to prevent sql injection
	if (preg_match("/or/",$urlvar)) $urlvar = $dval;	// check to prevent sql injection
	return $urlvar;
}

?>