From 62f170d3d7dafed781c33e099adb3cb4bbecfb21 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Tue, 9 Oct 2012 20:23:02 +0200
Subject: [PATCH] Fix: add escape

---
 htdocs/societe/class/societe.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php
index 8b915e48138..f985c1ec674 100644
--- a/htdocs/societe/class/societe.class.php
+++ b/htdocs/societe/class/societe.class.php
@@ -878,7 +878,7 @@ class Societe extends CommonObject
     		if ($similar)
     		{
     			// For test similitude
-    			$sql.= "(LOCATE('".$name."', nom) > 0 OR LOCATE(nom, '".$name."') > 0)";
+    			$sql.= "(LOCATE('".$this->db->escape($name)."', nom) > 0 OR LOCATE(nom, '".$this->db->escape($name)."') > 0)";
     		}
     		else
     		{