I have a search query from the user and I want to process it before applying to browser. since I'm using SEO with htaccess and the search url looks like this : /search/[user query] I should do something to prevent user from doing naughty things.. :) Like searching ../include/conf.php which will result in giving away my configuration file. I want to process the query like removing spaces, removing dots(which will cause problems), commas,etc. var q = document.getElementById('q').value; var q = q.replace(/ /gi,"+"); var q = q.replace(/../gi,""); document.location='search/'+q; the first replace works just fine but the second one messes with my query.. any solution to replacing this risky characters safely?
Cisco Certified Network Associate Exam,640-802 CCNA All Answers ~100/100. Daily update