MOON
Server: Apache
System: Linux smtp.modiva.org 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
User: rtbrisc (1005)
PHP: 8.1.34
Disabled: NONE
Upload Files
File: /home/rtbrisc/www/admin/api/category.php
<?php
session_start();

	if (isset($_SERVER['HTTP_ORIGIN'])) {
        header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
        header('Access-Control-Allow-Credentials: true');
        header('Access-Control-Max-Age: 86400');    // cache for 1 day
	}
	
    // Access-Control headers are received during OPTIONS requests
    if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
            header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
            header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
        exit(0);
    }

   $postdata = file_get_contents("php://input");

if (isset($postdata)) {

	$request = json_decode($postdata);

	$category = $request->txtCategory;

	date_default_timezone_set("Africa/Lagos");
	require_once('connect/staff.php');

    // To protect MySQL injection for Security purpose
    // Preparatory (Lower Class), Preparatory (Upper Class), Junior Secondary, Senior Secondary
	$Category = stripslashes($category);


	$CategoryID = str_pad(mt_rand(1,9999),4,'0',STR_PAD_LEFT);
    $Category = $db->real_escape_string($Category);
    $outp = "";

	$check = "SELECT count(*) FROM tblcategory WHERE CategoryID = '$CategoryID' || Category ='$Category'";
	$rs = mysqli_query($db, $check);
	$data = mysqli_fetch_array($rs, MYSQLI_NUM);
	//print_r($data);
	if($data[0] > 0) {
			$outp = '{"result":{"created": "0" , "exists": "1" } }';
	}else{

		$cat = "INSERT INTO tblcategory (CategoryID, Category) VALUES ('$CategoryID', '$Category')";
		
		if ($db->query($cat) === TRUE) {
			$outp = '{"result":{"created": "1" , "exists": "0" } }';
		}else{
			$outp = '{"result":{"created": "-1" , "exists": "0" } }';
		}
	}
	echo $outp;
	$db->close();
}
?>