hehe Filter sao đây ta?? ```php function find_news($keyword) { // <START> if (preg_match("/union/i", $keyword)) die('Hacker!'); // </START> $sql = "SELECT id,title,content FROM news WHERE content LIKE '%" . $keyword . "%'"; DEBUG_LOG("SQL: $sql"); return $sql; } ```