This is invalid. the variable q is taken, split into words, and then each word is escaped for usage within the DB. Once again, this is invalid