From c0e901a90ace369dbc1e3b1f1b23f4ee3c0e2c3c Mon Sep 17 00:00:00 2001
From: Chris Kankiewicz <Chris@ChrisKankiewicz.com>
Date: Sun, 5 Jan 2020 20:45:18 -0700
Subject: [PATCH] Escape regular expression characters in search string

---
 app/Controllers/DirectoryController.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/Controllers/DirectoryController.php b/app/Controllers/DirectoryController.php
index d08a16d..69a1f1b 100644
--- a/app/Controllers/DirectoryController.php
+++ b/app/Controllers/DirectoryController.php
@@ -58,7 +58,9 @@ class DirectoryController
         }
 
         if ($search = $request->getQueryParams()['search'] ?? false) {
-            $files->name(sprintf('/(?:.*)%s(?:.*)/i', $search));
+            $files->name(
+                sprintf('/(?:.*)%s(?:.*)/i', preg_quote($search, '/'))
+            );
         } else {
             $files->depth(0);
         }