--- parser3/src/classes/table.C	2009/06/20 01:55:01	1.259
+++ parser3/src/classes/table.C	2009/07/06 12:13:30	1.261
@@ -5,7 +5,7 @@
 	Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru)
 */
 
-static const char * const IDENT_TABLE_C="$Date: 2009/06/20 01:55:01 $";
+static const char * const IDENT_TABLE_C="$Date: 2009/07/06 12:13:30 $";
 
 #if (!defined(NO_STRINGSTREAM) && !defined(FREEBSD4))
 #include <sstream>
@@ -1094,7 +1094,7 @@ static void marshal_bind(
 {
 	SQL_Driver::Placeholder& ph=**pptr;
 	ph.name=aname.cstr();
-	ph.value=avalue->as_string().cstr(String::L_UNSPECIFIED);
+	ph.value=avalue->as_string().untaint_cstr(String::L_AS_IS);
 	ph.is_null=avalue->get_class()==void_class;
 	ph.were_updated=false;
 
@@ -1164,8 +1164,8 @@ static void _sql(Request& r, MethodParam
 
 	Temp_lang temp_lang(r, String::L_SQL);
 	const String&  statement_string=r.process_to_string(statement);
-	const char* statement_cstr=
-		statement_string.cstr(String::L_UNSPECIFIED, r.connection());
+	const char* statement_cstr=statement_string.untaint_cstr(String::L_AS_IS, r.connection());
+
 	Table_sql_event_handlers handlers;
 #ifdef RESOURCES_DEBUG
 	struct timeval mt[2];