'.$testMatch.' is not valid.
'; echo 'Parameter serviceType is not valid (wms, wfs).
'; die(); } $serviceType = $testMatch; $testMatch = NULL; } if (isset($_REQUEST["id"]) & $_REQUEST["id"] != "") { //validate integer $testMatch = $_REQUEST["id"]; //give max 99 entries - more will be to slow $pattern = '/^[0-9]*$/'; if (!preg_match($pattern,$testMatch)){ echo 'Parameter id is not valid (integer).
'; die(); } $id = $testMatch; $testMatch = NULL; } switch ($serviceType) { case "wms": $sql = "SELECT cap_diff FROM mb_wms_availability WHERE fkey_wms_id = $1"; $v = array($id); break; case "wfs": $sql = "SELECT cap_diff FROM mb_wfs_availability WHERE fkey_wfs_id = $1"; $v = array($id); break; } $t = array('i'); $res = db_prep_query($sql,$v,$t); $cap_diff_row = db_fetch_row($res); $html = urldecode($cap_diff_row[0]); echo $html; ?>