diff -r 5a6b6e770365 -r 68c69c656a2c web/lib/Zend/Db/Adapter/Sqlsrv.php
--- a/web/lib/Zend/Db/Adapter/Sqlsrv.php	Thu May 07 15:10:09 2015 +0200
+++ b/web/lib/Zend/Db/Adapter/Sqlsrv.php	Thu May 07 15:16:02 2015 +0200
@@ -15,9 +15,9 @@
  * @category   Zend
  * @package    Zend_Db
  * @subpackage Adapter
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
- * @version    $Id: Sqlsrv.php 25077 2012-11-06 20:06:24Z rob $
+ * @version    $Id$
  */
 
 /**
@@ -34,7 +34,7 @@
  * @category   Zend
  * @package    Zend_Db
  * @subpackage Adapter
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 class Zend_Db_Adapter_Sqlsrv extends Zend_Db_Adapter_Abstract
@@ -314,6 +314,7 @@
             return sprintf('%F', $value);
         }
 
+        $value = addcslashes($value, "\000\032");
         return "'" . str_replace("'", "''", $value) . "'";
     }