From 9f7ffcd62d76c009d56a4e7eb78e234562b0bf2e Mon Sep 17 00:00:00 2001
From: Georgy Litvinov <git@litvinovg.pro>
Date: Fri, 21 Aug 2020 09:47:03 +0200
Subject: [PATCH] Escape search value

---
 webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl b/webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl
index 38862004..92d5cc69 100644
--- a/webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl
+++ b/webapp/src/main/webapp/themes/iph/templates/queryBuilder.ftl
@@ -85,7 +85,7 @@
         if ('operator' in json_query && json_query.operator.startsWith("not_")){
           string_query +=  "NOT ";
         }
-        string_query += json_query.field + ":\'" + json_query.value.toString().replace(/['"]+/g, '') + "\'";
+        string_query += json_query.field + ":\'" + escape(json_query.value.toString().replace(/['"]+/g, '')) + "\'";
       }
 	  return string_query;
 	}