hello
i want to add search functionality to my website .
my task is to get input from user then check it if its domain like google.com then (do work 1).... else if keyword like news etc then search database
so i made search.php
mysql_query("SELECT * FROM `table` WHERE `title` LIKE '%$keyword%' OR `descrption` LIKE '%$keyword%' LIMIT 0 , 30");
now when i use php header function am unable to send get argument to search.php
header("location: $siteurl/search.php?q=$url3");
so please help me with it or give me another alternate solution actually when i take input from user then i check it another php script that its domain or keyword after that i have to send it to search.php
also for security analysis : please tell me that is it ok that directly send userinput to database or first do some filteration to avoid sql injection