i have that simple PHP codes is it secure enough or needs some other workflow ? and to manage my web app (i use Reactjs) the update and delete and select of different rows of my database , dose its better to separate this statements codes in different PHP files or using an if() in one PHP file to check which operation to execute is a better idea ?
select :
<?php
header('Access-Control-Allow-Origin: *');
header('Content-type: application/json');
$serverName = "localhost";
$userName = "root";
$userPassword = "";
$dataBase = "todosdbs";
$con = new mysqli($serverName,$userName,$userPassword,$dataBase);
$stmt = $con->prepare("SELECT * FROM todostable");
$stmt->execute();
$result = $stmt->get_result();
$todosArray = $result->fetch_all(MYSQLI_ASSOC);
$todosArrayJSON = json_encode($todosArray);
echo $todosArrayJSON;
$stmt->close();
$con->close();
?>
insert :
<?php
header("Access-Control-Allow-Headers: *");
/*header('Content-type: application/json');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE ');*/
$data = json_decode(file_get_contents('php://input'),false);
$serverName = "localhost";
$userName = "root";
$userPassword = "";
$dataBase = "todosdbs";
$con = new mysqli($serverName,$userName,$userPassword,$dataBase);
$stmt = $con->prepare("INSERT INTO todostable (text,isDoneChecked,isEDitable,isRemoved) VALUES(?,?,?,?)");
$stmt->bind_param("siii",$data->text,intval($data->isEditable),intval($data->isDoneChecked),intval($data->isRemoved));
$stmt->execute();
$stmt->close();
$con->close();
?>
