$before_body_input = ""; try { //$_GET['status'] = 'Test'; if (!empty($_GET['status'])) { // for determining which table/column to lookup in sql $status_input = '<p>' . $_GET['status'] . '</p>'; } $id_input = $table_name . '_' . $unique_id; $sql = 'SELECT * FROM ' . $table_name; $statement = $database->prepare($sql); $statement->execute(); $all_rows = $statement->fetchAll(PDO::FETCH_ASSOC); // TODO: if empty, it should just display a blank list with the ability to add more // item must be unique if (empty($all_rows)) { exit(createErrorPage($css_file)); } $title = "View " . $plural_tag; $head_input = createHead($title, "", $css_file, array($js_helper, $js_ui)); $accordian_sections = array(); foreach ($all_rows as $row) { if ($row['primaryType'] === 'Ammunition' || $row['primaryType'] === 'Arcane' || $row['primaryType'] === 'Armor' || $row['primaryType'] === 'Consumable') { $sql = 'SELECT * FROM ' . lcfirst($row['primaryType']) . ' WHERE name=:name'; $statement = $database->prepare($sql); $statement->bindParam(':name', htmlspecialchars($row['name'])); $statement->execute(); $extra_content = $statement->fetch(PDO::FETCH_ASSOC); foreach ($extra_content as $key => $value) { $row[$key] = $value; } }
function execute_request(&$db) { // do not append or prepend anything to output if we have to download $output = v($_REQUEST["type"]) == 'download' ? false : true; if ($output) { startForm($db); } if (isset($_REQUEST["type"])) { $module_requested = $_REQUEST["type"]; $_REQUEST["query"] = trim(v($_REQUEST["query"], ""), " \t\r\n;"); $module = BASE_PATH . "/modules/" . $module_requested . ".php"; if (ctype_alpha($module_requested) && file_exists($module)) { require BASE_PATH . '/config/modules.php'; // check for module access type and allow/disallow as needed if (MODULE_ACCESS_MODE == 'deny' && in_array($module_requested, $DENY_MODULES)) { createErrorPage(); } else { if (MODULE_ACCESS_MODE == 'allow' && !in_array($module_requested, $ALLOW_MODULES)) { createErrorPage(); } else { include $module; function_exists('processRequest') ? processRequest($db) : createErrorGrid($db, ""); } } } else { createErrorPage(); } // unidentified type requested } if ($output) { print "</form>\n"; print "</body></html>"; } }