* Sunda Cyber Army 2k17 *
Indonesia Defacer ~
<?php
//var_dump($_REQUEST);
if(empty($_REQUEST['manufacturer'])) {
echo 'Please go through search page first. <a href="search.php">Search Page</a>';
exit();
}
//echo "You asked for the Device Name '<strong>" . $_REQUEST['device_name'] . "</strong>' Manufacturer '<strong>" . $_REQUEST['manufacturer'] . "</strong>' System '<strong>" . $_REQUEST['system'] . "</strong>' and Type '<strong>" . $_REQUEST['type'] . "</strong>'";
$host = "webdev.iyaserver.com";
$userid = "dent_test";
$userpw = "Acad276_Ttrojan_Dev2Ex@m";
$db = "dent_exam";
$mysql = new mysqli(
$host,
$userid,
$userpw,
$db
);
if($mysql->connect_errno) {
echo "db connection error : " . $mysql->connect_error;
exit();
}
$name = $_REQUEST['device_name'];
$manufacturer = $_REQUEST['manufacturer'];
$system = $_REQUEST['system'];
$type = $_REQUEST['type'];
$sql = "SELECT *
FROM device, os, make, devicetype
WHERE device.manufacturer_id = make.manufacturer_id
AND device.system_id = os.system_id
AND device.type_id = devicetype.type_id
";
if($name != "") {
$sql .= " AND name LIKE '%" . $name . "%'";
}
if($manufacturer != "all") {
$sql .= " AND make.manufacturer = '" . $manufacturer . "'";
}
if($system != "all") {
$sql .= " AND os.system = '" . $system . "'";
}
if($type != "all") {
$sql .= " AND devicetype.type = '" . $type . "'";
}
$results = $mysql->query($sql);
if(!$results) {
echo "<hr>Your SQL:<br> " . $sql . "<br><br>";
echo "SQL Error: " . $mysql->error . "<hr>";
exit();
}
?>
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title>Acad276 Practical Exam: Results</title>
<style>
.container {
width: 600px;
margin: auto;
}
h1 {
margin: auto;
text-align: center;
background-color: #900;
color: #FC0;
height: 60px;
line-height: 60px;
}
.num-results {
margin: 20px 10px;
}
table {
margin: auto;
margin-bottom: 20px;
width: 80%;
border-collapse: collapse;
}
th, td {
border: 1px solid #900;
border-collapse: collapse;
padding: 10px;
text-align: center;
}
img {
width: 100px;
}
.nav-link{
margin: 10px 0px;
font-size: 14px;
}
</style>
</head>
<body>
<div class="container">
<h1>Mobile Device Database: Search Results</h1>
<div class="nav-link">
<a href="search.php"><< Back to Search Page</a>
</div>
<div class="num-results">
Your search returned
<strong><?php echo $results->num_rows ;?></strong>
results.
</div>
<table>
<tr>
<th>Name</th>
<th>Price</th>
<th>Manufacturer</th>
<th>System</th>
<th>Type</th>
</tr>
<!--
****** SAMPLE OUTPUT ROW ******
-->
<?php
while($currentrow = $results->fetch_assoc()) {
echo "<tr>";
echo "<td><a href='details.php?device_id=" . $currentrow['device_id'] . "'>";
echo $currentrow['name'];
echo "</a></td><td>";
echo $currentrow['price'];
echo "</td><td>";
echo $currentrow['manufacturer'];
echo "</td><td>";
echo $currentrow['system'];
echo "</td><td>";
echo $currentrow['type'];
echo "</td></tr>";
}
?>
</table>
</div>
</body>
</html>