* Sunda Cyber Army 2k17 *
Indonesia Defacer ~
<?php
if(empty($_REQUEST['device_name']) && empty($_REQUEST['manufacturer']) && empty($_REQUEST['system']) && empty($_REQUEST['type'])) {
echo "Please go through search page. (or redirect)";
// header('Location: search_drilldown.php');
exit();
}
//Connection to server
$host = "webdev.iyaclasses.com";
$user = "dent_guest";
$userpw = "Acad276_Ttrojan_Dev2Ex@m";
$db="dent_exam";
$mysql = new mysqli(
$host,
$user,
$userpw,
$db
);
if($mysql->connect_errno) {
echo "db connection error : " . $mysql->connect_error;
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Acad276 Practical Exam: Results</title>
<style>
.container {
width: 600px;
margin: auto;
}
h1 {
margin: auto;
text-align: center;
background-color: #900;
color: #FC0;
height: 60px;
line-height: 60px;
}
.num-results {
margin: 20px 10px;
}
table {
margin: auto;
margin-bottom: 20px;
width: 80%;
border-collapse: collapse;
}
th, td {
border: 1px solid #900;
border-collapse: collapse;
padding: 10px;
text-align: center;
}
img {
width: 100px;
}
.nav-link{
margin: 10px 0px;
font-size: 14px;
}
</style>
</head>
<body>
<div class="container">
<h1>Mobile Device Database: Search Results</h1>
<?php
//this pulls the info from the search page and places it into
//$sql ="SELECT * FROM devices WHERE 1=1";
$sql ="SELECT * FROM devices WHERE 1=1";
$sql .= " AND name LIKE '%" .
$_REQUEST['device_name'] . "%'";
if($_REQUEST['manufacturer'] != "ALL") {
$sql .= " AND manufacturer_id ='" . $_REQUEST["manufacturer"] . "'";
}
if($_REQUEST['system'] != "ALL") {
$sql .= " AND system_id ='" . $_REQUEST["system"] . "'";
}
if($_REQUEST['type'] != "ALL") {
$sql .= " AND type_id ='" . $_REQUEST["type"] . "'";
}
//Run SQL
echo $sql;
$results = $mysql->query($sql);
//SQL Error Code
if(!$results) {
echo "<hr>Your SQL:<br> " . $sql . "<br><br>";
echo "SQL Error: " . $mysql->error . "<hr>";
exit();
}
?>
<div class="nav-link">
<a href="search.php"><< Back to Search Page</a>
</div>
<div class="num-results">
<?php
echo "<em>Your results returned <strong>" .
$results->num_rows .
"</strong> results.</em>";
?>
</div>
<table>
<tr>
<th>Name</th>
<th>Price</th>
<th>Manufacturer</th>
<th>System</th>
<th>Type</th>
</tr>
<!--
****** SAMPLE OUTPUT ROW ******
<a href='details.php?id=" . . "'></a>"
-->
<?php
$sqltwo ="SELECT * FROM devices WHERE 1=1";
//While loop will output rows these is something wrong but I was not able to find it
while($currentrow = $results->fetch_assoc()) {
echo "<tr><td><a href='details.php?id='" . $currentrow['device_id'] . "'>" .
$currentrow['name'] . "</a></td>" .
"<td>". $currentrow['price'] . "</td>" .
"<td>". $currentrow['manufacturer_id'] . "</td>" .
"<td>". $currentrow['system_id'] . "</td>" .
"<td>". $currentrow['type_id'] . "</td></tr>";
}
$results = $mysql->query($sqltwo);
?>
<tr>
<td><a href="details.php?id=10">Pixel</a></td>
<td>549.00</td>
<td>Google</td>
<td>Android</td>
<td>Smartphone</td>
</tr><!--
<tr>
<td><a href="details.php?id=11">Pixel 2</a></td>
<td>649.00</td>
<td>Google</td>
<td>Android</td>
<td>Smartphone</td>
</tr>
<tr>
<td><a href="details.php?id=12">Pixelbook</a></td>
<td>999.00</td>
<td>Google</td>
<td>Android</td>
<td>Laptop</td>
</tr>
-->
</table>
</div>
</body>
</html>