bugfixes: private photo embeds and search for strings with %

1 files changed, 2 insertions, 2 deletions

diff --git a/mod/search.php b/mod/search.php
index 3e6bf68aa..6d4bd07e3 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -110,9 +110,9 @@ function search_content(&$a) {
 		return $o;
 
 	if($tag)
-		$sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ", 	dbesc('\\]' . preg_quote($search) . '\\['));
+		$sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ", 	dbesc('\\]' . protect_sprintf(preg_quote($search)) . '\\['));
 	else
-		$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(preg_quote($search)));
+		$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));