diff --git a/app/models/customer.rb b/app/models/customer.rb
index f5cfe15..f36c179 100644
--- a/app/models/customer.rb
+++ b/app/models/customer.rb
@@ -169,6 +169,7 @@ class Customer < ActiveRecord::Base
   
   # Searchs the database for a customer by name or phone number with out special chars
   def self.search(search)
+    search = sanitize_sql_like(search)
     customers = where("name LIKE ? OR phone_number LIKE ? OR mobile_phone_number LIKE ?", "%#{search}%", "%#{search}%", "%#{search}%")
     return customers.order(:name)
   end