From 683d98743219e3e43ba90fd55656547794deffa5 Mon Sep 17 00:00:00 2001
From: Mangesh-Khairnar <mkhairnar10@gmail.com>
Date: Mon, 8 Jul 2019 10:40:24 +0530
Subject: [PATCH] fix(bom): escape name with wildcard character (#18163)

---
 erpnext/controllers/queries.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/erpnext/controllers/queries.py b/erpnext/controllers/queries.py
index e7f8c27d6df..99fafa73056 100644
--- a/erpnext/controllers/queries.py
+++ b/erpnext/controllers/queries.py
@@ -206,11 +206,11 @@ def bom(doctype, txt, searchfield, start, page_len, filters):
 			if(locate(%(_txt)s, name), locate(%(_txt)s, name), 99999),
 			idx desc, name
 		limit %(start)s, %(page_len)s """.format(
-			fcond=get_filters_cond(doctype, filters, conditions),
+			fcond=get_filters_cond(doctype, filters, conditions).replace('%', '%%'),
 			mcond=get_match_cond(doctype),
 			key=frappe.db.escape(searchfield)),
 		{
-			'txt': "%%%s%%" % frappe.db.escape(txt),
+			'txt': "%"+frappe.db.escape(txt)+"%",
 			'_txt': txt.replace("%", ""),
 			'start': start or 0,
 			'page_len': page_len or 20