diff --git a/ChangeLog b/ChangeLog
index 503b1adaf..ea12fd272 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
 $Id$ 
 $Source$
 
+2001-06-29  Marc Delisle  <lem9@users.sourceforge.net>
+	* user_details.php3, js code to protect db and table names
+
 2001-06-28  Steve Alberty  <alberty@neptunlabs.de>
 	* fixed bug with dl and PHP 3
 
diff --git a/user_details.php3 b/user_details.php3
index 39a5394d1..4201be892 100644
--- a/user_details.php3
+++ b/user_details.php3
@@ -218,7 +218,7 @@ function grant_operations()
         } else { db = "*"; table = "*"; column = ""; }
 
         sql = "GRANT " + privGrantToString(f) + "" + column;
-        sql += " ON " + db + "." + table
+        sql += " ON " + protect_name(db) + "." + protect_name(table)
         sql += " TO '" + "<?php echo $user; ?>" + "'@'" + "<?php echo $host ?>'"
         if (f.Grant_priv.checked) sql += " with grant option";
 
@@ -231,6 +231,21 @@ function grant_operations()
         location.href = url;
     }
 
+    function protect_name(db_or_table) {
+	var js_mysql_major_version, js_mysql_minor_version;
+	js_mysql_major_version = <?php echo MYSQL_MAJOR_VERSION ?>;
+	js_mysql_minor_version = <?php echo MYSQL_MINOR_VERSION ?>;
+
+	if (js_mysql_major_version >= "3.23") {
+	   if (js_mysql_minor_version >= "6")  {
+		return "`" + db_or_table + "`";
+	   }
+	}
+	else {
+		return db_or_table;
+	}
+    }
+
     function change(f, param) {
         var l, p;