How to make HTML dropdown list with values from database

Question

I have MySQL database table like this:

Id   Value
1    Etc1
2    Etc2
3    Etc3
4    Etc4

I need to achieve HTML list like this dynamically populating data from table above:

<select>
   <option value="1">Etc1</option>
   <option value="2">Etc2</option>
   <option value="3">Etc3</option>
   <option value="4">Etc4</option>
</select>

Using PHP I could do something like:

$sql = "SELECT Id, Value FROM Tbl";
$result = mysql_query($sql);

echo "<select>";
while ($row = mysql_fetch_array($result)) {
    echo "<option value='" . $row['Id'] ."'>" . $row['Value'] ."</option>";
}
echo "</select>";

But in this case I can't use HTML extension, what means that my website address will be like:

www.mysite.com/something/index.php

instead of:

www.mysite.com/something/

Maybe It sounds silly, but It is good practice to let user access PHP files? I thought that better way is when user is redirecting to HTML files. (I don't know If there is any real disadvantage of redirecting to PHP files, but It looks better when redirecting to HTML file like .../something/ instead of .../something/index.php)

Or should I write HTML dropdown lists manually without accessing database?

Provide me correct way, please.

Answer 1

From a security perspective, it is not bad practice to let users access PHP files.

It might be prettier to remove the extension, but it is not relevant to security. Even if you rewrite the urls via .htaccess or if you fetch the values via Ajax, as both have been suggested, you still access PHP files.
The only difference is appereance - if that is important to you, hide the extension, but you'll still be accessing PHP files - if you want to fetch the option values via PHP (there's nothing bad about that), there's no way around it.