PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
]);
} catch (PDOException $e) {
die("Database connection failed: " . $e->getMessage());
}
// Retrieve and sanitize GET parameters
$activityIds = isset($_GET['activity_ids']) ? $_GET['activity_ids'] : '';
$activityIds = explode(',', $activityIds);
$sanitizedIds = [];
foreach ($activityIds as $id) {
if (ctype_digit($id) && (int)$id >= 0 && (int)$id <= 256) {
$sanitizedIds[] = (int)$id;
}
}
if (empty($sanitizedIds)) {
die("No valid activity IDs provided.");
}
// Create a query to get itemIDs
$placeholders = implode(',', array_fill(0, count($sanitizedIds), '?'));
$sql = "SELECT itemID FROM item_activity_map WHERE activityID IN ($placeholders)";
$stmt = $pdo->prepare($sql);
$stmt->execute($sanitizedIds);
$itemIDs = $stmt->fetchAll(PDO::FETCH_COLUMN);
if (empty($itemIDs)) {
die("No matching item IDs found.");
}
// Retrieve item names based on itemIDs
$placeholders = implode(',', array_fill(0, count($itemIDs), '?'));
$sql = "SELECT itemID, itemName FROM item_names WHERE itemID IN ($placeholders)";
$stmt = $pdo->prepare($sql);
$stmt->execute($itemIDs);
$items = $stmt->fetchAll();
?>
Your packing list
You need
";
echo "";
echo "";
?>