From 7abcdf832b81eb471adb8002c86870f45a8fd456 Mon Sep 17 00:00:00 2001
From: Georgy Litvinov <git@litvinovg.pro>
Date: Fri, 21 Aug 2020 09:47:03 +0200
Subject: [PATCH] Escape search value

---
 webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl b/webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl
index 38862004..92d5cc69 100644
--- a/webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl
+++ b/webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl
@@ -85,7 +85,7 @@
         if ('operator' in json_query && json_query.operator.startsWith("not_")){
           string_query +=  "NOT ";
         }
-        string_query += json_query.field + ":\'" + json_query.value.toString().replace(/['"]+/g, '') + "\'";
+        string_query += json_query.field + ":\'" + escape(json_query.value.toString().replace(/['"]+/g, '')) + "\'";
       }
 	  return string_query;
 	}