* Sunda Cyber Army 2k17 *
Indonesia Defacer ~

© | FaceBook | Youtube | ©
?? | HackersId | DefacerId | ??
?? | Website | ??
?? | Tools | ??

Path : /home/dent/public_html/dvdimages/

File Upload :

Current File : /home/dent/public_html/dvdimages/results_files.php

<?php
if(empty($_REQUEST['genre'])) {
    header('Location: search.php');
}

$host = "webdev.iyaclasses.com";
$user = "dent";
$userpw = "";
$db="dent_dvdimages";

include "../pdloginvariables.php";

$db="dent_dvdimages";

$mysql = new mysqli(
    $host,
    $userid,
    $userpw,
    $db
);

if($mysql->connect_errno) {
    echo "db connection error : " . $mysql->connect_error;
    exit();
}
?>
<html>
<head>
    <title>Movie search</title>
<style>
    body {
        background-color: burlywood;
        margin: 0 200px;
        text-align: center;
    }

    #container {
        padding: 30px;
        margin-top: 100px;
        background-color: olive;
        width: 650px;
        text-align: left;
        color:white;
    }

    .label {
        float:left;
        clear:both;
        width: 120px;
    }
    .title {
        width: 500px;
        clear:both;
        float:left;
    }

    .link {
        width: 100px;
        float:left;
        margin-left: 50px;

    }
    .thumb {
        width: 40px; float:left;
    }
</style>
</head>
<body>
<div id="container">
    <h1> Search results<hr></h1>

<?php
$sql = 		"SELECT * FROM movieView2 WHERE title LIKE '%" .
            $_REQUEST['title'] . "%'";
if($_REQUEST['rating'] != "ALL") {
    $sql .= " AND rating ='" . $_REQUEST["rating"] . "'";
}
if($_REQUEST['genre'] != "ALL") {
    $sql .=		" AND genre = '" . $_REQUEST["genre"] . "'";
}
$sql .= " ORDER BY ". $_REQUEST['orderby'];

$results = $mysql->query($sql);

if(!$results) {
 	echo "Your SQL: " . $sql . "<br><br>";
    echo "SQL Error: " . mysqli_error($conn);
    exit();
}

// echo "<em>You searched for Title: " . $_REQUEST['title'] . " and Rating: " . $_REQUEST['rating'] . " and Genre: " . $_REQUEST['genre'] . "</em>";
// echo "<br><br>";
// echo "<em>(SQL: " . $sql . "</em>)";
// echo "<br><br>";
echo "<em>Your results returned <strong>" .
    $results->num_rows .
    "</strong> results.</em>";
echo "<br><br>";

while($currentrow = $results->fetch_assoc()) {
    echo "<div class='title'><strong>" .
        "<img src='" . $currentrow['imageurl'] . "' class='thumb'>" .
        "<a href='details_files.php?recordid=" .
        $currentrow['dvd_title_id'] . "'>" .
        $currentrow['title'] .
        "</a></strong>".
        " (<em>Rated " . $currentrow['rating'] . "</em>) </div>" .
        "<div class='link'>" . "[<a href='edit_files.php?id=" . $currentrow['dvd_title_id'] . "'>Edit</a>]  " . "</div>"  .
        "<br style='clear:both;'>";

}
?>


</div>

</body></html>