// If we are doing quicksearch by a field other than name, make sure that field is added to results
if (!empty($params['field_name'])) {
$field_name = CRM_Utils_String::munge($params['field_name']);
+ // there is no good reason to request api_key via getquick
+ if ($field_name == 'api_key') {
+ throw new API_Exception('Illegal value "api_key" for parameter "field_name"');
+ }
// Unique name contact_id = id
if ($field_name == 'contact_id') {
$field_name = 'id';