diff --git a/public/index.php b/public/index.php
index 0d84aec..728ce28 100644
--- a/public/index.php
+++ b/public/index.php
@@ -15,16 +15,28 @@
query(
+
+ $tag = array_key_exists("tag", $_GET) ? $conn->escape($_GET["tag"]) : null;
+ $sort = array_key_exists("sort", $_GET) ? $_GET["sort"] : "0";
+ $queryFiltered =
+ <<query($queryUnfiltered);
while ($row = $result->fetch_assoc()) {
$name = $row["name"];
$displayName = $row["display_name"];
diff --git a/public/php/mysql_connect.php b/public/php/mysql_connect.php
index 3cdd3c0..d0dcf8e 100644
--- a/public/php/mysql_connect.php
+++ b/public/php/mysql_connect.php
@@ -32,6 +32,10 @@ class MySQLConnection {
$this->mysqli->select_db($dbName);
}
+ public function escape(string $string): string{
+ return $this->mysqli->real_escape_string($string);
+ }
+
public function __destruct() {
$this->mysqli->close();
}