commit 46d9c5130030ac6c61f5097f1fffb7baccb3f087
Author: Daniel Black <daniel.black@openquery.com.au>
Date:   Sat Apr 5 23:12:21 2014 +0000

    Issue #2232425 by danblack: fix quoting of DEFAULT values in databases

diff --git a/core/lib/Drupal/Core/Database/Driver/mysql/Schema.php b/core/lib/Drupal/Core/Database/Driver/mysql/Schema.php
index e6940dc..e033bd5 100644
--- a/core/lib/Drupal/Core/Database/Driver/mysql/Schema.php
+++ b/core/lib/Drupal/Core/Database/Driver/mysql/Schema.php
@@ -169,7 +169,7 @@ protected function createFieldSql($name, $spec) {
     // $spec['default'] can be NULL, so we explicitly check for the key here.
     if (array_key_exists('default', $spec)) {
       if (is_string($spec['default'])) {
-        $spec['default'] = "'" . $spec['default'] . "'";
+        $spec['default'] = $this->connection->quote($spec['default']);
       }
       elseif (!isset($spec['default'])) {
         $spec['default'] = 'NULL';
@@ -406,7 +406,7 @@ public function fieldSetNoDefault($table, $field) {
   public function indexExists($table, $name) {
     // Returns one row for each column in the index. Result is string or FALSE.
     // Details at http://dev.mysql.com/doc/refman/5.0/en/show-index.html
-    $row = $this->connection->query('SHOW INDEX FROM {' . $table . "} WHERE key_name = '$name'")->fetchAssoc();
+    $row = $this->connection->query('SHOW INDEX FROM {' . $table . '} WHERE key_name = ' . $this->connection->quote($name))->fetchAssoc();
     return isset($row['Key_name']);
   }
 
diff --git a/core/lib/Drupal/Core/Database/Driver/pgsql/Schema.php b/core/lib/Drupal/Core/Database/Driver/pgsql/Schema.php
index 72686ea..63349ad 100644
--- a/core/lib/Drupal/Core/Database/Driver/pgsql/Schema.php
+++ b/core/lib/Drupal/Core/Database/Driver/pgsql/Schema.php
@@ -207,7 +207,7 @@ protected function createFieldSql($name, $spec) {
       }
     }
     if (isset($spec['default'])) {
-      $default = is_string($spec['default']) ? "'" . $spec['default'] . "'" : $spec['default'];
+      $default = is_string($spec['default']) ? $this->connection->quote($spec['default']) : $spec['default'];
       $sql .= " default $default";
     }
 
@@ -436,7 +436,7 @@ public function fieldSetDefault($table, $field, $default) {
       $default = 'NULL';
     }
     else {
-      $default = is_string($default) ? "'$default'" : $default;
+      $default = is_string($default) ? $this->connection->quote($default) : $default;
     }
 
     $this->connection->query('ALTER TABLE {' . $table . '} ALTER COLUMN "' . $field . '" SET DEFAULT ' . $default);
@@ -603,7 +603,7 @@ public function changeField($table, $field, $field_new, $spec, $new_keys = array
       // Set sequence to maximal field value to not conflict with existing
       // entries.
       $this->connection->query("SELECT setval('" . $seq . "', MAX(\"" . $field . '")) FROM {' . $table . "}");
-      $this->connection->query('ALTER TABLE {' . $table . '} ALTER "' . $field . '" SET DEFAULT nextval(\'' . $seq . '\')');
+      $this->connection->query('ALTER TABLE {' . $table . '} ALTER ' . $field . ' SET DEFAULT nextval(' . $this->connection->quote($seq) . ')');
     }
 
     // Rename the column if necessary.
diff --git a/core/lib/Drupal/Core/Database/Driver/sqlite/Schema.php b/core/lib/Drupal/Core/Database/Driver/sqlite/Schema.php
index 45149da..dc09d86 100644
--- a/core/lib/Drupal/Core/Database/Driver/sqlite/Schema.php
+++ b/core/lib/Drupal/Core/Database/Driver/sqlite/Schema.php
@@ -179,7 +179,7 @@ protected function createFieldSql($name, $spec) {
 
       if (isset($spec['default'])) {
         if (is_string($spec['default'])) {
-          $spec['default'] = "'" . $spec['default'] . "'";
+          $spec['default'] = $this->connection->quote($spec['default']);
         }
         $sql .= ' DEFAULT ' . $spec['default'];
       }
diff --git a/core/modules/system/lib/Drupal/system/Tests/Database/SchemaTest.php b/core/modules/system/lib/Drupal/system/Tests/Database/SchemaTest.php
index 2442875..27826ad 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Database/SchemaTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Database/SchemaTest.php
@@ -47,6 +47,13 @@ function testSchema() {
           'not null' => TRUE,
           'description' => 'Schema column description.',
         ),
+        'test_field_string'  => array(
+          'type' => 'varchar',
+          'length' => 20,
+          'not null' => TRUE,
+          'default' => "'\"funky default'\"",
+          'description' => 'Schema column description for string.',
+        ),
       ),
     );
     db_create_table('test_table', $table_specification);
@@ -282,6 +289,8 @@ function testSchemaAddField() {
       $variations = array(
         array('not null' => FALSE),
         array('not null' => FALSE, 'default' => '7'),
+        array('not null' => FALSE, 'default' => substr('"thing"', 0, $length)),
+        array('not null' => FALSE, 'default' => substr("\"'hing", 0, $length)),
         array('not null' => TRUE, 'initial' => 'd'),
         array('not null' => TRUE, 'initial' => 'd', 'default' => '7'),
       );