-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsearchasset.php
More file actions
executable file
·81 lines (62 loc) · 2.14 KB
/
searchasset.php
File metadata and controls
executable file
·81 lines (62 loc) · 2.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
<?php
session_start();
include('header.php');
include_once("db_connect.php");
if(isset($_SESSION['user_id']) =="") {
header("Location: index.php");
}
if (empty($_POST["keyword"])) {
$searcherr = "";
} elseif (!empty($_POST["keyword"]) AND !preg_match("/^[a-zA-Z0-9 ]+$/",$_POST["keyword"])) {
$searcherr = "Keyword must contain only numbers and alphabets.";
}
?>
<head>
<link rel="stylesheet" href="css/style.css">
</head>
<div class="main-page">
<div class="form">
<fieldset>
<legend>Search Assets</legend>
<form class="login-form" role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="loginform">
<input type="text" name="keyword" placeholder="Enter A Serial Number" required class="form-control" />
<button type="submit" name="search">Search Assets</button>
<font align="center" size="3" color="red"><strong><?php echo "<BR>" .$searcherr ?></strong></font>
<table align="center" width="350">
<?php
// DB file
include_once("db_connect.php");
if(!empty($_POST['keyword'] && preg_match("/^[a-zA-Z0-9 ]+$/",$_POST["keyword"])))
{
$aKeyword = explode(" ", trim($_POST['keyword']));
$query ="SELECT * FROM assets WHERE serialnumber like '%" . $aKeyword[0] . "%'";
for($i = 1; $i < count($aKeyword); $i++) {
if(!empty($aKeyword[$i])) {
$query .= " OR serialnumber like '%" . $aKeyword[$i] . "%'";
}
}
$result = mysqli_query($conn, $query);
echo "<tr>";
echo "<td colspan='2'><br>You have searched for keywords: " . $_POST['keyword'];
if(mysqli_num_rows($result) > 0) {
$row_count=0;
echo "<br>Result Found: ";
echo "</td>";
echo "</tr>";
echo "<br><tr>";
While($row = $result->fetch_assoc()) {
$row_count++;
echo "<tr><td> Result ".$row_count." </td> <td><a href=assetdetails.php?id=".$row['asset_id'].">" . $row['serialnumber'] ."</a><td></tr>";
}
echo "</tr>";
}
else {
echo "<br>Result Found: NONE";
}
}
?>
</table>
</fieldset>
</form>
</div>
</div>