1 files changed, 8 insertions, 2 deletions

diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb
index cc76204dc0..2346aa19e9 100755
--- a/activerecord/lib/active_record/base.rb
+++ b/activerecord/lib/active_record/base.rb
@@ -665,7 +665,7 @@ module ActiveRecord #:nodoc:
           end
 
           until values.empty?
-            statement.sub!(/\?/, connection.quote(values.shift))
+            statement.sub!(/\?/, encode_quoted_value(values.shift))
           end
           
           statement.gsub('?') { |all, match| connection.quote(values.shift) }
@@ -674,7 +674,7 @@ module ActiveRecord #:nodoc:
         def replace_named_bind_variables(statement, values_hash)
           orig_statement = statement.clone
           values_hash.keys.each do |k|
-            if statement.sub!(/:#{k.id2name}/, connection.quote(values_hash.delete(k))).nil?
+            if statement.sub!(/:#{k.id2name}/, encode_quoted_value(values_hash.delete(k))).nil?
               raise PreparedStatementInvalid, ":#{k} is not a variable in [#{orig_statement}]"
             end
           end
@@ -685,6 +685,12 @@ module ActiveRecord #:nodoc:
 
           return statement
         end
+        
+        def encode_quoted_value(value)
+          quoted_value = connection.quote(value)
+          quoted_value = "'#{quoted_value[1..-2].gsub(/\'/, "\\\\'")}'" if quoted_value.include?("\\\'")          
+          quoted_value
+        end
     end
 
     public