Sunda Cyber Army


* Sunda Cyber Army 2k17 *
Indonesia Defacer ~

� | FaceBook | Youtube | �
?? | HackersId | DefacerId | ??
?? | Website | ??
?? | Tools | ??

Path : /home/dent/public_html/demos2023/
File Upload :
Current File : /home/dent/public_html/demos2023/results_pagination.php

<?php
if(empty($_REQUEST['genre'])) {
    echo "Error. Please use the Search page.";
    exit();
}

$host = "webdev.iyaserver.com";
$userid = "[youruserid]";
$userpw = "[yourpw]";
$db = "[database name]";

include '../pdloginvariables.php';

$mysql = new mysqli(
    $host,
    $userid,
    $userpw,
    $db
);

if($mysql->connect_errno) {
    echo "db connection error : " . $mysql->connect_error;
    exit();
}
?>
<html>
<head>
    <title>Movie search</title>
    <style>
        body {
            background-color: burlywood;
            margin: 0 200px;
            text-align: center;
        }

        #container {
            padding: 30px;
            margin-top: 100px;
            background-color: olive;
            width: 650px;
            text-align: left;
            color:white;
        }

        .label {
            float:left;
            clear:both;
            width: 120px;
        }
        .title {
            width: 500px;
            clear:both;
            float:left;
        }

        .link {
            width: 100px;
            float:left;
            margin-left: 50px;

        }
        .thumb {
            width: 40px; float:left;
        }
    </style>
</head>
<body>
<div id="container">
    <h1> Search results<hr></h1>

    <?php
    $sql = 		"SELECT * FROM movieView2 WHERE title LIKE '%" .
        $_REQUEST['title'] . "%' ";
    if($_REQUEST['rating'] != "ALL") {
        $sql .= " AND rating ='" . $_REQUEST["rating"] . "'";
    }
    if($_REQUEST['genre'] != "ALL") {
        $sql .=		" AND genre = '" . $_REQUEST["genre"] . "'";
    }
    $sql .= " ORDER BY ". $_REQUEST['orderby'];

    $results = $mysql->query($sql);

    if(!$results) {
        echo "Your SQL: " . $sql . "<br><br>";
        echo "SQL Error: " . mysqli_error($conn);
        exit();
    }

    // echo "<em>You searched for Title: " . $_REQUEST['title'] . " and Rating: " . $_REQUEST['rating'] . " and Genre: " . $_REQUEST['genre'] . "</em>";
    // echo "<br><br>";
    // echo "<em>(SQL: " . $sql . "</em>)";
    // echo "<br><br>";
    if(empty($_REQUEST["start"])) {
        $start = 1;
    } else  {
        $start = $_REQUEST["start"];
    }
    $end = ($start + 9);
    if($end > $results->num_rows) {
        $end = $results->num_rows;
    }

    $i = $start;

    $results->data_seek($start-1);

    echo "<em>Your results returned <strong>" .
        $results->num_rows .
        "</strong> results.</em>"  .
        " Displaying records " . $start . " through " . $end . ".";
    echo "<br><br>";

    $searchstring = "&genre=" . $_REQUEST["genre"] .
                    "&title=" . $_REQUEST["title"] .
                    "&rating=" . $_REQUEST["rating"] .
                    "&orderby=" . $_REQUEST["orderby"];

    if($start > 1) {
        echo "<a href='results_pagination.php?start=" . ($start - 10) .
            $searchstring .
            "'>Prev</a>";
    }

    if($end < $results->num_rows) {
        echo "<a href='results_pagination.php?start=" . ($start + 10) .
            $searchstring .
            "'>Next</a>";
    }

    while($currentrow = $results->fetch_assoc()) {
        echo "<div class='title'><strong>" . $i . ") " .
            $currentrow['title'] .
            "</strong>".
            " (<em>Rated " . $currentrow['rating'] . "</em>) </div>" .
            "<br style='clear:both;'>";

        if($i == $end) {
            break;
        }

        $i++;
    }
    ?>


</div>

</body></html>