diff options
| -rw-r--r-- | include/api.php | 4 | ||||
| -rw-r--r-- | mod/search.php | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/include/api.php b/include/api.php index 5697fbdbc..5c17b35f5 100644 --- a/include/api.php +++ b/include/api.php @@ -995,8 +995,8 @@ else $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ", dbesc(protect_sprintf('%' . $myurl)), - dbesc(protect_sprintf('%' . $myurl . '\\]%')), - dbesc(protect_sprintf('%' . $diasp_url . '\\]%')) + dbesc(protect_sprintf('%' . $myurl . ']%')), + dbesc(protect_sprintf('%' . $diasp_url . ']%')) ); if ($max_id > 0) diff --git a/mod/search.php b/mod/search.php index 20007ada7..466ffc4c3 100644 --- a/mod/search.php +++ b/mod/search.php @@ -110,7 +110,7 @@ function search_content(&$a) { if (get_config('system','use_fulltext_engine')) { if($tag) - $sql_extra = sprintf(" AND MATCH (`item`.`tag`) AGAINST ('".'"%s"'."' in boolean mode) ", '#'.protect_sprintf($search)); + $sql_extra = sprintf(" AND MATCH (`item`.`tag`) AGAINST ('".'"%s"'."' in boolean mode) ", '#'.dbesc(protect_sprintf($search))); else $sql_extra = sprintf(" AND MATCH (`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) ", dbesc(protect_sprintf($search))); } else { |