Code: Select all
<?
$title = "Vendor Search";
include ("testing.inc");
html_begin($title,$title);
?>
<form action="vresults.php" method="post">
Choose Search Type:<br>
<select name="searchtype">
<option value="Vname">Vendor Name
<option value="Vadd">Vendor Address
<option value="Vcity">Vendor City
</select>
<br>
Enter Search Term:<br>
<input name="searchterm" type=text>
<BR>
<input type=submit value="Search!">
</form>
<?
html_end();
?>Code: Select all
<?
$title = "Vendor Search Results";
include ("testing.inc");
html_begin($title,$title);
testing_connect ();
trim($searchterm);
if (!$searchtype || !$searchterm)
{
echo "You have not entered search details. Do it over.";
exit;
}
$searchtype = addslashes($searchtype);
$searchterm = addslashes($searchterm);
$query = "select * from vendors where ".$searchtype." like '%".$searchterm."%'";
$result = mysql_query($query);
$num_results = mysql_num_rows($result);
echo "<p>Number of vendors found: ".$num_results."</p>";
for ($i=0; $i <$num_results; $i++)
{
$row = mysql_fetch_array($result);
echo "<P><STRONG>".($i+1).". Vendor Name: ";
echo htmlspecialchars (stripslashes($row["Vname"]));
echo "</STRONG><br>Vendor Address: ";
echo htmlspecialchars (stripslashes($row["Vadd"]));
echo "<BR>Vendor City: ";
echo htmlspecialchars (stripslashes($row["Vcity"]));
echo "</p>";
}
html_end();
?>