Sunda Cyber Army


* Sunda Cyber Army 2k17 *
Indonesia Defacer ~

© | FaceBook | Youtube | ©
?? | HackersId | DefacerId | ??
?? | Website | ??
?? | Tools | ??

Path : /home/dent/public_html/exams/dylan/
File Upload :
Current File : /home/dent/public_html/exams/dylan/results.php

<?php

if (empty($_REQUEST['manufacturer_id'])) {
    echo "Please start at the <a href='search.php'>search</a> page.";
    exit();
}

$host="webdev.iyaserver.com";
$userid="dent_test";
$userpw="Acad276_Ttrojan_Dev2Ex@m";
$db="dent_exam";

$mysql = new mysqli(
    $host,
    $userid,
    $userpw,
    $db
);

if($mysql->connect_errno) {
    echo "db connection error : " . $mysql->connect_error;
    exit();
}
?>

<!DOCTYPE html>

<html>

<head lang="en">

    <meta charset="UTF-8">

    <title>Acad276 Practical Exam: Results</title>

    <style>

        .container {

            width:  600px;

            margin: auto;

        }

        h1 {

            margin: auto;

            text-align: center;

            background-color:   #900;

            color:  #FC0;

            height: 60px;

            line-height: 60px;

        }

        .num-results {

            margin: 20px 10px;

        }

        table {

            margin: auto;

            margin-bottom: 20px;

            width:  80%;

            border-collapse: collapse;

        }

        th, td {

            border: 1px solid #900;

            border-collapse: collapse;

            padding:    10px;

            text-align: center;

        }

        img {

            width: 100px;

        }

        .nav-link{

            margin: 10px 0px;

            font-size: 14px;

        }

    </style>

</head>

<body>

<div class="container">

    <h1>Mobile Device Database: Search Results</h1>

    <div class="nav-link">

        <a href="search.php"><< Back to Search Page</a>

    </div>

<?php
$sql  = "SELECT
            d.device_id,
            d.name,
            d.price,
            m.manufacturer,
            o.system,
            t.type
        FROM device AS d
        JOIN make AS m ON d.manufacturer_id = m.manufacturer_id
        JOIN os AS o ON d.system_id = o.system_id
        JOIN devicetype AS t ON d.type_id = t.type_id
        WHERE 1=1
        AND d.name LIKE '%" . $_REQUEST['device_name'] . "%'";

    if($_REQUEST['manufacturer_id'] != "all") {
        $sql .= " AND d.manufacturer_id = " . (int)$_REQUEST['manufacturer_id'];
    }
    if($_REQUEST['system_id'] != "all") {
        $sql .= " AND d.system_id = " . (int)$_REQUEST['system_id'];
    }
    if($_REQUEST['type_id'] != "all") {
        $sql .= " AND d.type_id = " . (int)$_REQUEST['type_id'];
    }

    $results = $mysql->query($sql);

    if(!$results) {
        echo "<hr>Your SQL:<br> " . $sql . "<br><br>";
        echo "SQL Error: " . $mysql->error . "<hr>";
        exit();
    }

    echo "<div class='num-results'>Returned <strong>" .
        $results->num_rows .
        "</strong> results" . ".</div>";
?>

    <table>
        <tr>
            <th>Name</th>
            <th>Price</th>
            <th>Manufacturer</th>
            <th>System</th>
            <th>Type</th>
        </tr>

        <?php
            while($currentrow = $results->fetch_assoc()) {
                echo "<tr>";
                echo "<td><a href='details.php?recordid=" . $currentrow['device_id'] . "'>" . $currentrow['name'] . "</a></td>";
                echo "<td>" . ($currentrow['price']) . "</td>";
                echo "<td>" . $currentrow['manufacturer'] . "</td>";
                echo "<td>" . $currentrow['system'] . "</td>";
                echo "<td>" . $currentrow['type'] . "</td>";
                echo "</tr>";
        }
        ?>
    </table>

</div>

</body>

</html>