But before we adds a function to run a query, we need to think a little, because people on websites can not be trusted, they perform SQL injections if they can, so we need to be sure of that they can not on our classes, what we need is a function to add a / char before every ' char in the queries, this will stop people from attacking our databases with crappy inputs.