<?php require_once 'app/templater.php'; # Make sure we have our requested film if (isset($_GET['film'])) { # Instantiate a new view $view = new templater('views/movies-view.php'); # Basic protection from script injection (you MUST do more if this will be sent to a database, see https://www.owasp.org/index.php/SQL_Injection) $output = htmlentities($_GET['film']); # Handle bad inputs if (strlen($output) < 1) { $output = 'Invalid input'; } # Set variable and render template $view->set('choice', $output); $view->render(); } else { # Redirect for errors header('Location:index.php'); }