From bef1628b08782e6d797a7ddece165bfe6ead40d5 Mon Sep 17 00:00:00 2001
From: Shish <shish@shishnet.org>
Date: Fri, 26 Apr 2019 10:31:23 +0100
Subject: [PATCH] also block autocomplete for % / _

---
 ext/autocomplete/main.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/ext/autocomplete/main.php b/ext/autocomplete/main.php
index 84a8c863..0138b469 100644
--- a/ext/autocomplete/main.php
+++ b/ext/autocomplete/main.php
@@ -14,7 +14,12 @@ class AutoComplete extends Extension {
 		if($event->page_matches("api/internal/autocomplete")) {
 			if(!isset($_GET["s"])) return;
 			$s = strtolower($_GET["s"]);
-			if(strlen($s) == 0 || strlen($s) > 32) return;
+			if(
+				$s == '' ||
+				$s == '_' ||
+				$s == '%' ||
+				strlen($s) > 32
+			) return;
 
 			//$limit = 0;
 			$cache_key = "autocomplete-$s";