<?php
define("HOST", "localhost");
// Database user
define("DBUSER", "root");
// Database password
define("PASS", "password");
// Database name
define("DB", "csvdb");
// Database Error - User Message
define("DB_MSG_ERROR", 'Could not connect!<br />Please contact the site\'s administrator.');
############## Make the mysql connection ###########
$conn = mysql_connect(HOST, DBUSER, PASS) or die(DB_MSG_ERROR);
$db = mysql_select_db(DB) or die(DB_MSG_ERROR);
$query = mysql_query("
SELECT *
FROM csvtb
WHERE project_id, phase, building='".$_POST['value']."'
");
echo '<table>';
while ($data = mysql_fetch_array($query)) {
echo '
<tr>
<td style="font-size:18px;">'.$data["project_id"].'</td>
<td style="font-size:18px;">'.$data["phase"].'</td>
</tr>';
}
echo '</table>';
?> // thats search.php
<!DOCTYPE html>
<?php
$con = mysql_connect("localhost","root","password");
$db = mysql_select_db("csvdb",$con);
$get=mysql_query("SELECT * FROM csvtb WHERE sold = 'no'");
$option = '';
while($row = mysql_fetch_assoc($get))
{
$option1 .= '<option value = "'.$row['project_id'].'">'.$row['project_id'].'</option>';
$option2 .= '<option value = "'.$row['phase'].'">'.$row['phase'].'</option>';
$option3 .= '<option value = "'.$row['building'].'">'.$row['building'].'</option>';
$option4 .= '<option value = "'.$row['apartment_type'].'">'.$row['apartment_type'].'</option>';
$option5 .= '<option value = "'.$row['level'].'">'.$row['level'].'</option>';
$option6 .= '<option value = "'.$row['garden'].'">'.$row['garden'].'</option>';
}
?>
<html>
<head>
<meta charset="utf-8">
<title>Search our database</title>
<script type="text/javascript">
var GB_ROOT_DIR = "greybox/";
</script>
<link rel="stylesheet" type="text/css" href="css.css" media="screen">
<script type="text/javascript" src="greybox/AJS.js"></script>
<script type="text/javascript" src="greybox/AJS_fx.js"></script>
<script type="text/javascript" src="greybox/gb_scripts.js"></script>
<link href="greybox/gb_styles.css" rel="stylesheet" type="text/css" />
<!-- Load JQuery
<script type="text/javascript" src="js/jquery/jquery.min.js"></script> -->
<!-- Load JQuery UI
<script type="text/javascript" src="js/jquery/jquery-ui.min.js"></script> -->
<!-- JQUERY FROM GOOGLE API -->
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript">
$(function() {
$("#lets_search").bind('submit',function() {
var value = $('#str').val();
$.post('search.php',{value:value}, function(data){
$("#search_results").html(data);
});
return false;
});
});
</script>
</head>
<body>
<div id="main-left">
<div id="logo-left">
<div id="main-logo">
<img src="logo2.jpg" height="100%" width="100%"/>
<!--<div id="underlogo-text">SELECTOR</div>-->
</div>
</div>
<form role="form" action="" method="post">
<div id="form-left">
<select name="project_id">
<option disabled selected> Select a project </option>
<?php echo $option1; ?>
</select>
<select name="phase">
<option disabled selected> Select a phase</option>
<?php echo $option2; ?>
</select>
<select name="building">
<option disabled selected> Select a buidling </option>
<?php echo $option3; ?>
</select>
<select name="apartment_type">
<option disabled selected> Select an apartment </option>
<?php echo $option4; ?>
?>
</select>
<select name="level">
<option disabled selected> select a Level </option>
<?php echo $option5; ?>
</select>
<select name="garden">
<option disabled selected> select garden options </option>
<?php echo $option6; ?>
</select>
<div id="input-size">
<p>Size</p>
<input type="text" name="size1" class="input"/>
<input type="text" name="size2" class="input"/>
</div>
<div id="input-size">
<p>Bedrooms</p>
<input type="text" name="size1" class="input"/>
<input type="text" name="size2" class="input"/>
</div>
<div id="input-size">
<p> </p>
<input type="submit" value="send" name="send" id="send">
</div>
</form>
</div>
</div>
<div id="main-right">
<div id="right-result-container">
<div id="result">
<div id="span-container"><span>Results:</span><div style="width:100%;"> </div></div>
<table id="results-table">
<thead>
<tr>
</tr>
</thead>
<tbody>
<div id="search_results"></div>
</tbody>
</table>
</div>
</div>
</div>
</body>
</html> // that's index.php
know i should use pdo and can be easily injected, will secure it later, for now, how to get the value so i can search it, through post, to be completely honest i haven’t slept since 2 days, i cant’ see what i’m doing wrong, hell if you tell me to write python in there and tell me to test it i will, can’t see nothing, the quality of my questions are usually better but today i’m tired and would love to get any help i can
get.