Fix my mistakes and removed mysql_real_escape_string() which do not s…

…eems to work.

src/libraries/adapters/DatabaseMySql.php

@@ -1857,7 +1857,7 @@ private function buildQuery($filters, $limit, $offset, $table)
       switch($name)
       {
         case 'album':
-          $subquery = sprintf("`id` IN (SELECT element FROM `{$this->mySqlTablePrefix}elementAlbum` WHERE `{$this->mySqlTablePrefix}elementAlbum`.`owner`='%s' AND `type`='%s' AND `album`='%s')", $this->_($this->owner), 'photo', $this->_($value));
+          $subquery = sprintf("`id` IN (SELECT element FROM `{$this->mySqlTablePrefix}elementAlbum` WHERE `{$this->mySqlTablePrefix}elementAlbum`.`owner`='%s' AND `type`='%s' AND `album`='%s')", $this->_($this->owner), 'photo', $this->_($value),
             $this->_($this->owner), 'photo', $value);
           $where = $this->buildWhere($where, $subquery);
           break;
@@ -2658,6 +2658,6 @@ private function updateTagsToPhotoMapping($id, $tags)
    */
   private function _($str)
   {
-      return mysql_real_escape_string($str);
+      return addslashes($str);
   }
 }