diff --git a/calendar/inc/class.soholiday.inc.php b/calendar/inc/class.soholiday.inc.php
index 3f3c3a8079..d575a7fcbf 100755
--- a/calendar/inc/class.soholiday.inc.php
+++ b/calendar/inc/class.soholiday.inc.php
@@ -162,10 +162,10 @@
 			$querymethod = '';
 			if($query)
 			{
-				$querymethod .= " WHERE hol_locale LIKE ".$this->db->quote('%'.$query.'%');
+				$querymethod = 'hol_locale LIKE '.$this->db->quote('%'.$query.'%');
 			}
 		
-			if(preg_match('/[a-zA-Z0-9_,]+/',$order))
+			if(preg_match('/^[a-zA-Z0-9_,]+$/',$order))
 			{
 				$querymethod .= ' ORDER BY '.$order;
 			}