* Sunda Cyber Army 2k17 *
Indonesia Defacer ~
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title>Acad276 Practical Exam: Results</title>
<style>
.container {
width: 600px;
margin: auto;
}
h1 {
margin: auto;
text-align: center;
background-color: #900;
color: #FC0;
height: 60px;
line-height: 60px;
}
.num-results {
margin: 20px 10px;
}
table {
margin: auto;
margin-bottom: 20px;
width: 80%;
border-collapse: collapse;
}
th, td {
border: 1px solid #900;
border-collapse: collapse;
padding: 10px;
text-align: center;
}
img {
width: 100px;
}
.nav-link {
margin: 10px 0px;
font-size: 14px;
}
</style>
</head>
<body>
<div class="container">
<h1>Mobile Device Database: Search Results</h1>
<div class="navigator-link">
<a href="search.php">; Back to Search Page</a>
</div>
<div class="num-results">
Your search returned <strong><?php echo $results->num_rows; ?></strong> results.
</div>
<table>
<tr>
<th>Name</th>
<th>Price</th>
<th>Manufacturer</th>
<th>System</th>
<th>Type</th>
</tr>
<?php while ($row = $results->fetch_assoc()) { ?>
<tr>
<td><a href="details.php?recordid=<?php echo $row['device_id']; ?>">
<?php echo $row['name']; ?>
</a>
</td>
<td><?php echo $row['price']; ?></td>
<td><?php echo $row['manufacturer']; ?></td>
<td><?php echo $row['system']; ?></td>
<td><?php echo $row['type']; ?></td>
</tr>
<?php } ?>
</table>
</div>
</body>
</html>
<?php
if (empty($_REQUEST['manufacturer_id']) || empty($_REQUEST['system_id']) || empty($_REQUEST['type_id'])) {
echo "Please submit the form from the search page (missing dropdown values).";
exit();
}
$DB_HOST = 'webdev.iyaserver.com';
$DB_USER = 'dent_test';
$DB_PASS = 'Acad276_Ttrojan_Dev2Ex@m';
$DB_NAME = 'dent_exam';
$mysql = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if ($mysql->connect_errno) {
echo "DB connection error: " . $mysql->connect_error;
exit();
}
/
$name = isset($_REQUEST['device_name']) ? $_REQUEST['device_name'] : "";
$man = $_REQUEST['manufacturer_id'];
$sys = $_REQUEST['system_id'];
$type = $_REQUEST['type_id'];
$sql = "SELECT device_id, d.name, d.price, d.img_url,
m.manufacturer, o.system, t.type FROM device, make m, o, devicetype t WHERE manufacturer_id = m.manufacturer_id AND d.system_id = o.system_id AND d.type_id = t.type_id";
if ($name !== "") {
$sql = $sql . " AND d.name LIKE '%" . $name . "%' ";
}
if ($man !== "all") {
$sql = $sql . " AND d.manufacturer_id=" . $man;
}
if ($sys !== "all") {
$sql .= " AND d.system_id=" . $sys;
}
if ($type !== "all") {
$sql .= " AND d.type_id=" . $type;
}
$sql .= " ORDER BY d.name ";
$results = $mysql->query($sql);
if (!$results) {
echo "<hr>Your SQL:<br>" . $sql . "<br><br>";
echo "SQL Error: " . $mysql->error . "<hr>";
exit();
}
?>
