* Sunda Cyber Army 2k17 *
Indonesia Defacer ~
<?php
print_r($_REQUEST);
echo "<hr>";
$host = "webdev.iyaserver.com";
$userid = "<youruserid>";
$userpw = "<yourpw>";
$db = "<database name>";
include '../pdloginvariables.php'; // you can ignore/skip this line
$mysql = new mysqli(
$host,
$userid,
$userpw,
$db
);
if($mysql->connect_errno) {
echo "db connection error : " . $mysql->connect_error;
exit();
}
$sql = "SELECT * FROM movieView WHERE 1=1 ";
if($_REQUEST["title"] != "") {
$sql .= " AND title LIKE '%" . $_REQUEST["title"] . "%'";
}
if($_REQUEST["genre"] != "ALL") {
$sql = $sql . " AND genre = '" .$_REQUEST["genre"] . "'";
}
if($_REQUEST["rating"] != "ALL") {
$sql = $sql . " AND rating = '" .$_REQUEST["rating"] . "'";
}
echo "<hr>" . $sql . "<hr>";
$results = $mysql->query($sql);
if(!$results) {
echo "SQL error: ". $mysql->error;
exit();
}
echo "Your search returned " . $results->num_rows . " results.<br>";
while($currentrow = $results->fetch_assoc()) {
echo $currentrow["title"] . " (" . $currentrow["genre"] . ")<br>";
}
