diff options
author | friendica <info@friendica.com> | 2011-12-06 19:51:19 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2011-12-06 19:51:19 -0800 |
commit | 341fcce75ec8d16538eec6ebcdfbdd00711c6638 (patch) | |
tree | e88f1bbb923538fc218a3baefbc819ddd6eaec50 | |
parent | 7eba8adbf7ce1656b9c85f02b21fe46303b219e7 (diff) | |
download | volse-hubzilla-341fcce75ec8d16538eec6ebcdfbdd00711c6638.tar.gz volse-hubzilla-341fcce75ec8d16538eec6ebcdfbdd00711c6638.tar.bz2 volse-hubzilla-341fcce75ec8d16538eec6ebcdfbdd00711c6638.zip |
preg_quote search strings
-rw-r--r-- | mod/network.php | 4 | ||||
-rw-r--r-- | mod/search.php | 11 |
2 files changed, 4 insertions, 11 deletions
diff --git a/mod/network.php b/mod/network.php index 2a3db597e..3df8a2105 100644 --- a/mod/network.php +++ b/mod/network.php @@ -364,8 +364,8 @@ function network_content(&$a, $update = 0) { if(x($_GET,'search')) { $search = escape_tags($_GET['search']); $sql_extra .= sprintf(" AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' ) ", - dbesc($search), - dbesc('\\]' . $search . '\\[') + dbesc(preg_quote($search)), + dbesc('\\]' . preg_quote($search) . '\\[') ); } diff --git a/mod/search.php b/mod/search.php index 0b58db5d1..3f98b607f 100644 --- a/mod/search.php +++ b/mod/search.php @@ -96,17 +96,10 @@ function search_content(&$a) { // Only public wall posts can be shown // OR your own posts if you are a logged in member - $escaped_search = str_replace(array('[',']'),array('\\[','\\]'),$search); - -// $s_bool = sprintf("AND MATCH (`item`.`body`) AGAINST ( '%s' IN BOOLEAN MODE )", dbesc($search)); $s_regx = sprintf("AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' )", - dbesc($escaped_search), dbesc('\\]' . $escaped_search . '\\[')); - -// if(mb_strlen($search) >= 3) -// $search_alg = $s_bool; -// else + dbesc(preg_quote($search)), dbesc('\\]' . preg_quote($search) . '\\[')); - $search_alg = $s_regx; + $search_alg = $s_regx; $r = q("SELECT COUNT(*) AS `total` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid` |