Page 1 of 1

Problem with database query

Posted: Wed Dec 10, 2008 10:32 pm
by IndianTechStudent
#i am a newbie at this PHP stuff
I am trying to finish my project for class but I have a problem with my code. I will paste it here and see if you folks can determine whats wrong.
I tried to put in code to search my data base table desk for the term software.

Code: Select all

 
<?php
$filter = array(
  'lower' => FILTER_SANITIZE_STRING,
  'upper' => FILTER_SANITIZE_STRING
 );
 
$input = filter_input_array(INPUT_POST, $filter);
if ($input['upper']) {
  $upperdate = strtotime($input['upper']);
} else {
  $upperdate = time();
}
if ($input['lower']) {
$lowerdate = strtotime($input['lower']);
} else {
$lowerdate = strtotime('now -7 days');
}  
$all_valid = $lowerdate > 0 && $upperdate > 0;
$was_submitted = $_POST['action'];
?>
<html>
<head><title>Software Search Page</title></head>
<body bgcolor="#00ff00">
<font size= "8" face= "Arial"></font>
<form method="post">
Please enter a date range OR click button.<br />
Lower Date:
<input type="text" name="lower"
       value="<?php echo $input['lower']; ?>" />
Upper Date:
<input type="text" name="upper"
       value="<?php echo $input['upper']; ?>" /><br />
<input type="submit" value="Query" name="action" />
</form>
<?php
if ($was_submitted && $all_valid) {
$dbh = new PDO('mysql:host=localhost;dbname=klprophett01', 'klprophett01', 'GmaCorrine30',
   array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
$stmt = $dbh->prepare("select * from desk " .
              "where department='software' ");
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$stmt->execute(array($lowerdate, $upperdate));
?>
<table border=1 cellspacing=1 cellpadding=3><tr><th>User ID</th><th>First Name</th><th>Last Name</th>
           <th>E-mail</th><th>Department</th><th>Problem Description</th><th>Submitted</th></tr>
<?php
foreach($stmt as $line) {
    $descriptionBox = htmlspecialchars($line['descriptionBox']);
    $submitted = date('r', strtotime($line[submitted]));
    echo "<tr>";
    echo "<td>$line[user_id]</td>";
    echo "<td>$line[first_name]</td>";
    echo "<td>$line[last_name]</td>";
    echo "<td>$line[email]</td>";
    echo "<td>$line[department]</td>";
    echo "<td>$line[descriptionBox]</td>";
    echo "<td>$line[submitted]</td>";
    echo "</tr>\n";
}
echo "</table>\n";
}
?>
<a href="http://scs2.indianatech.net/%7Eklprophett01/software.php">Search Software Department</a>
<a href="http://scs2.indianatech.net/%7Eklprophett01/hardware.php">Search Hardware Department</a>
<a href="http://scs2.indianatech.net/%7Eklprophett01/other.php">Search Other Department</a>
</body>
</html>