Sunda Cyber Army


* Sunda Cyber Army 2k17 *
Indonesia Defacer ~

© | FaceBook | Youtube | ©
?? | HackersId | DefacerId | ??
?? | Website | ??
?? | Tools | ??

Path : /home/dent/public_html/exams/david/
File Upload :
Current File : /home/dent/public_html/exams/david/results.php

<?php
$DB_HOST = "webdev.iyaserver.com";
$DB_USER = "dent_test";
$DB_PASS = "Acad276_Ttrojan_Dev2Ex@m";
$DB_NAME = "dent_exam";

$conn = mysqli_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if (!$conn) { die("DB connection error: " . mysqli_connect_error()); }

if (!isset($_GET['manufacturer_id']) || !isset($_GET['system_id']) || !isset($_GET['type_id'])) {
    die('<div>Missing form values. <a href="search.php">Go back to Search</a></div>');
}

$device_name = isset($_GET['device_name']) ? trim($_GET['device_name']) : "";
$manufacturer_id = $_GET['manufacturer_id'];
$system_id = $_GET['system_id'];
$type_id = $_GET['type_id'];

$sql = "SELECT d.device_id, d.name, d.price, m.manufacturer, o.system, t.type
        FROM device d
        JOIN make m ON d.manufacturer_id = m.manufacturer_id
        JOIN os o ON d.system_id = o.system_id
        JOIN devicetype t ON d.type_id = t.type_id
        WHERE 0=0";

if ($device_name !== "") {

    $safe = mysqli_real_escape_string($conn, $device_name);
    $sql .= " AND d.name LIKE '%$safe%'";
}

if ($manufacturer_id !== "all") { $sql .= " AND d.manufacturer_id = " . (int)$manufacturer_id; }
if ($system_id !== "all") { $sql .= " AND d.system_id = " . (int)$system_id; }
if ($type_id !== "all") { $sql .= " AND d.type_id = " . (int)$type_id; }

$sql .= " ORDER BY d.name";

$rs = mysqli_query($conn, $sql);
if (!$rs) { die("SQL error (results): " . mysqli_error($conn)); }
$num = mysqli_num_rows($rs);
?>
<!DOCTYPE html>

<html>

<head lang="en">

    <meta charset="UTF-8">

    <title>Acad276 Practical Exam: Results</title>

    <style>

        .container {

            width:  600px;

            margin: auto;

        }

        h1 {

            margin: auto;

            text-align: center;

            background-color:   #900;

            color:  #FC0;

            height: 60px;

            line-height: 60px;

        }

        .num-results {

            margin: 20px 10px;

        }

        table {

            margin: auto;

            margin-bottom: 20px;

            width:  80%;

            border-collapse: collapse;

        }

        th, td {

            border: 1px solid #900;

            border-collapse: collapse;

            padding:    10px;

            text-align: center;

        }

        img {

            width: 100px;

        }

        .nav-link{

            margin: 10px 0px;

            font-size: 14px;

        }

    </style>

</head>

<body>

<div class="container">

    <h1>Mobile Device Database: Search Results</h1>

    <div class="nav-link">

        <a href="search.php">&lt;&lt; Back to Search Page</a>

    </div>

    <div class="num-results">

        Your search returned

        <strong><?php echo $num; ?></strong>

        results.

    </div>



    <table>

        <tr>

            <th>Name</th>

            <th>Price</th>

            <th>Manufacturer</th>

            <th>System</th>

            <th>Type</th>

        </tr>

        <?php if ($num > 0) { while($row = mysqli_fetch_assoc($rs)) { ?>

            <tr>

                <td><a href="details.php?id=<?php echo (int)$row['device_id']; ?>"><?php echo htmlspecialchars($row['name']); ?></a></td>

                <td><?php echo htmlspecialchars($row['price']); ?></td>

                <td><?php echo htmlspecialchars($row['manufacturer']); ?></td>

                <td><?php echo htmlspecialchars($row['system']); ?></td>

                <td><?php echo htmlspecialchars($row['type']); ?></td>

            </tr>

        <?php } } ?>

    </table>

</div>

</body>

</html>
<?php
mysqli_free_result($rs);
mysqli_close($conn);
?>