API key exposed in the code #1
Description
https://github.com/WenNingz/TMDB-API/blob/27b26d702efebabc2e852d88353b3557091f86cd/searchData.php#L3
You might want to invalidate this key and use an environmental variable for a new, regenerated key. Since anyone can (ab)use this key at the moment.
Proof it's still active: https://api.themoviedb.org/3/search/movie?api_key=b02cc9599b562a85e12cabc7814de340&language=en-US&query=the+room&page=1
Suggested solution: Use PHP dotenv: https://github.com/vlucas/phpdotenv
Important excerpt:
You should never store sensitive credentials in your code. Storing configuration in the environment is one of the tenets of a twelve-factor app. Anything that is likely to change between deployment environments – such as database credentials or credentials for 3rd party services – should be extracted from the code into environment variables.