Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //Details in asterisk to hide.
- <?php
- define('DB_SERVER', '******');
- define('DB_USERNAME', '*******');
- define('DB_PASSWORD', '*******');
- define('DB_DATABASE', '*******');
- $db = mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);
- $query = "SELECT user_id, username, user_password FROM User_Login WHERE username='$username' AND user_password='$password'",
- $username = mysqli_real_escape_string($db,$_GET['username']),
- $password = mysqli_real_escape_string($db,$_GET['password']);
- // Perform Query
- $result = mysqli_query($db,$query);
- // Check result
- // This shows the actual query sent to MySQL, and the error. Useful for debugging.
- if (!$result) {
- $message = 'Invalid query: ' . mysqli_error($db) . "n";
- $message .= 'Whole query: ' . $query;
- die($message);
- }
- // Use result
- // Attempting to print $result won't allow access to information in the resource
- // One of the mysql result functions must be used
- while ($row = mysqli_fetch_assoc($result)) {
- echo $row['$username'];
- echo $row['username'];
- echo $row['user_password'];
- }
- // Free the resources associated with the result set
- // This is done automatically at the end of the script
- mysqli_free_result($result);
- ?>
- <?php
- mysql_connect("localhost", "root", "12450") or die("Error connecting to database: ".mysql_error());
- /*
- localhost - it's location of the mysql server, usually localhost
- root - your username
- third is your password
- if connection fails it will stop loading the page and display an error
- */
- mysql_select_db("myDatabase") or die(mysql_error());
- /* tutorial_search is the name of database we've created */
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Search Results</title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- </head>
- <body>
- <div data-role="page" id="SearchResultsPage" data-theme="b" data-add-back-btn="true">
- <div data-role="header">
- <h1>Search Results</h1>
- </div>
- <?php
- $query = $_GET['query'];
- // gets value sent over search form
- $min_length = 3;
- // you can set minimum length of the query if you want
- if(strlen($query) >= $min_length){ // if query length is more or equal minimum length then
- $query = htmlspecialchars($query);
- // changes characters used in html to their equivalents, for example: < to >
- $query = mysql_real_escape_string($query);
- // makes sure nobody uses SQL injection
- $raw_results = mysql_query("SELECT * FROM emplist
- WHERE (`lfname` LIKE '%".$query."%') OR (`id` LIKE '%".$query."%')") or die(mysql_error());
- // * means that it selects all fields, you can also write: `id`, `title`, `text`
- // articles is the name of our table
- // '%$query%' is what we're looking for, % means anything, for example if $query is Hello
- // it will match "hello", "Hello man", "gogohello", if you want exact match use `title`='$query'
- // or if you want to match just full word so "gogohello" is out use '% $query %' ...OR ... '$query %' ... OR ... '% $query'
- if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following
- while($results = mysql_fetch_array($raw_results)){
- // $results = mysql_fetch_array($raw_results) puts data from database into array, while it's valid it does the loop
- echo "<h4><p>".$results['lfname']."</h4>"." ".$results['phonenum']." <br> MCI #".$results['id']." <br> ".$results['state']." ".$results['zip']."</p>";
- // posts results gotten from database
- }
- }
- else{ // if there is no matching rows do following
- echo "No results found";
- }
- }
- else{ // if query length is less than minimum
- echo "ERROR Minimum length is ".$min_length;
- }
- ?>
- </body>
- <div data-role="content"></div>
- <input type="button" name="bIndex" value="Back" onclick="location.href='Index.php'">
- <div data-role="footer" data-theme="b">
- <h4>____?____?____?___?____ © 2016</h4>
- </div>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement