<?php $_GET['search'] = "' onclick='alert(1337)"; ?> <input name=search value='<?= htmlspecialchars($_GET['search']); ?>'>
You have javascript disabled. You will not be able to edit any code.