$action = $_GET['act']; } if ($action == "all") { require_once 'dbConnection.php'; require_once 'wishClass.php'; $connection = new dbConnection(); $status = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['status'])); $owner = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['owner'])); $performer = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['performer'])); $moneyFrom = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['moneyFrom'])); $moneyTo = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['moneyTo'])); $pointsFrom = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['pointsFrom'])); $pointsTo = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['pointsTo'])); $rankFrom = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['rankFrom'])); $rankTo = preg_replace("/[^0-9,.]/", "", $connection->escape($_POST['rankTo'])); $wishes = wishClass::selectAll($status, $owner, $performer, $moneyFrom, $moneyTo, $pointsFrom, $pointsTo, $rankFrom, $rankTo); if (!isset($_SESSION['count'])) { $_SESSION['count'] = 0; } foreach ($wishes as $wish) { if (!file_exists("images/profiles/{$wish->ownerId}.jpg")) { $profileImage = 'not-found.png'; } else { $profileImage = $wish->ownerId . '.jpg' . '?' . time(); } if ($wish->status == 0) { $statusHTML = "<div class=\"innerA\"><h3>Active</h3></div>"; } elseif ($wish->status == 2) { $statusHTML = "<div class=\"innerD\"><h3>Done</h3></div>"; } echo <<<HTML