diff --git a/public_html/deployment/classes/actionlog.class.php b/public_html/deployment/classes/actionlog.class.php
index e09d1da94a77921fa207d134eb428f932c9d7630..21e197f8b9c61223e360bb9ef0d706db7644e649 100644
--- a/public_html/deployment/classes/actionlog.class.php
+++ b/public_html/deployment/classes/actionlog.class.php
@@ -82,7 +82,7 @@ class Actionlog {
      */
     private function _makeQuery($sSql) {
         // $this->_log(__FUNCTION__."($sSql)");
-        // echo "<pre>$sSql</pre>";
+        // echo "<pre>".htmlentities($sSql)."</pre>";
         $db = new PDO("sqlite:" . $this->_dbfile);
         $result = $db->query($sSql);
         /*
@@ -113,7 +113,7 @@ class Actionlog {
             '" . $this->_sUser . "',
             '" . $this->_sProject . "',
             '" . $sAction . "',
-            '" . $sMessage . "'
+            '" . str_replace("'", '"', $sMessage) . "'
           );
         ";
         /*