--- _orig/profileplus.module	2009-11-06 15:51:24.000000000 -0500
+++ _modified/profileplus.module	2009-11-07 23:02:48.000000000 -0500
@@ -103,7 +103,11 @@ function profile_search($op = 'search', 
             }
             elseif (user_access('search user profiles')) {
             // non-administrators can only search public fields and active users
-              $sql = "FROM {users} u INNER JOIN {profile_values} pv ON u.uid = pv.uid INNER JOIN {profile_fields} pf ON pv.fid = pf.fid WHERE (pv.value LIKE '%%%s%%' OR u.name LIKE '%%%s%%') AND pf.visibility IN (%d, %d) AND u.status = 1";
+              if (module_exists('profile_privacy')) {  //GMM: honor profile_privacy user settings and search only public fields
+		$sql = "FROM {users} u INNER JOIN {profile_values} pv ON u.uid = pv.uid INNER JOIN {profile_fields} pf ON pv.fid = pf.fid LEFT OUTER JOIN profile_privacy_values ppv ON ppv.uid = pv.uid AND ppv.fid = pv.fid WHERE (pv.value LIKE '%%%s%%' OR u.name LIKE '%%%s%%') AND pf.visibility IN (%d, %d) AND u.status = 1 AND (ppv.private IS NULL OR ppv.private = 0)"; 
+              }else { 
+		$sql = "FROM {users} u INNER JOIN {profile_values} pv ON u.uid = pv.uid INNER JOIN {profile_fields} pf ON pv.fid = pf.fid WHERE (pv.value LIKE '%%%s%%' OR u.name LIKE '%%%s%%') AND pf.visibility IN (%d, %d) AND u.status = 1";
+	      }
               $result = db_query('SELECT DISTINCT u.* '. $sql, $keywords[$j], $keywords[$j], PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS);
             }
 
@@ -137,7 +141,11 @@ function profile_search($op = 'search', 
                   $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d ORDER BY category, weight', PROFILE_HIDDEN);
                 }
                 else {
-                  $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d AND visibility != %d ORDER BY category, weight', PROFILE_PRIVATE, PROFILE_HIDDEN);
+                  if (module_exists('profile_privacy')) {  //GMM: honor profile_privacy user settings and display only public fields
+			$result = db_query('SELECT * FROM {profile_fields} pf LEFT OUTER JOIN profile_privacy_values ppv ON ppv.uid = %d AND ppv.fid = pf.fid WHERE pf.visibility != %d AND pf.visibility != %d AND (ppv.private IS NULL OR ppv.private = 0) ORDER BY category, weight', $user->uid, PROFILE_PRIVATE, PROFILE_HIDDEN);
+		  } else {
+                	$result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d AND visibility != %d ORDER BY category, weight', PROFILE_PRIVATE, PROFILE_HIDDEN);
+		  }
                 }
 
                 $profile_fields = array();