<?php $query = $_GET['q']; $category = $_GET['catid']; if(check_string($query)) { $query = filter_string($query); } else { echo "Error: Variable is not a string."; die; } function check_string($str) { return preg_match("/^\w+$/", (string)$str); } function filter_string($str) { return preg_replace('/^(.*)$/ie', "filter_function(\"\\1\")", $str); } function filter_function($str) { // do encoding / filtering etc. here return $str; } ?>
You have javascript disabled. You will not be able to edit any code.