diff --git a/inc/lib_ocs.php b/inc/lib_ocs.php
index 16b0832fbea2b577bdf101030a93fdab9ed7682c..055a8587a600596898527fd3c2e3e15c1296f46c 100644
--- a/inc/lib_ocs.php
+++ b/inc/lib_ocs.php
@@ -478,7 +478,7 @@ class OC_OCS {
     //TODO: prepared statements, locking tables, fancy stuff, error checking/handling
     $user=OC_OCS::checkpassword();
 
-    $result=OC_DB::select("select count(*) as co from {$CONFIG_DBTABLEPREFIX}privatedata where key = '".$key."'");
+    $result=OC_DB::select("select count(*) as co from {$CONFIG_DBTABLEPREFIX}privatedata where key = '".addslashes($key)."'");
     $totalcount=$result[0]['co'];
     OC_DB::free_result($result);