What if I pass my searching params in uri request in json-format like this:
http://example.com/?search={"title":"Some+Title","category":12}
instead of
http://example.com/?title=Some+Title&category=12
Before decode json-request I can filter it with some functions like strip_tags(), strpslashes(), etc... But I can do the same with $_SERVER['QUERY_STRING'] with serialize()/unserialize(). Or apply string-filters to N string-params of request, not once to whole request.
Which way do you think will be better, usable and faster to process?
With json
$request = $_GET['search'];
$request = stripslaches(strip_tags($request));
$params = json_decode($request);