aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2011-12-06 19:51:19 -0800
committerfriendica <info@friendica.com>2011-12-06 19:51:19 -0800
commit341fcce75ec8d16538eec6ebcdfbdd00711c6638 (patch)
treee88f1bbb923538fc218a3baefbc819ddd6eaec50 /mod
parent7eba8adbf7ce1656b9c85f02b21fe46303b219e7 (diff)
downloadvolse-hubzilla-341fcce75ec8d16538eec6ebcdfbdd00711c6638.tar.gz
volse-hubzilla-341fcce75ec8d16538eec6ebcdfbdd00711c6638.tar.bz2
volse-hubzilla-341fcce75ec8d16538eec6ebcdfbdd00711c6638.zip
preg_quote search strings
Diffstat (limited to 'mod')
-rw-r--r--mod/network.php4
-rw-r--r--mod/search.php11
2 files changed, 4 insertions, 11 deletions
diff --git a/mod/network.php b/mod/network.php
index 2a3db597e..3df8a2105 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -364,8 +364,8 @@ function network_content(&$a, $update = 0) {
if(x($_GET,'search')) {
$search = escape_tags($_GET['search']);
$sql_extra .= sprintf(" AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' ) ",
- dbesc($search),
- dbesc('\\]' . $search . '\\[')
+ dbesc(preg_quote($search)),
+ dbesc('\\]' . preg_quote($search) . '\\[')
);
}
diff --git a/mod/search.php b/mod/search.php
index 0b58db5d1..3f98b607f 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -96,17 +96,10 @@ function search_content(&$a) {
// Only public wall posts can be shown
// OR your own posts if you are a logged in member
- $escaped_search = str_replace(array('[',']'),array('\\[','\\]'),$search);
-
-// $s_bool = sprintf("AND MATCH (`item`.`body`) AGAINST ( '%s' IN BOOLEAN MODE )", dbesc($search));
$s_regx = sprintf("AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' )",
- dbesc($escaped_search), dbesc('\\]' . $escaped_search . '\\['));
-
-// if(mb_strlen($search) >= 3)
-// $search_alg = $s_bool;
-// else
+ dbesc(preg_quote($search)), dbesc('\\]' . preg_quote($search) . '\\['));
- $search_alg = $s_regx;
+ $search_alg = $s_regx;
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`