Fix to the bug related to sql queries inside form fields with sigle quotes

workflow/engine/methods/dynaforms/fields_Save.php

@@ -74,6 +74,9 @@ if (($RBAC_Response=$RBAC->userCanAccess("PM_FACTORY"))!=1) return $RBAC_Respons
   define('DB_XMLDB_NAME','');
   define('DB_XMLDB_TYPE','myxml');
 
+  if (isset($_POST['form']['PME_XMLNODE_VALUE'])){
+    $_POST['form']['PME_XMLNODE_VALUE'] = str_replace("'", "\"" , $_POST['form']['PME_XMLNODE_VALUE']);
+  }
 
   if (file_exists( PATH_XMLFORM . 'dynaforms/fields/' . $type . '.xml')) {
     $form=new Form('dynaforms/fields/' . $type , PATH_XMLFORM);
@@ -201,4 +204,4 @@ if (($RBAC_Response=$RBAC->userCanAccess("PM_FACTORY"))!=1) return $RBAC_Respons
 	global $_DBArray;
   $_DBArray['fields']   = $aFields;
   $_SESSION['_DBArray'] = $_DBArray;
-?>
+?>