1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
| <?php
require 'Database.php';
// fonction d'échappement des caractères dangereux
$hsc = function($p) { return htmlspecialchars($p, ENT_QUOTES, 'utf-8'); };
$lame = $_POST['cat_lame'] ?? '';
$db = Database::connect();
if ($lame === 'PVC') {
$sql = 'SELECT id_lame, desc_lame, embout, ref_lame FROM type_lame WHERE cat_lame = "PVC" ORDER BY ref_lame DESC';}
elseif ($lame === 'POLY') {
$sql = 'SELECT id_lame, desc_lame, embout, ref_lame FROM type_lame WHERE cat_lame = "POLY" ORDER BY ref_lame DESC';
}
$options = [];
foreach ($db->query($sql) as $data) {
$embout = empty($data['embout']) ? '' : $hsc(" embout {$data['embout']}");
$options[] = '<option value="'.$hsc($data['ref_lame']).'">'.$hsc($data['desc_lame']).$embout.'</option>';
}
$options = implode('', $options);
echo (<<<html
<div class="container">
<div class="form-group">
<select class="form-control" id="type_lame" name="ref_lame" onchange="detailLame()">
{$options}
</select>
</div>
</div>
html
);
?> |
Partager