sort out contact search oddities

diff --git a/mod/contacts.php b/mod/contacts.php
index 423fd40a23b1cd20dde0aa78e628ab8499770a99..fb4595739b5e1f3047ddf67d1b4bb0b6075e2fb8 100644 (file)
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -482,10 +482,10 @@ function contacts_content(&$a) {
        $searching = false;
        if($search) {
                $search_hdr = $search;
-               $search = dbesc(protect_sprintf('%' . $search . '%'));
+               $search_txt = dbesc(protect_sprintf(preg_quote($search)));
                $searching = true;
        }
-       $sql_extra .= (($searching) ? " AND `name` REGEXP '$search' " : "");
+       $sql_extra .= (($searching) ? " AND `name` REGEXP '$search_txt' " : "");
 
        if($nets)
                $sql_extra .= sprintf(" AND network = '%s' ", dbesc($nets));
@@ -502,7 +502,6 @@ function contacts_content(&$a) {
        }
 
 
-
        $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `pending` = 0 $sql_extra $sql_extra2 ORDER BY `name` ASC LIMIT %d , %d ",
                intval($_SESSION['uid']),
                intval($a->pager['start']),
@@ -569,7 +568,7 @@ function contacts_content(&$a) {
                '$total' => $total,
                '$search' => $search_hdr,
                '$desc' => t('Search your contacts'),
-               '$finding' => (strlen($search) ? t('Finding: ') . "'" . $search . "'" : ""),
+               '$finding' => (($searching) ? t('Finding: ') . "'" . $search . "'" : ""),
                '$submit' => t('Find'),
                '$cmd' => $a->cmd,
                '$contacts' => $contacts,