' . tw_quote_column($colname) . ') FROM `{' . $tablename . '}`';

It can happen that the $tablename is also a reserved word. For example, I ran into:

SELECT MIN(blah) FROM grant;

Rerolled and added backticks for issue in #2. Agree that this is a critical issue.

It's just too gross to call tw_quote_column() on all those queries... I'm going to rename the field (say, to dbconnection), the code will be much cleaner.

OK, I've committed fixes:

• connection renamed to dbconnection
• tw_quote_column() renamed to tw_quote_identifier()
• tw_quote_identifier() applied to table names

Thanks!

Here's another place.

Committed, thanks!