In line 27 of fishhook.class.php and line 522 of admincp/plugins.php you use stripslashes on hook's code and I don't think that's the right thing to do cause I was just trying to create a bbcode plugin and couldn't do it with stripslashes in those files, when I removed them my plugin works ok.
stripslashes() isn't used on the code, mysql_real_escape_string() is, to secure the query. Removing this could create a security hole in the Plugin Hook creator.
That was rather strange, when I tested it before it added slashes to the code, but now it's not.
My apologies, db->res() added back to queries.