diff --git a/ChangeLog b/ChangeLog
index a2107a653..886fa6110 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,10 @@ phpMyAdmin - ChangeLog
 $Id$
 $Source$
 
+2006-05-17 Marc Delisle  <lem9@users.sourceforge.net>
+    * server_privileges.php: bug #1478812, Add user (password containing 
+      a backslash); also minor optimization
+
 2006-05-15 Marc Delisle  <lem9@users.sourceforge.net>
    * libraries/Table.class.php: bug #1475949, removing the default value
 
diff --git a/server_privileges.php b/server_privileges.php
index 3f6a31098..aa887c76b 100644
--- a/server_privileges.php
+++ b/server_privileges.php
@@ -764,15 +764,12 @@ if (!empty($adduser_submit) || !empty($change_copy)) {
             'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON *.* TO \''
             . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\'';
         if ($pred_password != 'none' && $pred_password != 'keep') {
-            $pma_pw_hidden = '';
-            for ($i = 0; $i < strlen($pma_pw); $i++) {
-                $pma_pw_hidden .= '*';
-            }
+            $pma_pw_hidden = str_repeat('*', strlen($pma_pw));
             $sql_query = $real_sql_query . ' IDENTIFIED BY \'' . $pma_pw_hidden . '\'';
-            $real_sql_query .= ' IDENTIFIED BY \'' . $pma_pw . '\'';
+            $real_sql_query .= ' IDENTIFIED BY \'' . PMA_sqlAddslashes($pma_pw) . '\'';
             if ( isset( $create_user_real ) ) {
                 $create_user_show = $create_user_real . ' IDENTIFIED BY \'' . $pma_pw_hidden . '\'';
-                $create_user_real .= ' IDENTIFIED BY \'' . $pma_pw . '\'';
+                $create_user_real .= ' IDENTIFIED BY \'' . PMA_sqlAddslashes($pma_pw) . '\'';
             }
         } else {
             if ($pred_password == 'keep' && !empty($password)) {