Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if(!isset($_SESSION['sess_user_id']) || (trim($_SESSION['sess_user_id']) == '')) {
- header("location: login.php");
- exit();
- }
- if(!($_SESSION['sess_status'] > 0)) {
- header("location: sorry.php");
- }
- $whereClause = array();
- $countyList = array();
- $bindArray = array();
- $fields = array( 'bhv','mrc','general','evv','allCounties','fillmore','johnson','richardson', 'otoe','seward','butler','gage','lancaster','pawnee','saline','thayer','cass','jefferson','nemaha','polk','saunders','york','aro','clergy','intskills','bus','child','law','cpr','data','security','emergency','computer','mechanical','administration','firstaid','translation','construction','basicclean','foodprep','animalcare','heavy','license1','license2','license3','license4','license5','dist1','dist2','dist3','dist4','dist5');
- $counties = array('county1','county2','county3','county4','countr5','county6');
- foreach($fields as $field)
- {
- switch($field) {
- case "license1":
- if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)){
- $whereClause[] = "`license1` = :$field";
- $bindArray[":license1"] = $san;
- $whereClause[] = "`license2` = :$field";
- $bindArray[":license1"] = $san;
- $whereClause[] = "`license3` = :$field";
- $bindArray[":license1"] = $san;
- $whereClause[] = "`license4` = :$field";
- $bindArray[":license1"] = $san;
- $whereClause[] = "`license5` = :$field";
- $bindArray[":license1"] = $san;
- }
- break;
- case "license2":
- if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)){
- $whereClause[] = "`license1` = :license21";
- $bindArray[":license21"] = $san;
- $whereClause[] = "`license2` = :license22";
- $bindArray[":license22"] = $san;
- $whereClause[] = "`license3` = :license23";
- $bindArray[":license23"] = $san;
- $whereClause[] = "`license4` = :license24";
- $bindArray[":license24"] = $san;
- $whereClause[] = "`license5` = :license25";
- $bindArray[":license25"] = $san;
- }
- break;
- case "license3":
- if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)){
- $whereClause[] = "`license1` = :$field";
- $bindArray[":license3"] = $san;
- $whereClause[] = "`license2` = :$field";
- $bindArray[":license3"] = $san;
- $whereClause[] = "`license3` = :$field";
- $bindArray[":license3"] = $san;
- $whereClause[] = "`license4` = :$field";
- $bindArray[":license3"] = $san;
- $whereClause[] = "`license5` = :$field";
- $bindArray[":license3"] = $san;
- }
- break;
- case "license4":
- if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)){
- $whereClause[] = "`license1` = :$field";
- $bindArray[":license4"] = $san;
- $whereClause[] = "`license2` = :$field";
- $bindArray[":license4"] = $san;
- $whereClause[] = "`license3` = :$field";
- $bindArray[":license4"] = $san;
- $whereClause[] = "`license4` = :$field";
- $bindArray[":license4"] = $san;
- $whereClause[] = "`license5` = :$field";
- $bindArray[":license4"] = $san;
- }
- break;
- case "license5":
- if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)){
- $whereClause[] = "`license1` = :$field";
- $bindArray[":license5"] = $san;
- $whereClause[] = "`license2` = :$field";
- $bindArray[":license5"] = $san;
- $whereClause[] = "`license3` = :$field";
- $bindArray[":license5"] = $san;
- $whereClause[] = "`license4` = :$field";
- $bindArray[":license5"] = $san;
- $whereClause[] = "`license5` = :$field";
- $bindArray[":license5"] = $san;
- }
- break;
- default:
- if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)){
- $whereClause[] = "`$field` = :$field";
- $bindArray[":$field"] = $san;
- }
- }
- }
- foreach($counties as $county)
- {
- if($san = filter_input(INPUT_POST, $county, FILTER_SANITIZE_STRING)){
- $countyList[] = ":$county";
- $bindArray[":$county"] = $san;
- }
- }
- $sql = "SELECT * FROM VolunDB";
- if(!empty($countyList)) $sqlC = '`county` IN(' . implode(',', $countyList) . ')';
- if(!empty($whereClause)) $sqlW = implode(' AND ', $whereClause);
- $stmtString = $sql;
- if(isset($sqlC) && isset($sqlW)){
- $stmtString .= ' WHERE ' . $sqlC . ' AND ' . $sqlW;
- }elseif(isset($sqlC)){
- $stmtString .= ' WHERE ' . $sqlC;
- }elseif(isset($sqlW)){
- $stmtString .= ' WHERE ' . $sqlW;
- }
- echo $stmtString;
- //var_dump($whereClause);
- //var_dump($bindArray);
- $dbh = new PDO('mysql:host=localhost;dbname=petrzilk_test;charset=utf8', 'petrzilk_dbAdmin', '######');
- $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
- $stmt = $dbh->prepare($stmtString);
- $stmt->execute($bindArray);
- $data = $stmt->fetchAll(PDO::FETCH_ASSOC);
- //foreach($data as $person)
- //{
- // echo $person['lname'] . ', ' . $person['fname'] . '<br />';
- //}
- ?>
- <!DOCTYPE HTML>
- <html>
- <head>
- <title>Search Results</title>
- <script type="text/javascript" src="js/functions.js"> </script>
- <link rel="stylesheet" href="css/bootstrap-theme.css" type="text/css" />
- <link rel="stylesheet" href="css/bootstrap.css" type="text/css" />
- <link rel="stylesheet" href="css/styles.css" type="text/css">
- <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>
- </head>
- <div class="sidebar">
- <ul class="nav nav-pills nav-stacked">
- <li><br/></li>
- <li><img class='logo' src='images/Large RVS.png' alt='Broken' style='width:230px; padding-left: 5%;'/></li>
- <li><br/></li>
- <li><span class="welcome" style="color:white;font-weight:Bold;font-size:20px;margin-left:5px;padding-left:5px;"> Welcome <?php echo $_SESSION['sess_name'] ?></span></li>
- <li><a href="login.php">Log out</a></li>
- <li><a href="index.php">Home</a><li>
- <li><a href="volunForm.php">Add Volunteer</a></li>
- <li><a href="search.php">Search/Report</a></li>
- <li class="active"><a href="allVolun.php">View Volunteers</a></li>
- <li><a href="updateVolunteer.php">Update Volunteer</a></li>
- <?php
- if ($_SESSION['sess_status'] == 2) {
- echo "<li><a href='admin.php'>Admin CP</a></li>";
- }
- ?>
- <li><a href="userCP.php">User Control Panel</a></li>
- <li><a href="contact.php">Contact Us</a></li>
- </ul>
- </div>
- <div class="content">
- <?php
- foreach($data as $person)
- {
- echo $person['lname'] . ', ' . $person['fname'] . '<br />';
- }
- ?>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement