Added escaping for permlink

Characters escape was added to a places where SQL query is constructed "by hand".

In situation where query is constructed by sqlalchemy there is no need for adding escaping (it will break the query). Sqlalchemy do escaping for us.