X-Git-Url: https://git.openstreetmap.org/nominatim.git/blobdiff_plain/130f904b90dd8508a210c89f2f2cd76056adc397..819b858ba70fa01484ec8547f3f34b654aa4181c:/lib/Geocode.php

diff --git a/lib/Geocode.php b/lib/Geocode.php
index a2baa8ea..ac92257f 100644
--- a/lib/Geocode.php
+++ b/lib/Geocode.php
@@ -1061,7 +1061,7 @@ class Geocode
                     continue;
                 }
 
-                $sToken = chksql($this->oDB->getOne("SELECT make_standard_name('".$aSpecialTerm[1]."') AS string"));
+                $sToken = chksql($this->oDB->getOne("SELECT make_standard_name('".pg_escape_string($aSpecialTerm[1])."') AS string"));
                 $sSQL = 'SELECT * ';
                 $sSQL .= 'FROM ( ';
                 $sSQL .= '   SELECT word_id, word_token, word, class, type, country_code, operator';