- preg_match: documentation ( source)
- preg_replace: documentation ( source)
<?php
$query = $_GET['q'];
$category = $_GET['catid'];
if(check_string($query)) {
$query = filter_string($query);
} else {
echo "Error: Variable is not a string.";
die;
}
function check_string($str) {
return preg_match("/^\w+$/", (string)$str);
}
function filter_string($str) {
return preg_replace('/^(.*)$/ie', "filter_function(\"\\1\")", $str);
}
function filter_function($str) {
// do encoding / filtering etc. here
return $str;
}
?>