<?php include_once 'database.php'; $sug = get_suggestion(); ?> <!DOCTYPE html> <html> <head> <title></title> </head> <body> <h3>Suggestions</h3> <hr/> <?php foreach ($sug as $g) { ?> <div><?php echo $g['message']; ?> </div> <hr/> <?php } ?> </body> </html>
<?php require('lib/db_info.php'); require('authentication.php'); //require('mysqlnd_polyfill.php'); //make switch case to do get, post, delete from $_GET array $action = $_GET['action']; switch($action) { case 'get_suggestion': get_suggestion(); break; case 'post_suggestion': post_suggestion(); break; case 'edit_suggestion': edit_suggestion(); break; case 'delete_suggestion': delete_suggestion(); break; default: break; } //get_suggestion(); function get_suggestion(){ global $conn; //sanatize tho $table_name = $_GET['tableName']; $suggestion_id = $_GET['id']; //make sure the table being requested in the right table name and not something like an injection command $accepted_tables = get_tables(); if(in_array($table_name, $accepted_tables)){ $table_name = htmlspecialchars($table_name);