First version, for githup; UNSTABLE, DO NOT USE!

www/intern/scripts/logindata/ajax-neu_programm.php

@@ -0,0 +1,84 @@
+<?php
+header('Content-Type: application/json');
+
+if (session_status() !== PHP_SESSION_ACTIVE) session_start();
+
+if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
+    http_response_code(403);
+    exit;
+}
+
+$token = isset($_GET['token']) ? $_GET['token'] : '';
+
+if ($token !== 'sWZ4GxbsoVhUPk5zhjH0uU9hets3zV2KsV8CZUvAWCCRk4uuuDr9vfFVgxWqr5FtDttbtm50EdWK9YxuMPswGZBQZFHAUAET1aG1'){
+	echo json_encode(['success' => false, 'message' => '500 Error - Critical Server Error']);
+    exit;
+}
+
+if (!isset($baseDir)) {
+	$baseDir = $_SERVER['DOCUMENT_ROOT'];
+}
+
+$type = 'wkl';
+
+$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
+
+if ($data['success'] === false){
+	echo json_encode(['success' => false, 'message' => $data['message']]);
+    exit; 
+}
+
+require $baseDir . '/../scripts/db/db-tables.php';
+
+$value = isset($_GET['value']) ? preg_replace('/[^a-zA-Z0-9\s\-"]/u', '', $_GET['value']) : '';
+
+if (!$value || $value === ''){
+    echo json_encode(['success' => false, 'message' => 'No input']);
+    exit;
+}
+
+
+// ---------- Step 2: Get values from DB ----------
+
+
+$stmt = $mysqli->prepare("INSERT INTO `$tableProgramme` (programm) VALUES (?)");
+if (!$stmt) {
+    echo json_encode(['success' => false, 'message' => 'Critical DB ERROR']);
+    exit;
+}
+
+$stmt->bind_param("s", $value);
+$success = $stmt->execute();
+$stmt->close();
+
+if (!$success) {
+    echo json_encode(['success' => false, 'message' => 'Insert failed']);
+    exit;
+}
+
+// Fetch all rows
+$query2 = "SELECT * FROM `$tableProgramme` ORDER BY programm ASC";
+$programme = $mysqli->query($query2);
+
+if (!$programme) {
+    echo json_encode(['success' => false, 'message' => 'Select failed']);
+    exit;
+}
+
+$output = [];
+while ($entry = $programme->fetch_assoc()) {
+    $output[] = [
+        'id' => $entry['id'],
+        'programm' => $entry['programm'],
+        'aktiv' => intval($entry['aktiv']),
+        'preis' => floatval($entry['preis'])
+    ];
+}
+
+// Return JSON
+echo json_encode([
+    'success' => true,
+    'output' => $output,
+    'message' => $value.' hinzugefügt'
+]);
+exit;