X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdirfind.php;h=7f1a6691f59f6da79232434a57ad29bb44eb9883;hb=e88781164a2e60c439c755d96a639ef2093a7305;hp=7b603a742755de70105354926424aca161a5cc2c;hpb=063f0e9cb06bb09d06c2630d4b6cecc5eb381fdc;p=friendica.git

diff --git a/mod/dirfind.php b/mod/dirfind.php
index 7b603a7427..7f1a6691f5 100644
--- a/mod/dirfind.php
+++ b/mod/dirfind.php
@@ -46,7 +46,7 @@ function dirfind_content(App $a, $prefix = "") {
 
 	$local = Config::get('system','poco_local_search');
 
-	$search = $prefix.Strings::removeTags(trim(defaults($_REQUEST, 'search', '')));
+	$search = $prefix.Strings::escapeTags(trim(defaults($_REQUEST, 'search', '')));
 
 	$header = '';
 
@@ -121,23 +121,23 @@ function dirfind_content(App $a, $prefix = "") {
 
 			/// @TODO These 2 SELECTs are not checked on validity with DBA::isResult()
 			$count = q("SELECT count(*) AS `total` FROM `gcontact`
-					WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s') AND
+					WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s', '%s') AND
 						((`last_contact` >= `last_failure`) OR (`updated` >= `last_failure`)) AND
 						(`url` LIKE '%s' OR `name` LIKE '%s' OR `location` LIKE '%s' OR
 						`addr` LIKE '%s' OR `about` LIKE '%s' OR `keywords` LIKE '%s') $extra_sql",
-					DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora),
+					DBA::escape(Protocol::ACTIVITYPUB), DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora),
 					DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)),
 					DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)));
 
 			$results = q("SELECT `nurl`
 					FROM `gcontact`
-					WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s') AND
+					WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s', '%s') AND
 						((`last_contact` >= `last_failure`) OR (`updated` >= `last_failure`)) AND
 						(`url` LIKE '%s' OR `name` LIKE '%s' OR `location` LIKE '%s' OR
 						`addr` LIKE '%s' OR `about` LIKE '%s' OR `keywords` LIKE '%s') $extra_sql
 						GROUP BY `nurl`
 						ORDER BY `updated` DESC LIMIT %d, %d",
-					DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora),
+					DBA::escape(Protocol::ACTIVITYPUB), DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora),
 					DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)),
 					DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)),
 					$pager->getStart(), $pager->getItemsPerPage());
@@ -235,7 +235,7 @@ function dirfind_content(App $a, $prefix = "") {
 					'alt_text' => $alt_text,
 					'url' => Model\Contact::magicLink($jj->url),
 					'itemurl' => $itemurl,
-					'name' => htmlentities($jj->name),
+					'name' => $jj->name,
 					'thumb' => ProxyUtils::proxifyUrl($jj->photo, false, ProxyUtils::SIZE_THUMB),
 					'img_hover' => $jj->tags,
 					'conntxt' => $conntxt,