- str_replace: documentation ( source)
- explode: documentation ( source)
<?php
$badwords = 'base64_decode+union+select';
foreach ($_GET as $key=>&$value){
foreach(explode('+',$badwords) as $badware){
$value=str_replace($badware, $empty_string,$value);
}
}