From 31bb4ac0f65bfb816d3f75a04a6876fc69b1c59d Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Wed, 15 Jan 2014 14:03:48 -0600
Subject: [PATCH] Fix cdata fields in advanced search

---
 include/ajax.tickets.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/ajax.tickets.php b/include/ajax.tickets.php
index 376e2a41d..9d5169dbd 100644
--- a/include/ajax.tickets.php
+++ b/include/ajax.tickets.php
@@ -211,11 +211,11 @@ class TicketsAjaxAPI extends AjaxController {
         foreach (TicketForm::getInstance()->getFields() as $f) {
             if (isset($req[$f->getFormName()])
                     && ($val = $req[$f->getFormName()])) {
-                $name = $f->get('name') ? db_real_escape($f->get('name'))
+                $name = $f->get('name') ? $f->get('name')
                     : 'field_'.$f->get('id');
-                $cwhere = "cdata.\"$name\" LIKE '%".db_real_escape($val)."%'";
+                $cwhere = "cdata.`$name` LIKE '%".db_real_escape($val)."%'";
                 if ($f->getImpl()->hasIdValue() && is_numeric($val))
-                    $cwhere .= " OR cdata.\"{$name}_id\" = ".db_input($val);
+                    $cwhere .= " OR cdata.`{$name}_id` = ".db_input($val);
                 $where .= ' AND ('.$cwhere.')';
                 $cdata_search = true;
             }
-- 
GitLab