SHOW:
|
|
- or go back to the newest paste.
1 | ||
2 | ||
3 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | |
4 | <html xmlns="http://www.w3.org/1999/xhtml"> | |
5 | <head> | |
6 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | |
7 | <title>Book-O-Rama Search Results</title> | |
8 | </head> | |
9 | ||
10 | <body> | |
11 | <h1>Book-O-Rama Search Results</h1> | |
12 | <?php | |
13 | // create short variable names | |
14 | $searchtype=$_POST['searchtype']; | |
15 | $searchterm=trim($_POST['searchterm']); | |
16 | if (!$searchtype || !$searchterm) { | |
17 | echo 'You have not entered search details. Please go back and try again.'; | |
18 | exit; | |
19 | } | |
20 | if (!get_magic_quotes_gpc()){ | |
21 | $searchtype = addslashes($searchtype); | |
22 | $searchterm = addslashes($searchterm); | |
23 | } | |
24 | @ $db = new mysqli('213.171.200.57', 'bookorama', 'password', 'books'); | |
25 | if (mysqli_connect_errno()) { | |
26 | echo 'Error: Could not connect to database. Please try again later.'; | |
27 | exit; | |
28 | } | |
29 | $query = "SELECT * FROM books WHERE ".$searchtype." like '%".$searchterm."%'"; | |
30 | $result = $db->query($query); | |
31 | $num_results = $result->num_rows; | |
32 | echo "<p>Number of books found: ".$num_results."</p>"; | |
33 | for ($i=0; $i <$num_results; $i++) { | |
34 | $row = $result->fetch_assoc(); | |
35 | echo "<p><strong>".($i+1).". Title: "; | |
36 | echo htmlspecialchars(stripslashes($row['title'])); | |
37 | echo "</strong><br />Author: "; | |
38 | echo stripslashes($row['author']); | |
39 | echo "<br />ISBN: "; | |
40 | echo stripslashes($row['isbn']); | |
41 | echo "<br />Price: "; | |
42 | echo stripslashes($row['price']); | |
43 | echo "</p>"; | |
44 | } | |
45 | $result->free(); | |
46 | $db->close(); | |
47 | ?> | |
48 | </body> | |
49 | </html> |