Fix SQL injection in table.php

Cast $drg to int before interpolating into queries. The variable comes
from $_GET['drg'] in the parent file and was previously unsanitised.
The ?? 0 fallback handles the include-file case where $drg may not yet
be set in the calling scope.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

table.php

@@ -1,8 +1,9 @@
 <?php
 require_once 'connection.php';
 
+$drg = (int)($drg ?? 0);
 
-$result = mysqli_query($con, " SELECT * FROM `details` WHERE  drg = $drg ORDER BY drg ASC ");
+$result = mysqli_query($con, " SELECT * FROM `details` WHERE drg = $drg ORDER BY drg ASC ");
 
 
 if (!$result) {