From bbc7268d757c7c72ec12b5cd7f052a7ff4a318df Mon Sep 17 00:00:00 2001
From: Alexander Walther <github.com@alexplus.de>
Date: Mon, 22 Aug 2022 07:56:02 +0200
Subject: [PATCH] escape ORDER BY (#71)

may closes #57
---
 lib/Watson/Workflows/YForm/YFormSearch.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Watson/Workflows/YForm/YFormSearch.php b/lib/Watson/Workflows/YForm/YFormSearch.php
index e26338b..cddd04d 100644
--- a/lib/Watson/Workflows/YForm/YFormSearch.php
+++ b/lib/Watson/Workflows/YForm/YFormSearch.php
@@ -102,7 +102,7 @@ public function fire(Command $command)
                                 SELECT      '.$selectFields.'
                                 FROM        `'.$table.'`
                                 WHERE       '.$command->getSqlWhere($searchFields).'
-                                ORDER BY    '.$orderByField;
+                                ORDER BY    `'.$orderByField.'`';
 
                         $results[$table->getTableName()] = $this->getDatabaseResults($query);
                     }