diff --git a/endpoints/search/search.php b/endpoints/search/search.php
index 4fbe5ec8..7b5ec896 100644
--- a/endpoints/search/search.php
+++ b/endpoints/search/search.php
@@ -76,7 +76,7 @@ class SearchBaseResponse extends TemplateResponse implements ICache
                 if (($canRedirect && $redirectTo) || count($lvData[0]['data']) > 1)
                     $canRedirect = false;
 
-                if ($canRedirect)                                // note - we are very lucky that in case of searches $template is identical to the typeString
+                if ($canRedirect)                           // note - we are very lucky that in case of searches $template is identical to the typeString
                     $redirectTo = '?'.$lvData[1].'='.key($lvData[0]['data']);
             }
         }
diff --git a/includes/components/response/baseresponse.class.php b/includes/components/response/baseresponse.class.php
index 0dd10276..7afdc72d 100644
--- a/includes/components/response/baseresponse.class.php
+++ b/includes/components/response/baseresponse.class.php
@@ -456,8 +456,8 @@ trait TrProfilerList
 
 abstract class BaseResponse
 {
-    protected const PATTERN_TEXT_LINE = '/[\p{Cc}\p{Cf}\p{Co}\p{Cs}\p{Cn}]/i';
-    protected const PATTERN_TEXT_BLOB = '/[\x00-\x09\x0B-\x1F\p{Cf}\p{Co}\p{Cs}\p{Cn}]/i';
+    protected const PATTERN_TEXT_LINE = '/[\p{Cc}\p{Cf}\p{Co}\p{Cs}\p{Cn}]/iu';
+    protected const PATTERN_TEXT_BLOB = '/[\x00-\x09\x0B-\x1F\p{Cf}\p{Co}\p{Cs}\p{Cn}]/iu';
 
     protected static array $sql = [];                       // debug: sql stats container
 
@@ -637,14 +637,17 @@ abstract class BaseResponse
 
     protected static function checkTextLine(string $val) : string
     {
+        // remove invalid characters
+        $val = mb_convert_encoding(trim($val), 'utf-8', 'utf-8');
         // trim non-printable chars
-        return preg_replace(self::PATTERN_TEXT_LINE, '', trim($val));
+        return preg_replace(self::PATTERN_TEXT_LINE, '', $val);
     }
 
     protected static function checkTextBlob(string $val) : string
     {
+        $val = mb_convert_encoding(trim($val), 'utf-8', 'utf-8');
         // trim non-printable chars + excessive whitespaces (pattern includes \r)
-        $str = preg_replace(self::PATTERN_TEXT_BLOB, '', trim($val));
+        $str = preg_replace(self::PATTERN_TEXT_BLOB, '', $val);
         return preg_replace('/ +/', ' ', trim($str));
     }
 
diff --git a/includes/kernel.php b/includes/kernel.php
index 979f7e1d..003da12e 100644
--- a/includes/kernel.php
+++ b/includes/kernel.php
@@ -3,6 +3,7 @@
 namespace Aowow;
 
 mb_internal_encoding('UTF-8');
+mb_substitute_character('none');                            // drop invalid chars entirely instead of replacing them with '?'
 error_reporting(E_ALL);
 mysqli_report(MYSQLI_REPORT_ERROR);