Comment 8 for bug 1164575

I've pushed security/user/berick/rel_2_3_6 -- which contains a sign-off for Dan's last commit (compiler warning). I've also confirmed my injection attempts results in a quoted value in the PG logs (vs. un-quoted sans patch).