diff --git a/var/Typecho/Common.php b/var/Typecho/Common.php
index 4db1024d..2579fc07 100644
--- a/var/Typecho/Common.php
+++ b/var/Typecho/Common.php
@@ -234,12 +234,13 @@ class Typecho_Common
      */
     public static function exceptionHandle($exception)
     {
-        @ob_end_clean();
-
         if (defined('__TYPECHO_DEBUG__')) {
-            echo '<h1>' . $exception->getMessage() . '</h1>';
-            echo nl2br($exception->__toString());
+            echo '<pre><code>';
+            echo '<h1>' . htmlspecialchars($exception->getMessage()) . '</h1>';
+            echo htmlspecialchars($exception->__toString());
+            echo '</code></pre>';
         } else {
+            @ob_end_clean();
             if (404 == $exception->getCode() && !empty(self::$exceptionHandle)) {
                 $handleClass = self::$exceptionHandle;
                 new $handleClass($exception);
diff --git a/var/Typecho/Db.php b/var/Typecho/Db.php
index d5b00c0a..4e4a3d1c 100644
--- a/var/Typecho/Db.php
+++ b/var/Typecho/Db.php
@@ -182,6 +182,7 @@ class Typecho_Db
      * 
      * @param int $op 
      * @return Typecho_Db_Adapter
+     * @throws Typecho_Db_Exception
      */
     public function selectDb($op)
     {
@@ -349,7 +350,7 @@ class Typecho_Db
         $handle = $this->selectDb($op);
 
         /** 提交查询 */
-        $resource = $this->_adapter->query($query, $handle, $op, $action);
+        $resource = $this->_adapter->query($query->prepare($query), $handle, $op, $action);
 
         if ($action) {
             //根据查询动作返回相应资源
diff --git a/var/Typecho/Db/Query.php b/var/Typecho/Db/Query.php
index fabd11e1..4d3725ef 100644
--- a/var/Typecho/Db/Query.php
+++ b/var/Typecho/Db/Query.php
@@ -68,12 +68,16 @@ class Typecho_Db_Query
      */
     private $_prefix;
 
+    /**
+     * @var array
+     */
+    private $_params = array();
+
     /**
      * 构造函数,引用数据库适配器作为内部数据
      *
      * @param Typecho_Db_Adapter $adapter 数据库适配器
      * @param string $prefix 前缀
-     * @return void
      */
     public function __construct(Typecho_Db_Adapter $adapter, $prefix)
     {
@@ -190,15 +194,27 @@ class Typecho_Db_Query
     {
         foreach ($values as &$value) {
             if (is_array($value)) {
-                $value = '(' . implode(',', array_map(array($this->_adapter, 'quoteValue'), $value)) . ')';
+                $value = '(' . implode(',', array_map(array($this, 'quoteValue'), $value)) . ')';
             } else {
-                $value = $this->_adapter->quoteValue($value);
+                $value = $this->quoteValue($value);
             }
         }
 
         return $values;
     }
 
+    /**
+     * 延迟转义
+     *
+     * @param $value
+     * @return string
+     */
+    public function quoteValue($value)
+    {
+        $this->_params[] = $value;
+        return '#param:' . (count($this->_params) - 1) . '#';
+    }
+
     /**
      * set default params
      *
@@ -480,6 +496,24 @@ class Typecho_Db_Query
         return $this;
     }
 
+    /**
+     * @param $query
+     * @return string
+     */
+    public function prepare($query)
+    {
+        $params = $this->_params;
+        $adapter = $this->_adapter;
+
+        return preg_replace_callback("/#param:([0-9]+)#/", function ($matches) use ($params, $adapter) {
+            if (isset($params[$matches[1]])) {
+                return $adapter->quoteValue($params[$matches[1]]);
+            } else {
+                return $matches[0];
+            }
+        }, $query);
+    }
+
     /**
      * 构造最终查询语句
      *