From d897dad5733504411b42fb449a98da1c7bd07e16 Mon Sep 17 00:00:00 2001
From: Jamie McClelland <jm@mayfirst.org>
Date: Mon, 12 May 2014 10:46:44 -0400
Subject: [PATCH] CRM-14676 - need to escape names before inserting into
 prev_next_cache

----------------------------------------
* CRM-14676: Inserting values into civicrm_prevnext_cache fails to properly escape names
  https://issues.civicrm.org/jira/browse/CRM-14676
---
 CRM/Contact/Selector.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CRM/Contact/Selector.php b/CRM/Contact/Selector.php
index aa040d8e9b..ad3f6f119b 100644
--- a/CRM/Contact/Selector.php
+++ b/CRM/Contact/Selector.php
@@ -964,7 +964,7 @@ SELECT 'civicrm_contact', contact_a.id, contact_a.id, '$cacheKey', contact_a.dis
     // build insert query, note that currently we build cache for 500 contact records at a time, hence below approach
     $insertValues = array();
     while($dao->fetch()) {
-      $insertValues[] = "('civicrm_contact', {$dao->contact_id}, {$dao->contact_id}, '{$cacheKey}', '{$dao->sort_name}')";
+      $insertValues[] = "('civicrm_contact', {$dao->contact_id}, {$dao->contact_id}, '{$cacheKey}', '" . CRM_Core_DAO::escapeString($dao->sort_name) . "')";
     }
 
     //update pre/next cache using single insert query
-- 
2.25.1