X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=api%2Fv3%2FContact.php;h=bbbf007576b99df5165b90869be1821cb5abf8e8;hb=d2cad5f0ae0da394942a80fd874f4a712d1d6e9e;hp=ba581e57947526c3d6199e49436b29608c247613;hpb=c7d4e44e2b4fa253412aca3a9e14d3e53118a8af;p=civicrm-core.git

diff --git a/api/v3/Contact.php b/api/v3/Contact.php
index ba581e5794..bbbf007576 100644
--- a/api/v3/Contact.php
+++ b/api/v3/Contact.php
@@ -765,6 +765,10 @@ function civicrm_api3_contact_getquick($params) {
   // If we are doing quicksearch by a field other than name, make sure that field is added to results
   if (!empty($params['field_name'])) {
     $field_name = CRM_Utils_String::munge($params['field_name']);
+    // there is no good reason to request api_key via getquick
+    if ($field_name == 'api_key') {
+      throw new API_Exception('Illegal value "api_key" for parameter "field_name"');
+    }
     // Unique name contact_id = id
     if ($field_name == 'contact_id') {
       $field_name = 'id';