how to rewrite search[] to something else with htaccess

I have 开发者_如何学JAVAcreated a search form with get method. But when the url looks like this search.php?search[] or search?search[] (mod_rewrite) then I get a sql fattal error. It's passing an array and I want to avoid that problem.

my question is how do I redirect a person from that url to search.php

It sounds like you are directly passing the ?search[] query string variable into your SQL. mod_rewrite won't fix this for you... what if I decide to call your page with http://www.yoursite.com/search.php?search=;DROP TABLE users;? You simply aren't able to use mod_rewrite to predict all the bad kinds of input that a user can come up with.

Your code needs to be doing input validation and sanitization. You must assume that everything your script receives from the user is malicious and dangerous. That includes all data inside $_GET, $_POST and $_COOKIE.

The right solution here is to check that $_GET['search'] is a valid value to be passing to your SQL. Something like:

if (is_string($_GET['search']) && ! empty($_GET['search']) {
    //escape the input properly using your database-specific method, e.g.:
    $searchParam = mysql_real_escape_string($_GET['search']);
    //run your query with the escaped data
}

At a minimum, that would ensure that your passed in search variable was not an empty string.