This function will remove all suspicious characters from a $_GET parameter. This has only a security reason. Source: https://stackoverflow.com/a/1886296
/**
* This function will remove all suspicious characters from a $_GET parameter
*
* @param $url
* @return array|string|string[]|null
*/
protected function filterUrl($url)
{
if (is_array($url))
{
foreach ($url as $key => $value)
{
// recurssion
$url[$key] = $this->filterUrl($value);
}
return $url;
}
else
{
// remove everything except for a-zA-Z0-9_.-&=
$url = preg_replace('/[^a-zA-Z0-9_\.\-&=]/', '', $url);
return $url;
}
}