diff --git a/src/admin/function/EditKnowledgebase.php b/src/admin/function/EditKnowledgebase.php
index 052d5b4..ef96c5e 100644
--- a/src/admin/function/EditKnowledgebase.php
+++ b/src/admin/function/EditKnowledgebase.php
@@ -5,8 +5,8 @@
 if(isset($_POST['submit'])){
 	$FormData = array(
 		'id' => $_POST['id'],
-		'subject' => $_POST['subject'],
-		'content' => $_POST['editor']
+		'subject' => $connect->real_escape_string($_POST['subject']),
+		'content' => $connect->real_escape_string($_POST['editor'])
 	);
 	$sql = mysqli_query($connect,"UPDATE `hosting_knowledgebase` SET `knowledgebase_subject`='".$FormData['subject']."',`knowledgebase_content`='".$FormData['content']."' WHERE `knowledgebase_id`='".$FormData['id']."'");
 	if($sql){
@@ -31,4 +31,4 @@
 else{
 	header('location: ../');
 }
-?>
\ No newline at end of file
+?>