Untitled

<?php
error_reporting(E_ALL ^ E_NOTICE); // Deffo turned on here.
date_default_timezone_set('UTC');

$submit = $_POST['submit'];
$query = $_POST['search'];

$query = addslashes($query);

if (empty($submit)) {
        die('Post variables did not come through');
}

// Lets connect to the database

$mysqli = new mysqli('localhost', '403140_eltanews', '5u30nlyELTA', '403140_eltagroup');

//let's produce an error if we couldnt connect
/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

if ($results = $mysqli->query("SELECT * FROM `eltagroupnews` WHERE MATCH (`content`, `title`, `para1`) AGAINST ('".$query."' IN BOOLEAN MODE)"))
{
        $num_rows = $results->num_rows;
        if ($num_rows > 0) {
                while ($row = $results->fetch_assoc()) {
                        $query = stripslashes($query);
                        $new_para1 = preg_replace('/'.$query.'/', '<span class="hilite">'.$query.'</span>', $row['para1']);
                        echo '<div class="results2">';
                        echo '<div class="content-within"><u style="color:#007CCC;"><span class="title"><a href="article/'.$row["year"].'/'.$row["slug"].'.html">'.stripslashes($row['title']).'</a></span></u><br />';
                        echo '<p class="resultblurb">'.substr(stripslashes($new_para1), 0, 500).'</p>';
                        echo '<a href="http://www.eltagroup.com/article/'.$row['year'].'/'.$row['slug'].'.html"><span class="link">http://www.eltagroup.com/article/'.$row['year'].'/'.$row['slug'].'.html</span></a></div>';

                        echo '<div class="logo-container"><img class="left-logo" src="images/news/'.$row['company_logo'].'" /></div>';
                        echo '<div class="clear"></div></div><br />';
                }

        } // end of number of rows if
}
else {
        die('query to database did not work '. $mysqli->error);
}
$mysqli->close();


?>