diff --git a/test/index.php b/test/index.php
index 0a56b64..322ad88 100644
--- a/test/index.php
+++ b/test/index.php
@@ -1,13 +1,34 @@
 <?php
 declare(strict_types=1);
 
-// Validate input exists
-if (!isset($_GET['test'])) {
-    die('Invalid input');
-}
+try {
+    // Database connection (adjust these parameters according to your setup)
+    $pdo = new PDO("mysql:host=localhost;dbname=yourdb;charset=utf8mb4", "username", "password", [
+        PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
+        PDO::ATTR_EMULATE_PREPARES => false
+    ]);
+
+    // Validate input exists
+    if (!isset($_GET['test'])) {
+        die('Invalid input');
+    }
 
-// Convert to string and apply strict XSS protection
-$input = (string)$_GET['test'];
-echo htmlspecialchars($input, ENT_QUOTES | ENT_HTML5, 'UTF-8', true);
+    // Convert to string and apply XSS protection for output
+    $input = (string)$_GET['test'];
+    
+    // Prepare and execute the query safely
+    $stmt = $pdo->prepare('SELECT * FROM yourtable WHERE column = ?');
+    $stmt->execute([$input]);
+    
+    // Fetch and display results with XSS protection
+    $result = $stmt->fetch(PDO::FETCH_ASSOC);
+    if ($result) {
+        echo htmlspecialchars(json_encode($result), ENT_QUOTES | ENT_HTML5, 'UTF-8', true);
+    }
 
+} catch (PDOException $e) {
+    // Log the error securely (don't expose details to users in production)
+    error_log($e->getMessage());
+    die('An error occurred');
+}
 ?>