From 9bbe95d5e8e3889c9cbd3c0086c1bbee8d83b561 Mon Sep 17 00:00:00 2001
From: Sarjuuk <junkdump@gmx.net>
Date: Fri, 26 Dec 2025 17:13:29 +0100
Subject: [PATCH] =?UTF-8?q?Search/Fixup=20=20*=20partially=20revert=20eb70?=
 =?UTF-8?q?065e0f1da0f0c701cae206211936531384e4=20as=20the=20=20=20=20rege?=
 =?UTF-8?q?x=20without=20the=20/u=20flag=20destroys=20valid=20umlauts=20li?=
 =?UTF-8?q?ke=20'=C3=9F'=20=20*=20convert=20strings=20from=20utf8=20to=20u?=
 =?UTF-8?q?tf8=20instead=20to=20achieve=20the=20same=20effect?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 endpoints/search/search.php                         |  2 +-
 includes/components/response/baseresponse.class.php | 11 +++++++----
 includes/kernel.php                                 |  1 +
 3 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/endpoints/search/search.php b/endpoints/search/search.php
index 4fbe5ec8..7b5ec896 100644
--- a/endpoints/search/search.php
+++ b/endpoints/search/search.php
@@ -76,7 +76,7 @@ class SearchBaseResponse extends TemplateResponse implements ICache
                 if (($canRedirect && $redirectTo) || count($lvData[0]['data']) > 1)
                     $canRedirect = false;
 
-                if ($canRedirect)                                // note - we are very lucky that in case of searches $template is identical to the typeString
+                if ($canRedirect)                           // note - we are very lucky that in case of searches $template is identical to the typeString
                     $redirectTo = '?'.$lvData[1].'='.key($lvData[0]['data']);
             }
         }
diff --git a/includes/components/response/baseresponse.class.php b/includes/components/response/baseresponse.class.php
index 0dd10276..7afdc72d 100644
--- a/includes/components/response/baseresponse.class.php
+++ b/includes/components/response/baseresponse.class.php
@@ -456,8 +456,8 @@ trait TrProfilerList
 
 abstract class BaseResponse
 {
-    protected const PATTERN_TEXT_LINE = '/[\p{Cc}\p{Cf}\p{Co}\p{Cs}\p{Cn}]/i';
-    protected const PATTERN_TEXT_BLOB = '/[\x00-\x09\x0B-\x1F\p{Cf}\p{Co}\p{Cs}\p{Cn}]/i';
+    protected const PATTERN_TEXT_LINE = '/[\p{Cc}\p{Cf}\p{Co}\p{Cs}\p{Cn}]/iu';
+    protected const PATTERN_TEXT_BLOB = '/[\x00-\x09\x0B-\x1F\p{Cf}\p{Co}\p{Cs}\p{Cn}]/iu';
 
     protected static array $sql = [];                       // debug: sql stats container
 
@@ -637,14 +637,17 @@ abstract class BaseResponse
 
     protected static function checkTextLine(string $val) : string
     {
+        // remove invalid characters
+        $val = mb_convert_encoding(trim($val), 'utf-8', 'utf-8');
         // trim non-printable chars
-        return preg_replace(self::PATTERN_TEXT_LINE, '', trim($val));
+        return preg_replace(self::PATTERN_TEXT_LINE, '', $val);
     }
 
     protected static function checkTextBlob(string $val) : string
     {
+        $val = mb_convert_encoding(trim($val), 'utf-8', 'utf-8');
         // trim non-printable chars + excessive whitespaces (pattern includes \r)
-        $str = preg_replace(self::PATTERN_TEXT_BLOB, '', trim($val));
+        $str = preg_replace(self::PATTERN_TEXT_BLOB, '', $val);
         return preg_replace('/ +/', ' ', trim($str));
     }
 
diff --git a/includes/kernel.php b/includes/kernel.php
index 979f7e1d..003da12e 100644
--- a/includes/kernel.php
+++ b/includes/kernel.php
@@ -3,6 +3,7 @@
 namespace Aowow;
 
 mb_internal_encoding('UTF-8');
+mb_substitute_character('none');                            // drop invalid chars entirely instead of replacing them with '?'
 error_reporting(E_ALL);
 mysqli_report(MYSQLI_REPORT_ERROR);