diff --git a/interface/main/calendar/modules/PostCalendar/pnuser.php b/interface/main/calendar/modules/PostCalendar/pnuser.php
index c79ae239c98..ebf84895bc9 100644
--- a/interface/main/calendar/modules/PostCalendar/pnuser.php
+++ b/interface/main/calendar/modules/PostCalendar/pnuser.php
@@ -368,7 +368,7 @@ function postcalendar_user_search()
         // build our search query
         foreach ($keywords as $word) {
             if (!empty($sqlKeywords)) {
-                $sqlKeywords .= " $k_andor ";
+                $sqlKeywords .= " " . escape_identifier($k_andor, ['AND', 'OR'], true) . " ";
             }
 
             $sqlKeywords .= '(';