diff --git a/client_contacts.php b/client_contacts.php
index 4ebe9c46..540c38ae 100644
--- a/client_contacts.php
+++ b/client_contacts.php
@@ -10,7 +10,7 @@ require_once "inc_all_client.php";
 //Rebuild URL
 $url_query_strings_sort = http_build_query($get_copy);
 
-$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM contacts 
+$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM contacts
     LEFT JOIN locations ON location_id = contact_location_id
     WHERE contact_$archive_query
     AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%'  OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$phone_query%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$phone_query%')
diff --git a/global_search.php b/global_search.php
index 418b8ca1..a52b5c2c 100644
--- a/global_search.php
+++ b/global_search.php
@@ -2,6 +2,12 @@
 
 require_once "inc_all.php";
 
+// Initialize the HTML Purifier to prevent XSS
+require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
+
+$purifier_config = HTMLPurifier_Config::createDefault();
+$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
+$purifier = new HTMLPurifier($purifier_config);
 
 if (isset($_GET['query'])) {
 
@@ -93,14 +99,26 @@ if (isset($_GET['query'])) {
         ORDER BY asset_name DESC LIMIT 5"
     );
 
+    $sql_ticket_replies = mysqli_query($mysqli,"SELECT * FROM ticket_replies
+        LEFT JOIN tickets ON ticket_reply_ticket_id = ticket_id
+        LEFT JOIN clients ON ticket_client_id = client_id
+        WHERE ticket_reply_archived_at IS NULL
+            AND (ticket_reply LIKE '%$query%' OR ticket_subject LIKE '%$query%' OR ticket_details LIKE '%$query%')
+        ORDER BY ticket_id DESC LIMIT 5"
+    );
+
     $q = nullable_htmlentities($_GET['query']);
     
     ?>
 
-    <h4 class="text-center"><i class="fas fa-fw fa-search mr-2"></i>Search all things</h4>
-    <hr>
+    
     <div class="row">
 
+        <div class="col-sm-12">
+            <h4 class="text-center"><i class="fas fa-fw fa-search mr-2"></i>Global Search</h4>
+            <hr>
+        </div>
+
         <?php if (mysqli_num_rows($sql_clients) > 0) { ?>
 
             <!-- Clients-->
@@ -617,11 +635,62 @@ if (isset($_GET['query'])) {
 
         <?php } ?>
 
+        <?php if (mysqli_num_rows($sql_ticket_replies) > 0) { ?>
+
+            <!-- Ticket Replies -->
+
+            <div class="col-sm-6">
+
+                <div class="card">
+                    <div class="card-header">
+                        <h6 class="mt-1"><i class="fas fa-fw fa-reply mr-2"></i>Ticket Replies</h6>
+                    </div>
+                    <div class="card-body">
+
+                    <?php
+
+                    while ($row = mysqli_fetch_array($sql_ticket_replies)) {
+                        $ticket_id = intval($row['ticket_id']);
+                        $ticket_prefix = nullable_htmlentities($row['ticket_prefix']);
+                        $ticket_number = intval($row['ticket_number']);
+                        $ticket_subject = nullable_htmlentities($row['ticket_subject']);
+                        $ticket_reply = $purifier->purify($row['ticket_reply']);
+                        $client_id = intval($row['ticket_client_id']);
+                        $client_name = nullable_htmlentities($row['client_name']);
+
+                        ?>
+                        <div class="card card-outline">
+                            <div class="card-header">
+                                <h3 class="card-title">
+                                    <?php echo "$ticket_prefix$ticket_number"; ?> - <?php echo $ticket_subject; ?>
+                                </h3>
+                                <div class="card-tools">
+                                    <a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>" target="_blank">Open <i class="fa fa-fw fa-external-link-alt"></i></a>
+                                </div>
+                            </div>
+                            <div class="card-body prettyContent">
+                                <div class="media">
+                                    <div class="media-body">
+                                        <?php echo $ticket_reply; ?>
+                                    </div>
+                                </div>
+                            </div>
+                         </div>
+
+                    <?php } ?>
+
+                    </div>
+
+                </div>
+
+            </div>
+
+        <?php } ?>
+
     </div>
 
-
-<?php } ?>
-
 <?php
-require_once "footer.php";
 
+}
+
+require_once "footer.php";