<?php header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Headers: access"); header("Access-Control-Allow-Methods: GET"); header("Access-Control-Allow-Credentials: true"); header("Content-Type: application/json; charset=UTF-8"); function getResponse() { if (!isset($_GET['id']) || !ctype_digit($_GET['id'])) { return ['message' => 'Missing/Invalid identifier provided']; } include_once('config_setup.php'); $sql = "SELECT id, caption, filename, description2 FROM photographs WHERE id = " . $_GET['id']; $result = mysqli_query($db, $sql); if (!$result) { return ['message' => 'Please contact the dev team.']; } $photo = mysqli_fetch_assoc($result); if (!$photo) { return ['message' => 'No product.']; } $url = 'http://localhost/photo_gallery/public/files/images/'; $allowed = '<div><img><h1><h2><p><br><strong><em><ul><li><table><td><tr><th><tbody>'; return [ 'id' => urlencode(htmlspecialchars($photo['id'])), 'caption' => htmlspecialchars($photo['caption']), 'filename' => $url . htmlspecialchars($photo['filename']), 'description2' => strip_tags($photo['description2'], $allowed), ]; } $response = getResponse(); http_response_code(isset($response['message']) ? 404 : 200); echo json_encode($response);
You have javascript disabled. You will not be able to edit any code.