API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 10th, 2019
133
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.30 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.  
  4.  
  5. $dbHost = 'localhost'; // localhost will be used in most cases
  6.  
  7. // set these to your mysql database username and password.
  8.  
  9. $dbUser = 'xxxxxxxx';
  10. $dbPass = 'xxxxxxx';
  11. $dbDatabase = 'stock'; // the database you put the table into.
  12.  
  13. $con = mysql_connect($dbHost, $dbUser, $dbPass) or trigger_error("Failed to connect to MySQL Server. Error: " . mysql_error());
  14. mysql_select_db($dbDatabase) or trigger_error("Failed to connect to database {$dbDatabase}. Error: " . mysql_error());
  15.  
  16. // Set up our error check and result check array
  17.  
  18. $error = array();
  19. $results = array();
  20.  
  21. // First check if a form was submitted.
  22. // Since this is a search we will use $_GET
  23.  
  24. if (isset($_GET['search'])) {
  25. $searchTerms = trim($_GET['search']);
  26. $searchTerms = strip_tags($searchTerms); // remove any html/javascript.
  27.  
  28. if (strlen($searchTerms) < 2) {
  29. $error[] = "Search terms must be longer than 2 characters.";
  30. }else {
  31. $searchTermDB = mysql_real_escape_string($searchTerms); // prevent sql injection.
  32. }
  33.  
  34. // If there are no errors, lets get the search going.
  35.  
  36. if (count($error) < 1) {
  37. $searchSQL = "SELECT mastercategory, category, product_desc, barcode, serial FROM main_stock WHERE ";
  38.  
  39. // grab the search types.
  40. $types = array();
  41. $types[] = isset($_GET['barcode'])?"`barcode` LIKE '%{$searchTermDB}%'":'';
  42. $types = array_filter($types, "removeEmpty"); // removes any item that was empty (not checked)
  43.  
  44. if (count($types) < 1)
  45. $types[] = "`barcode` LIKE '%{$searchTermDB}%'"; // use the body as a default search if none are checked
  46.  
  47. $andOr = isset($_GET['matchall'])?'AND':'OR';
  48. $searchSQL .= implode(" {$andOr} ", $types) . " ORDER BY `barcode`"; // order by title.
  49. $searchResult = mysql_query($searchSQL) or trigger_error("There was an error.<br/>" . mysql_error() . "<br />SQL Was: {$searchSQL}");
  50.  
  51. if (mysql_num_rows($searchResult) < 1) {
  52. $error[] = "The scanned barcode {$searchTerms} is not in the database.";
  53. }else {
  54. $results = array(); // the result array
  55. $i = 1;
  56. while ($row = mysql_fetch_assoc($searchResult)) {
  57. $results[] = "{$i}:Product Name&nbsp;:&nbsp;<br />&nbsp;&nbsp;{$row['product_desc']} <br />Master Category&nbsp;:&nbsp;<br />&nbsp;&nbsp;{$row['mastercategory']}<br />Sub Category&nbsp;:&nbsp;<br />&nbsp;&nbsp;{$row['category']}<br />Barcode&nbsp;:&nbsp;{$row['barcode']} <br />Serial No.&nbsp;:&nbsp;{$row['serial']}";
  58. $i++;
  59. }
  60. }
  61. }
  62. }
  63. function removeEmpty($var) {
  64. return (!empty($var));
  65. }?>
  66.  
  67. <html>
  68.  
  69. <title>Search Form</title>
  70. <BODY onLoad="document.forms.searchForm.search.focus()">
  71. <form action="index.php">
  72. <center>
  73. <span class="formcentjc">
  74. <input type=submit value="Home" />
  75. </span>
  76. </center>
  77. </form>
  78. <?php echo (count($error) > 0)?"The following had errors:<br /><span id="error">" . implode("<br />", $error) . "</span><br /><br />":""; ?>
  79.  
  80. <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="GET" name="searchForm" class="cent">
  81. <onLoad="document.searchForm.search()">
  82. <table width="196" border="1">
  83. <tr>
  84. <th bgcolor="#D6D6D6" style="text-align: center" scope="col">Search For:</th>
  85. </tr>
  86. <tr style="text-align: center">
  87. <td class="cent1">
  88. <input name="search" type="text" onFocus="this.value='';" value="<?php echo isset ($searchTerms)?htmlspecialchars($searchTerms):''; ?>" size="28" maxlength="15" />
  89. <span style="text-align: center"></span></td>
  90. </tr>
  91. </table>
  92. </form>
  93. <p>
  94. <tr>
  95. <td bgcolor="#D6D6D6"><form action="addproduct.php">
  96. <center>
  97. <span class="formcentjc">
  98. <input type=submit value="Add New Product" />
  99. </span>
  100. </center>
  101. </form></td>
  102. </tr>
  103. <tr>
  104. </p>
  105.  
  106. <?php
  107. echo (count($results) > 0)?"SUCCESS: {$searchTerms} :<br /><br />" . implode("", $results):"";
  108. ?>
  109. </body>
  110. </html>
  111.  
  112. $id = mysqli::real_escape_string($_GET['id']);
  113. $data = mysqli::query("SELECT * FROM table WHERE id = '{$id}'");
  114.  
  115. //Check to see if we got any data back :)
  116.  
  117. <input name="value1" type="hidden" value="<?php echo stripslashes($data['value1'])" />
  118.  
  119. $id = mysqli::real_escape_string($_GET['id']);
  120. $value1 = mysqli::real_escape_string($_POST['value1']);
  121. $value2 = mysqli::real_escape_string($_POST['value2']);
  122. mysqli::query("UPDATE table SET value1='{$value1}', value2='{$value2}' ... WHERE id = '{$id}' LIMIT 1");
  123.  
  124. $fetchedProducts = array();
  125.  
  126. while (/*Loop condition to loop through fetched results*/) {
  127. array_push($loopVariable['productName'], $fetchedProducts);
  128.  
  129. //Build HTML to display results
  130. }
  131.  
  132. //Insert into database
  133. $products = mysqli::real_escape_string(json_encode($fetchedProducts));
  134. $timestamp = strtotime("now");
  135. $status = "some status";
  136.  
  137. mysqli::query("INSERT INTO searchRecords (
  138. `id`, `products`, `timestamp`, `status`
  139. ) VALUES (
  140. NULL, '{$products}', '{$timestamp}', '{$status}'
  141. )");
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!