From 88e0eb2ec1aa5a01c1abee20cd79544862dc7e22 Mon Sep 17 00:00:00 2001
From: prasad <prasad@vtiger.com>
Date: Wed, 15 Jun 2016 20:32:59 +0530
Subject: [PATCH] Use sanitized value for query.

---
 modules/Portal/models/ListView.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/Portal/models/ListView.php b/modules/Portal/models/ListView.php
index 2d45654e1..b34f33f5c 100644
--- a/modules/Portal/models/ListView.php
+++ b/modules/Portal/models/ListView.php
@@ -54,7 +54,7 @@ class Portal_ListView_Model extends Vtiger_ListView_Model {
     
     public function getQuery() {
         $query = 'SELECT portalid, portalname, portalurl, createdtime FROM vtiger_portal';
-        $searchValue = $this->get('search_value');
+        $searchValue = $this->getForSql('search_value');
         if(!empty($searchValue))
             $query .= " WHERE portalname LIKE '".$searchValue."%'";
         
-- 
GitLab