* Sunda Cyber Army 2k17 *
Indonesia Defacer ~
<?php
// disclosure: LLMs used to debug & clean up certain code snippets
$host = "webdev.iyaserver.com";
$userid = "dent_test";
$password = "Acad276_Ttrojan_Dev2Ex@m";
$db = "dent_exam";
$mysql = new mysqli($host, $userid, $password, $db);
if ($mysql->connect_errno) {
echo "Connection failed: " . $mysql->connect_error;
exit();
}
$device_name = trim($_GET['device_name'] ?? '');
$manufacturer_id = $_GET['manufacturer_id'] ?? '';
$system_id = $_GET['system_id'] ?? '';
$type_id = $_GET['type_id'] ?? '';
if (empty($manufacturer_id) || empty($system_id) || empty($type_id)) {
echo "Error: Missing required dropdown values. Please go back and select all options.";
exit();
}
$sql = "SELECT d.device_id, d.name, d.price, m.manufacturer, o.system, dt.type
FROM `device` d
JOIN `make` m ON d.manufacturer_id = m.manufacturer_id
JOIN `os` o ON d.system_id = o.system_id
JOIN `devicetype` dt ON d.type_id = dt.type_id
WHERE 1=1";
if (!empty($device_name)) {
$device_name_escaped = $mysql->real_escape_string($device_name);
$sql .= " AND d.name LIKE '%$device_name_escaped%'";
}
if ($manufacturer_id !== 'all') {
$manufacturer_id = (int)$manufacturer_id;
$sql .= " AND d.manufacturer_id = $manufacturer_id";
}
if ($system_id !== 'all') {
$system_id = (int)$system_id;
$sql .= " AND d.system_id = $system_id";
}
// Add type filter if not 'all'
if ($type_id !== 'all') {
$type_id = (int)$type_id;
$sql .= " AND d.type_id = $type_id";
}
$sql .= " ORDER BY d.name";
// Execute query
$results = $mysql->query($sql);
if (!$results) {
echo "SQL error: " . $mysql->error;
exit();
}
$result_count = $results->num_rows;
?>
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title>Acad276 Practical Exam: Results</title>
<style>
.container {
width: 600px;
margin: auto;
}
h1 {
margin: auto;
text-align: center;
background-color: #900;
color: #FC0;
height: 60px;
line-height: 60px;
}
.num-results {
margin: 20px 10px;
}
table {
margin: auto;
margin-bottom: 20px;
width: 80%;
border-collapse: collapse;
}
th, td {
border: 1px solid #900;
border-collapse: collapse;
padding: 10px;
text-align: center;
}
img {
width: 100px;
}
.nav-link{
margin: 10px 0px;
font-size: 14px;
}
</style>
</head>
<body>
<div class="container">
<h1>Mobile Device Database: Search Results</h1>
<div class="nav-link">
<a href="search.php"><< Back to Search Page</a>
</div>
<div class="num-results">
Your search returned
<strong><?php echo $result_count; ?></strong>
result<?php echo $result_count == 1 ? '' : 's'; ?>.
</div>
<table>
<tr>
<th>Name</th>
<th>Price</th>
<th>Manufacturer</th>
<th>System</th>
<th>Type</th>
</tr>
<?php if ($result_count == 0): ?>
<tr>
<td colspan="5">No results found.</td>
</tr>
<?php else: ?>
<?php while($result = $results->fetch_assoc()): ?>
<tr>
<td><a href="details.php?id=<?php echo $result['device_id']; ?>"><?php echo htmlspecialchars($result['name']); ?></a></td>
<td><?php echo number_format($result['price'], 2); ?></td>
<td><?php echo htmlspecialchars($result['manufacturer']); ?></td>
<td><?php echo htmlspecialchars($result['system']); ?></td>
<td><?php echo htmlspecialchars($result['type']); ?></td>
</tr>
<?php endwhile; ?>
<?php endif; ?>
</table>
</div>
</body>
</html>