* Sunda Cyber Army 2k17 *
Indonesia Defacer ~
<!--PHP-->
<?php
//missing value check so people cant just open and skip to this page
if(!$_REQUEST['manufacturer_id'] || !$_REQUEST['system_id'] || !$_REQUEST['type_id']){
echo("Error: missing values");
exit();
};
//connect to database again
$mysql = new mysqli(
"webdev.iyaclasses.com",
"dent_guest",
"Acad276_Ttrojan_Dev2Ex@m",
"dent_exam"
);
//checks for connection error using errno and then displays what the actual error is with error
if($mysql->connect_errno) {
echo "Connection error with database: " . $mysql->connect_error;
exit();
};
$sql = "SELECT device_id, manufacturer, price, name, system, type FROM manufacturers, devices, systems, types WHERE devices.system_id = systems.system_id AND devices.manufacturer_id = manufacturers.manufacturer_id AND devices.type_id = types.type_id";
//if manufacturer_id is not equal to all, get the id from the form the person filled out on the previous page, else leave it blank so it displays any/all of them
if($_REQUEST['manufacturer_id'] != "all"){
$manufacturer = " AND manufacturer='" . $_REQUEST['manufacturer_id'] . "'";
} else{
$manufacturer = "";
}
//if system_id is not equal to all, get the id from the form the person filled out on the previous page, else leave it blank so it displays any/all of them
if($_REQUEST['system_id'] != "all"){
$system = " AND system='" . $_REQUEST['system_id'] ."'";
} else{
$system = "";
}
//if type is not equal to all, get the id from the form the person filled out on the previous page, else leave it blank so it displays any/all of them
if($_REQUEST['type_id'] != "all"){
$type = " AND type='" . $_REQUEST['type_id'] . "'";
} else{
$type = "";
}
//if device_name is put in look for things in table like device_name to output
if($_REQUEST['device_name']){
$name = " AND name LIKE '%" . $_REQUEST['device_name'] . "%'";
}
//adds to the sql variable to contain all of the chosen results and query it from the database so we have actual info
$sql .= $manufacturer . $type . $system . $name;
$results = $mysql->query($sql);
//if when you try to get the results and theres nothing in it echo the error and then exit
if(!$results) {
echo "There is an SQL Error: " . $mysql->error;
exit();
};
?>
<!--PHP CLOSE-->
<!--HTML OPEN-->
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Acad276 Practical Exam: Results</title>
<style>
.container {
width: 600px;
margin: auto;
}
h1 {
margin: auto;
text-align: center;
background-color: #900;
color: #FC0;
height: 60px;
line-height: 60px;
}
.num-results {
margin: 20px 10px;
}
table {
margin: auto;
margin-bottom: 20px;
width: 80%;
border-collapse: collapse;
}
th, td {
border: 1px solid #900;
border-collapse: collapse;
padding: 10px;
text-align: center;
}
img {
width: 100px;
}
.nav-link{
margin: 10px 0px;
font-size: 14px;
}
</style>
</head>
<body>
<div class="container">
<h1>Mobile Device Database: Search Results</h1>
<div class="nav-link">
<a href="search.php"><< Back to Search Page</a>
</div>
<div class="num-results">
<!-- displays the number of rows found containing chosen data and echos it out-->
<?php echo "Your search found " . $results->num_rows . " records"; ?>
</div>
<!-- make a table with the column names on it to fill in-->
<table>
<tr>
<th>Name</th>
<th>Price</th>
<th>Manufacturer</th>
<th>System</th>
<th>Type</th>
</tr>
<?php
while($currentrow = $results->fetch_assoc()){
echo "<tr>";
echo "<td><a href='details.php?id=" . $currentrow['device_id'] . "'>". $currentrow['name'] ."</a></td>";
echo "<td>". $currentrow['price'] . "</td>";
echo "<td>". $currentrow['manufacturer'] . "</td>";
echo "<td>". $currentrow['system'] . "</td>";
echo "<td>". $currentrow['type'] . "</td>";
echo "</tr>";
}
?>
</table>
</div>
</body>
</html>
