Minor fixes
diff --git a/erpnext/controllers/queries.py b/erpnext/controllers/queries.py
index 0debe4a..6da496b 100644
--- a/erpnext/controllers/queries.py
+++ b/erpnext/controllers/queries.py
@@ -17,7 +17,8 @@
if isinstance(f[1], basestring) and f[1][0] == '!':
flt.append([doctype, f[0], '!=', f[1][1:]])
else:
- flt.append([doctype, f[0], '=', f[1]])
+ value = frappe.db.escape(f[1]) if isinstance(f[1], basestring) else f[1]
+ flt.append([doctype, f[0], '=', value])
query = DatabaseQuery(doctype)
query.filters = flt