I have a simple class to work with viewing the people who are blacklisted in my web application. Here is the index.php
require_once "../model/ViewBlacklist.php";
// Handling a navigation to the webpage
try {
$viewBlacklist = new ViewBlacklist("view-blacklists.php", "View Blacklists", $navForUser);
} catch (Exception $ex) {
echo $ex->getMessage();
}
Here is the ViewBlacklist
class:
class ViewBlacklist {
function __construct(string $page, string $pageTitle, string $navbar) {
if (empty($_POST) && empty($_GET) && empty(file_get_contents("php://input"))) {
$_SESSION["CSRFTOKEN"] = hash("sha512", random_bytes(64));
$csrfToken = $_SESSION["CSRFTOKEN"];
$pageTitle = $pageTitle;
$navForUser = $navbar;
$usernameBlacklist = "<table id='usernameBlacklistTable'>";
$usernameBlacklist .= "<thead><tr><th>Username</th><th>Time Blocked</th><th>When time will expire</th><th>Remove Blacklist?</th></tr></thead>";
$usernameBlacklist .= "<tbody>";
$usernameBlacklist .= $this->getBlacklistedUsernames();
$usernameBlacklist .= "</tbody>";
$usernameBlacklist .= "</table>";
$ipAddressBlacklist = "<table id='ipAddressBlacklistTable'>";
$ipAddressBlacklist .= "<thead><th>Ip Address</th><th>Time Blocked</th><th>When time will expire</th><th>Remove Blacklist?</th></thead>";
$ipAddressBlacklist .= "<tbody>";
$ipAddressBlacklist .= $this->getBlacklistedIps();
$ipAddressBlacklist .= "</tbody>";
$ipAddressBlacklist .= "</table>";
include_once $page;
exit;
}
}
private function getBlacklistedUsernames() : string {
$blacklistedUsernames = "";
$initDB = new DatabaseConfig();
$db = $initDB->start_db();
$sql = "SELECT username, added, allowed FROM blacklisted_users";
$stmt = $db->prepare($sql);
$stmt->execute();
$data = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt->closeCursor();
if (!empty($data)) {
var_dump($data);
} else {
return "<tr><p class='empty-table-return'>There are no blacklisted usernames</p></tr>";
}
}
private function getBlacklistedIps() : string {
$blacklistedUsernames = "";
$initDB = new DatabaseConfig();
$db = $initDB->start_db();
$sql = "SELECT ip_add, added, allowed FROM blacklisted_ips";
$stmt = $db->prepare($sql);
$stmt->execute();
$data = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt->closeCursor();
if (!empty($data)) {
var_dump($data);
} else {
return "<tr><p class='empty-table-return'>There are no blacklisted IP addresses</p></tr>";
}
}
}
The problem is, where I'm calling $this->getBlacklistedUsernames();
or $this->getBlacklistedIps()
the return from that data (which is currently in the else, because nothing lives in my blacklist tables right now) is going above my tables, so the words There are no blacklisted usernames
appear above the entire <table>
element contained in the variable $usernameBlacklist
and the same for the ip addresses. Here is how it is called in the frontend:
<?php include_once "../header.php"; include_once "../nav.php"; ?>
<?php echo $usernameBlacklist; echo $ipAddressBlacklist; ?>
<?php include_once "../footer.php";
What is making my return from my get...()
functions appear above the variable they're concatenated into?