$sql_extra = '';
if ($results['search']) {
- $search_txt = DBA::escape(protect_sprintf(preg_quote($results['search'])));
+ $search_txt = DBA::escape(Strings::protectSprintf(preg_quote($results['search'])));
$sql_extra .= " AND (`attag` LIKE '%%" . $search_txt . "%%' OR `name` LIKE '%%" . $search_txt . "%%' OR `nick` LIKE '%%" . $search_txt . "%%') ";
}