SHOW:
|
|
- or go back to the newest paste.
| 1 | ||
| 2 | ||
| 3 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | |
| 4 | <html xmlns="http://www.w3.org/1999/xhtml"> | |
| 5 | <head> | |
| 6 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | |
| 7 | <title>Book-O-Rama Search Results</title> | |
| 8 | </head> | |
| 9 | ||
| 10 | <body> | |
| 11 | <h1>Book-O-Rama Search Results</h1> | |
| 12 | <?php | |
| 13 | // create short variable names | |
| 14 | $searchtype=$_POST['searchtype']; | |
| 15 | $searchterm=trim($_POST['searchterm']); | |
| 16 | if (!$searchtype || !$searchterm) {
| |
| 17 | echo 'You have not entered search details. Please go back and try again.'; | |
| 18 | exit; | |
| 19 | } | |
| 20 | if (!get_magic_quotes_gpc()){
| |
| 21 | $searchtype = addslashes($searchtype); | |
| 22 | $searchterm = addslashes($searchterm); | |
| 23 | } | |
| 24 | @ $db = new mysqli('213.171.200.57', 'bookorama', 'password', 'books');
| |
| 25 | if (mysqli_connect_errno()) {
| |
| 26 | echo 'Error: Could not connect to database. Please try again later.'; | |
| 27 | exit; | |
| 28 | } | |
| 29 | $query = "SELECT * FROM books WHERE ".$searchtype." like '%".$searchterm."%'"; | |
| 30 | $result = $db->query($query); | |
| 31 | $num_results = $result->num_rows; | |
| 32 | echo "<p>Number of books found: ".$num_results."</p>"; | |
| 33 | for ($i=0; $i <$num_results; $i++) {
| |
| 34 | $row = $result->fetch_assoc(); | |
| 35 | echo "<p><strong>".($i+1).". Title: "; | |
| 36 | echo htmlspecialchars(stripslashes($row['title'])); | |
| 37 | echo "</strong><br />Author: "; | |
| 38 | echo stripslashes($row['author']); | |
| 39 | echo "<br />ISBN: "; | |
| 40 | echo stripslashes($row['isbn']); | |
| 41 | echo "<br />Price: "; | |
| 42 | echo stripslashes($row['price']); | |
| 43 | echo "</p>"; | |
| 44 | } | |
| 45 | $result->free(); | |
| 46 | $db->close(); | |
| 47 | ?> | |
| 48 | </body> | |
| 49 | </html> |
