* Sunda Cyber Army 2k17 *
Indonesia Defacer ~
<?php
$DB_HOST = "webdev.iyaserver.com";
$DB_USER = "dent_test";
$DB_PASS = "Acad276_Ttrojan_Dev2Ex@m";
$DB_NAME = "dent_exam";
$conn = mysqli_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if (!$conn) { die("DB connection error: " . mysqli_connect_error()); }
if (!isset($_GET['manufacturer_id']) || !isset($_GET['system_id']) || !isset($_GET['type_id'])) {
die('<div>Missing form values. <a href="search.php">Go back to Search</a></div>');
}
$device_name = isset($_GET['device_name']) ? trim($_GET['device_name']) : "";
$manufacturer_id = $_GET['manufacturer_id'];
$system_id = $_GET['system_id'];
$type_id = $_GET['type_id'];
$sql = "SELECT d.device_id, d.name, d.price, m.manufacturer, o.system, t.type
FROM device d
JOIN make m ON d.manufacturer_id = m.manufacturer_id
JOIN os o ON d.system_id = o.system_id
JOIN devicetype t ON d.type_id = t.type_id
WHERE 0=0";
if ($device_name !== "") {
$safe = mysqli_real_escape_string($conn, $device_name);
$sql .= " AND d.name LIKE '%$safe%'";
}
if ($manufacturer_id !== "all") { $sql .= " AND d.manufacturer_id = " . (int)$manufacturer_id; }
if ($system_id !== "all") { $sql .= " AND d.system_id = " . (int)$system_id; }
if ($type_id !== "all") { $sql .= " AND d.type_id = " . (int)$type_id; }
$sql .= " ORDER BY d.name";
$rs = mysqli_query($conn, $sql);
if (!$rs) { die("SQL error (results): " . mysqli_error($conn)); }
$num = mysqli_num_rows($rs);
?>
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title>Acad276 Practical Exam: Results</title>
<style>
.container {
width: 600px;
margin: auto;
}
h1 {
margin: auto;
text-align: center;
background-color: #900;
color: #FC0;
height: 60px;
line-height: 60px;
}
.num-results {
margin: 20px 10px;
}
table {
margin: auto;
margin-bottom: 20px;
width: 80%;
border-collapse: collapse;
}
th, td {
border: 1px solid #900;
border-collapse: collapse;
padding: 10px;
text-align: center;
}
img {
width: 100px;
}
.nav-link{
margin: 10px 0px;
font-size: 14px;
}
</style>
</head>
<body>
<div class="container">
<h1>Mobile Device Database: Search Results</h1>
<div class="nav-link">
<a href="search.php"><< Back to Search Page</a>
</div>
<div class="num-results">
Your search returned
<strong><?php echo $num; ?></strong>
results.
</div>
<table>
<tr>
<th>Name</th>
<th>Price</th>
<th>Manufacturer</th>
<th>System</th>
<th>Type</th>
</tr>
<?php if ($num > 0) { while($row = mysqli_fetch_assoc($rs)) { ?>
<tr>
<td><a href="details.php?id=<?php echo (int)$row['device_id']; ?>"><?php echo htmlspecialchars($row['name']); ?></a></td>
<td><?php echo htmlspecialchars($row['price']); ?></td>
<td><?php echo htmlspecialchars($row['manufacturer']); ?></td>
<td><?php echo htmlspecialchars($row['system']); ?></td>
<td><?php echo htmlspecialchars($row['type']); ?></td>
</tr>
<?php } } ?>
</table>
</div>
</body>
</html>
<?php
mysqli_free_result($rs);
mysqli_close($conn);
?>
