<?php

    session_name('chat_hw10');
    session_start();
    if (empty($_SESSION['username']))
    {
        header("Location: login.php");
        exit;
    }

    // These headers ALLOW cross-site requests from qxlp.net to occur.
    header("Access-Control-Allow-Origin: http://qxlp.net");
    header("Access-Control-Allow-Credentials: true");

    include("connect.php");

    $get_messages_query = $db->prepare("
        SELECT * FROM `messages`
        WHERE `messageid` > :messageid
        ORDER BY `messageid` ASC
    ");

    $get_messages_query->execute(array(
        ':messageid' => $_GET['messageid']
    ));

    echo json_encode($get_messages_query->fetchAll());

?>