function db_escape($value = "", $nullify = false)
{
+ $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding);
$value = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding);
//reset default if second parameter is skipped