fix: escape fields for Payroll Entry (#22994)

commit: 19b51762efdf8602be556833344d759e67e940d6 [log] [tgz]
author: Rucha Mahabal <ruchamahabal2@gmail.com> Tue Aug 11 13:12:00 2020 +0530
committer: GitHub <noreply@github.com> Tue Aug 11 13:12:00 2020 +0530
tree: 2bb14caf6f3154c2ea20c3b96cb9d3cc78ec13a2
parent: b7bc34047a60743d37b0ca935a3f0ce69a33e648 [diff]
diff --git a/erpnext/payroll/doctype/payroll_entry/payroll_entry.py b/erpnext/payroll/doctype/payroll_entry/payroll_entry.py
index 554484f..30ea432 100644
--- a/erpnext/payroll/doctype/payroll_entry/payroll_entry.py
+++ b/erpnext/payroll/doctype/payroll_entry/payroll_entry.py

@@ -90,7 +90,7 @@
 		cond = ''
 		for f in ['company', 'branch', 'department', 'designation']:
 			if self.get(f):
-				cond += " and t1." + f + " = '" + self.get(f).replace("'", "\'") + "'"
+				cond += " and t1." + f + " = " + frappe.db.escape(self.get(f))
 
 		return cond
commit	19b51762efdf8602be556833344d759e67e940d6	[log] [tgz]
author	Rucha Mahabal <ruchamahabal2@gmail.com>	Tue Aug 11 13:12:00 2020 +0530
committer	GitHub <noreply@github.com>	Tue Aug 11 13:12:00 2020 +0530
tree	2bb14caf6f3154c2ea20c3b96cb9d3cc78ec13a2
parent	b7bc34047a60743d37b0ca935a3f0ce69a33e648 [diff]