diff --git a/search.php b/search.php
index 819d91934..01de6aef7 100644
--- a/search.php
+++ b/search.php
@@ -91,7 +91,7 @@ $url = basename(__FILE__);
 $anon_id = GUEST_UID;
 $user_id = $userdata['user_id'];
 $lastvisit = IS_GUEST ? TIMENOW : $userdata['user_lastvisit'];
-$search_id = (isset($_GET['id']) && is_string($_GET['id'])) ? $_GET['id'] : '';
+$search_id = (isset($_GET['id']) && is_string($_GET['id'])) ? DB()->escape($_GET['id']) : '';
 $session_id = $userdata['session_id'];
 
 $items_found = $items_display = $previous_settings = null;