I have a form that will allow the client to add a Google Maps link code. I may change this to an embedded map.
Right now, I check all entries in the form to try to avoid code injection. What should I check to allow on a Google map? I am currently using preg_match on my other entries, but so far, I have not found the right combination to eliminate the bad entries and still allow Google Maps links to be added.
Where can I find something that will work, or is there a better solution?