I recently joined a project that is an ongoing intranet site for over 15 years and is continuously getting larger in size. They have written a public function that writes to the database. They use inline sql statements(which is a no-no). With-out having to go through 27,000 pages and rewrite all the insert statements to escape illegal characters. Could you rewrite the function to take the inline sql statement and escape illegal characters? It doesn't have to be perfect since it is something that is only used by employees within the building. The intranet site is not accessible from outside the building.