Sunda Cyber Army


* Sunda Cyber Army 2k17 *
Indonesia Defacer ~

© | FaceBook | Youtube | ©
?? | HackersId | DefacerId | ??
?? | Website | ??
?? | Tools | ??

Path : /home/dent/studentexams/guocryst/
File Upload :
Current File : /home/dent/studentexams/guocryst/results.php

<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>Acad276 Practical Exam: Results</title>
    <style>
        .container {
            width:  600px;
            margin: auto;
        }
        h1 {
            margin: auto;
            text-align: center;
            background-color:   #900;
            color:  #FC0;
            height: 60px;
            line-height: 60px;
        }
        .num-results {
            margin: 20px 10px;
        }
        table {
            margin: auto;
            margin-bottom: 20px;
            width:  80%;
            border-collapse: collapse;
        }
        th, td {
            border: 1px solid #900;
            border-collapse: collapse;
            padding:    10px;
            text-align: center;
        }
        img {
            width: 100px;
        }
        .nav-link{
            margin: 10px 0px;
            font-size: 14px;
        }
    </style>
</head>
<body>
<?php
$mysql = new mysqli(
    "webdev.iyaclasses.com",
    "dent_guest",
    "Acad276_Ttrojan_Dev2Ex@m",
    "dent_exam"
);

//error number = errno, error code
if($mysql->connect_errno){
    echo "DATABASE Connection ERROR";
    echo $mysql->connect_error;
    //connect_error is text error
    exit();
//} else {
//    echo "DB connection successful.";
};

//checking for empty requests
if(empty($_REQUEST['device_name'] OR $_REQUEST["manufacturer_id"] OR $_REQUEST["system_id"] OR $_REQUEST["type_id"])) {
    header('Location: search.php');
    exit();
}

//select statement
$sql = "SELECT * 
        FROM devices, manufacturers, systems, types
        WHERE devices.manufacturer_id = manufacturers.manufacturer_id
        AND devices.system_id = systems.system_id
        AND devices.type_id = types.type_id"
;

//finding the stuff
if($_REQUEST["device_name"] !='' ) {
    $sql .= " AND name LIKE '%" . $_REQUEST["device_name"]. "%'";
}
if($_REQUEST['manufacturer_id'] != "all" ) {
    $sql .=	" AND manufacturers.manufacturer_id = " . $_REQUEST["manufacturer_id"];
}
if($_REQUEST['system_id'] != "all" ) {
    $sql .=	" AND systems.system_id = " . $_REQUEST["system_id"];
}
if($_REQUEST['type_id'] != "all" ) {
    $sql .=	" AND types.type_id = " . $_REQUEST["type_id"];
};

$results = $mysql->query($sql);

if(!$results) {
    echo "SQL error: ". $mysql->error;
    exit();
};

?>
<div class="container">
    <h1>Mobile Device Database: Search Results</h1>
    <div class="nav-link">
        <a href="search.php"><< Back to Search Page</a>
    </div>
    <div class="num-results">
        Your search returned
        <strong>
            <?php
            echo $results->num_rows;
            ?>
        </strong>
        results.
    </div>

    <table>
        <tr>
            <th>Name</th>
            <th>Price</th>
            <th>Manufacturer</th>
            <th>System</th>
            <th>Type</th>
        </tr>

        <!--
        ****** SAMPLE OUTPUT ROW ******
        -->
        <?php
        while ($currentrow = $results->fetch_assoc()) {
            echo
            "<tr>
                <td><a href='details.php?id=" . $currentrow["device_id"] . "'>" .
                $currentrow["name"] .
                "</td></td>
                <td>" . $currentrow["price"] . "</td>
                <td>" . $currentrow["manufacturer"] . "</td>
                <td>" . $currentrow["system"] . "</td>
                <td>" . $currentrow["type"] . "</td>
             </tr>   ";
            }

        ?>


    </table>
</div>
</body>
</html>