<?php @mysql_connect("localhost", "root", "") or die("Error connecting

1.  
2. <?php
3. @mysql_connect("localhost", "root", "") or die("Error connecting to database: ".mysql_error());
4.  
5. mysql_select_db("inv") or die(mysql_error());
6.  
7. if($_SERVER['REQUEST_METHOD'] == 'POST'){
8. // check if the cart has anything in it
9. if(!isset($_SESSION['cart'])) $_SESSION['cart'] = null;
10. // validate something is there
11. if($_POST['qty'] >= 0) {
12. // add the qty to the PID. Store it in the session array with the PID as the key
13. // $_SESSION['cart'][$_POST['add_to_cart']] = $_POST['qty'];
14. $_SESSION['cart'][$_POST['pid']] = $_POST['qty'];
15. }
16. }
17.  
18. ?>
19.  
20. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
21. <html xmlns="http://www.w3.org/1999/xhtml">
22. <head>
23. <title>Inventory Search Results - Secaucus</title>
24. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
25.  
26. </head>
27. <body>
28. <img src="images.jpg" alt="logo" height="98" width="300"> <br><br>
29. <h3> Inventory Results - Secaucus Warehouse</h3><hr>
30. <?php
31.  
32.  
33. $query = $_GET['query'];
34. // gets value sent over search form
35.  
36. $min_length = 3;
37. // set minimum length of the query
38.  
39. if(strlen($query) >= $min_length){ // if query length is more or equal minimum length then
40.  
41. $query = htmlspecialchars($query);
42. // changes characters used in html to their equivalents
43.  
44. $query = mysql_real_escape_string($query);
45. // makes sure nobody uses SQL injection
46.  
47. $raw_results = mysql_query("SELECT * FROM products
48. WHERE (`PID` LIKE '%".$query."%') OR (`Description` LIKE '%".$query."%') ORDER BY PID") or die(mysql_error());
49. /*$assoc = mysql_fetch_assoc($raw_results);
50.  
51.  
52. var_dump($assoc);*/
53.  
54. if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following
55.  
56.  
57. $i = "1";
58. while($results = mysql_fetch_array($raw_results)){
59.  
60. echo "<h3><div id='$i'>Product ID: ".$results['PID']."</div></h3>";
61. echo "<p>Description: ".$results['Description']."</p>";
62. echo "<p>Quantity: ".$results['Quantity']."</p>";
63. echo "<p>Location: ".$results['Location']."</p>";
64. // echo "<p>Link: ".$results['DataSheetLink']."</p>";
65. if(!empty($results['DataSheetLink']))
66. echo '<p>Data Sheet Link: <a href="'.$results['DataSheetLink'].'">Click Here</a></p>';
67. echo "<a href='mailto:marc.e.cerone@jci.com?subject=Part Request: ".$results['PID']."&body=I would like to request (enter quantity of this item) of PID ".$results['PID']." - ".$results['Description']." '>Request Item</a><br><br>";
68.  
69.  
70. echo "<form method='post'>";
71. echo "<input type='text' id='qty$i' name='qty' value='' placeholder='Quantity' width='50px' />";
72. echo '<input type="hidden" name="pid" value="'.$results['PID'].'">';
73. echo '<button name="add_to_cart" value="'.$results['PID'].'" type="submit">Add to List</button><br>';
74. echo "</form>"; echo "<hr>";
75.  
76.  
77. $i++;
78.  
79.  
80.  
81. // posts results gotten from database
82. }
83.  
84.  
85.  
86. if(isset($_SESSION['cart'])){
87. $items = "";
88. foreach($_SESSION['cart'] as $key => $value) {
89. $items .= "$key, $value\n";
90. }
91. }
92. if(!empty($items))
93. echo $items;
94. }
95. else{ // if there is no matching rows do following
96. echo "Sorry, No results were found";
97. }
98.  
99. }
100. else{ // if query length is less than minimum
101. echo "Minimum length is ".$min_length;
102. }
103. ?>
104.  
105. </body>
106. </html>