Untitled
<?php include('../db/db_connection.php'); // Log the raw GET request for debugging error_log("GET parameters: " . print_r($_GET, true)); // Ensure the database connection is successful if ($conn === false) { echo json_encode(['success' => false, 'error' => 'Database connection failed.']); exit; } // Validate student_id if (empty($_GET['student_id']) || !is_numeric($_GET['student_id'])) { error_log("Invalid or missing student_id."); // Log the issue echo json_encode(['success' => false, 'error' => 'Invalid or missing Student ID.']); exit; } // Get the student ID from the request $Student_id = intval($_GET['student_id']); // Sanitize and cast input to integer error_log("Fetching student with ID: " . $Student_id); // Log the student ID // Parameterized query to prevent SQL injection $strsql = "SELECT * FROM tbl_counseling WHERE student_id = ?"; $params = array($Student_id); $query = sqlsrv_query($conn, $strsql, $params); if ($query === false) { error_log(print_r(sqlsrv_errors(), true)); // Log SQL Server errors echo json_encode(['success' => false, 'error' => 'Query execution failed.']); exit; } // Fetch the result $row = sqlsrv_fetch_array($query, SQLSRV_FETCH_ASSOC); // Return the result if ($row) { echo json_encode(['success' => true, 'data' => $row]); } else { echo json_encode(['success' => false, 'error' => 'No results found']); } exit; ?>
Leave a Comment