function db_escape($value = "", $nullify = false)
{
$value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding);
- $value = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding);
+ $value = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding=='iso-8859-2' ? 'ISO-8859-1' : $_SESSION['language']->encoding);
//reset default if second parameter is skipped
$nullify = ($nullify === null) ? (false) : ($nullify);