Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Book-O-Rama Search Results</title>
- </head>
- <body>
- <h1>Book-O-Rama Search Results</h1>
- <?php
- // create short variable names
- $searchtype=$_POST['searchtype'];
- $searchterm=trim($_POST['searchterm']);
- if (!$searchtype || !$searchterm) {
- echo 'You have not entered search details. Please go back and try again.';
- exit;
- }
- if (!get_magic_quotes_gpc()){
- $searchtype = addslashes($searchtype);
- $searchterm = addslashes($searchterm);
- }
- @ $db = new mysqli('213.171.200.57', 'bookorama', 'password', 'books');
- if (mysqli_connect_errno()) {
- echo 'Error: Could not connect to database. Please try again later.';
- exit;
- }
- $query = "SELECT * FROM books WHERE ".$searchtype." like '%".$searchterm."%'";
- $result = $db->query($query);
- $num_results = $result->num_rows;
- echo "<p>Number of books found: ".$num_results."</p>";
- for ($i=0; $i <$num_results; $i++) {
- $row = $result->fetch_assoc();
- echo "<p><strong>".($i+1).". Title: ";
- echo htmlspecialchars(stripslashes($row['title']));
- echo "</strong><br />Author: ";
- echo stripslashes($row['author']);
- echo "<br />ISBN: ";
- echo stripslashes($row['isbn']);
- echo "<br />Price: ";
- echo stripslashes($row['price']);
- echo "</p>";
- }
- $result->free();
- $db->close();
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement