aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--mod/contacts.php7
1 files changed, 3 insertions, 4 deletions
diff --git a/mod/contacts.php b/mod/contacts.php
index 423fd40a2..fb4595739 100644
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -482,10 +482,10 @@ function contacts_content(&$a) {
$searching = false;
if($search) {
$search_hdr = $search;
- $search = dbesc(protect_sprintf('%' . $search . '%'));
+ $search_txt = dbesc(protect_sprintf(preg_quote($search)));
$searching = true;
}
- $sql_extra .= (($searching) ? " AND `name` REGEXP '$search' " : "");
+ $sql_extra .= (($searching) ? " AND `name` REGEXP '$search_txt' " : "");
if($nets)
$sql_extra .= sprintf(" AND network = '%s' ", dbesc($nets));
@@ -502,7 +502,6 @@ function contacts_content(&$a) {
}
-
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `pending` = 0 $sql_extra $sql_extra2 ORDER BY `name` ASC LIMIT %d , %d ",
intval($_SESSION['uid']),
intval($a->pager['start']),
@@ -569,7 +568,7 @@ function contacts_content(&$a) {
'$total' => $total,
'$search' => $search_hdr,
'$desc' => t('Search your contacts'),
- '$finding' => (strlen($search) ? t('Finding: ') . "'" . $search . "'" : ""),
+ '$finding' => (($searching) ? t('Finding: ') . "'" . $search . "'" : ""),
'$submit' => t('Find'),
'$cmd' => $a->cmd,
'$contacts' => $contacts,