From f2b3307136e5fb945872e2e5bdb78c84aa1ac18a Mon Sep 17 00:00:00 2001 From: Faris Ansari Date: Fri, 11 May 2018 21:07:27 +0530 Subject: [PATCH] Remove escaped customer string (#13986) - no need to escape strings that are passed to the values parameter of the sql method - this query was failing for inputs like "D'Arby" which have quotes --- erpnext/selling/doctype/customer/customer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/erpnext/selling/doctype/customer/customer.py b/erpnext/selling/doctype/customer/customer.py index 0ea1119c762..7232fadb56e 100644 --- a/erpnext/selling/doctype/customer/customer.py +++ b/erpnext/selling/doctype/customer/customer.py @@ -316,7 +316,7 @@ def make_address(args, is_primary_address=1): return address def get_customer_primary_contact(doctype, txt, searchfield, start, page_len, filters): - customer = frappe.db.escape(filters.get('customer')) + customer = filters.get('customer') return frappe.db.sql(""" select `tabContact`.name from `tabContact`, `tabDynamic Link` where `tabContact`.name = `tabDynamic Link`.parent and `tabDynamic Link`.link_name = %(customer)s