* Sunda Cyber Army 2k17 *
Indonesia Defacer ~
<?php
if(empty($_REQUEST['genre'])) {
// echo "Please go through search page. (or redirect)";
header('Location: search_drilldown.php');
// exit();
}
$host = "webdev.iyaserver.com";
$user = "dent";
$userpw = "";
$db="dent_dvd";
include "../pdloginvariables.php";
$mysql = new mysqli( $host, $user, $userpw, $db );
if($mysql->connect_errno) {
echo "db connection error : " . $mysql->connect_error;
exit();
}
?>
<html>
<head>
<title>Drill down: Movie results</title>
<style>
body {
background-color: burlywood;
margin: 0 200px;
text-align: center;
}
#container {
padding: 30px;
margin-top: 100px;
background-color: olive;
width: 650px;
text-align: left;
color:white;
}
.label {
float:left;
clear:both;
width: 120px;
}
.title {
width: 400px;
float:left;
}
.link {
width: 200px;
float:left;
margin-left: 50px;
}
</style>
</head>
<body>
<div id="container">
<h1> Search results<hr></h1>
<?php
$sql = "SELECT * FROM movieView2 WHERE 1=1";
$sql .= " AND title LIKE '%" .
$_REQUEST['title'] . "%'";
if($_REQUEST['rating'] != "ALL") {
$sql .= " AND rating ='" . $_REQUEST["rating"] . "'";
}
if($_REQUEST['genre'] != "ALL") {
$sql .= " AND genre = '" . $_REQUEST["genre"] . "'";
}
$sql .= " ORDER BY ". $_REQUEST['orderby'];
$results = $mysql->query($sql);
if(!$results) {
echo "<hr>Your SQL:<br> " . $sql . "<br><br>";
echo "SQL Error: " . $mysql->error . "<hr>";
exit();
}
// echo "<em>You searched for Title: " . $_REQUEST['title'] . " and Rating: " . $_REQUEST['rating'] . " and Genre: " . $_REQUEST['genre'] . "</em>";
// echo "<br><br>";
// echo "<em>(SQL: " . $sql . "</em>)";
// echo "<br><br>";
echo "<em>Your results returned <strong>" .
$results->num_rows .
"</strong> results.</em>";
echo "<br><br>";
if (!empty($_REQUEST["email"])) {
$message = "Movie Search Results\r";
$message .="--------------------------------\r";
while($currentrow = $results->fetch_assoc()) {
$message .= $currentrow["title"] .
" (Rated " .
$currentrow["rating"] .
"), " .
$currentrow["genre"] .
"\r"; // \r is a carriage return in plain text
}
// email $message as body of message. Use $_REQUEST["email"] as "to"
mail($_REQUEST["email"], "Your Movie Results", $message);
echo "<hr><em>(results emailed to " . $_REQUEST["email"] ." )</em><hr><br>";
$results->data_seek(0); // reset results back to row 1
}
while($currentrow = $results->fetch_assoc()) {
echo "<div class='title'><strong>" .
$currentrow['title'] .
"</strong>".
" (<em>Rated " . $currentrow['rating'] . "</em>) </div>" .
"<div class='link''>" .
"<a href='details_drilldown.php?recordid=".
$currentrow["dvd_title_id"]."'>" .
"View</a>" . " | " .
"<a href='edit_drilldown.php?recordid=".
$currentrow["dvd_title_id"]."'>" .
"Edit</a>" . " | " .
"<a href='delete_drilldown.php?recordid=".
$currentrow["dvd_title_id"]."'>" .
"Delete</a>" .
"</div>" .
"<br style='clear:both;'>";
}
?>
</div>
</body></html>