diff --git a/comission.php b/comission.php
index 1030061..27e2c37 100644
--- a/comission.php
+++ b/comission.php
@@ -222,7 +222,8 @@ switch ($shopCategoryTypeNumber) {
                         <TABLE BORDER=0 WIDTH=100% CELLSPACING="1" CELLPADDING="2" BGCOLOR="#A5A5A5">
                             <?php
                             if (isset($_GET['max'])) {
-                                $data = db::c()->query('SELECT * FROM `inventory` WHERE `dressed` = 0 AND `name` LIKE "?S" AND `setsale` > 0 ORDER BY `setsale` ASC', $_GET['max'] . '%');
+                                $name = $_GET['max'].'%';
+                                $data = db::c()->query('SELECT * FROM `inventory` WHERE `dressed` = 0 AND `name` LIKE "?S" AND `setsale` > 0 ORDER BY `setsale` ASC', $name);
 
                                 while ($row = $data->fetch_assoc()) {
                                     $row['cost'] = $row['setsale'];