TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1d7a50709ebbeb6cfd598c9be91da310ff9f9786
4WDCSA.co.za/fetch_drinks.php
twotalesanimation 45523720ea Remove: Deprecated MySQLi functions - convert to OOP prepared statements 
- create_bar_tab.php: Replaced mysqli_real_escape_string() and procedural mysqli_query/mysqli_num_rows/mysqli_error with OOP prepared statements
- submit_order.php: Replaced mysqli_real_escape_string() and procedural mysqli_query/mysqli_error with OOP prepared statements
- fetch_drinks.php: Replaced mysqli_real_escape_string() and procedural mysqli_query/mysqli_fetch_assoc with OOP prepared statements
- comment_box.php: Removed mysqli_real_escape_string(), added CSRF token validation for comment submission

All files now use consistent OOP MySQLi approach with proper parameter binding. Fixes PHP 8.1+ compatibility and improves security against multi-byte character injection.
2025-12-03 19:52:54 +02:00

29 lines
672 B
PHP
Raw Blame History

<?php
require_once("connection.php");
if (isset($_GET['tab_id'])) {
$tab_id = (int) $_GET['tab_id']; // Convert to integer
if ($tab_id <= 0) {
echo json_encode(['status' => 'error', 'message' => 'Invalid tab ID.']);
exit();
}
// Fetch drinks available for this tab
$stmt = $conn->prepare("SELECT * FROM bar_items");
$stmt->execute();
$result = $stmt->get_result();
$drinks = [];
while ($row = $result->fetch_assoc()) {
$drinks[] = $row;
}
echo json_encode($drinks);
} else {
echo json_encode(['status' => 'error', 'message' => 'Tab ID is required.']);
}
?>
Reference in New Issue View Git Blame Copy Permalink