123 lines
4.7 KiB
PHP
123 lines
4.7 KiB
PHP
<?php # Script 9.5 - register.php #2
|
|
// This script performs an INSERT query to add a record to the users table.
|
|
|
|
$page_title = 'Search';
|
|
include ('includes/header.html');
|
|
|
|
// Check for form submission:
|
|
|
|
// echo $_SERVER['REQUEST_METHOD'];
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') { //remember the difference between post and get?
|
|
|
|
require ('./mysqli_connect.php'); // Connect to the db.
|
|
|
|
$errors = array(); // Initialize an error array.
|
|
|
|
// Check for an email address:
|
|
if (empty($_POST['first_name'])) { //$_POST is a global variable. empty() method determines whether a variable is considered to be empty.
|
|
$errors[] = 'You forgot to enter the first name';
|
|
} else {
|
|
$fn = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //mysqli_real_escape_strin()escapes special characters in a string for use in an SQL statement.
|
|
}
|
|
|
|
if (empty($errors)) { // If there is no errors. If everything's OK.
|
|
// Make the query:
|
|
$q = "SELECT CONCAT(StuLastName, ', ', StuFirstName) AS name, StuEmail, Mobile FROM Students where StuFirstName='$fn'";
|
|
$r = @mysqli_query ($dbc, $q); // Run the query.
|
|
$num = mysqli_num_rows($r);
|
|
|
|
if ($num > 0) { // If it ran OK, display the records.
|
|
|
|
// Print how many users there are:
|
|
echo "<p>There is the information for the student you are looking for.</p>\n";
|
|
|
|
// Table header.
|
|
echo '<table align="center" cellspacing="3" cellpadding="3" width="75%">
|
|
<tr><td align="left"><b>Name</b></td><td align="left"><b>Email</b></td><td align="left"><b>Mobile</b></td></tr>
|
|
';
|
|
|
|
// Fetch and print all the records:
|
|
while ($row = mysqli_fetch_array($r, MYSQLI_ASSOC)) { //MYSQLI_ASSOC makes the returned array assortative.
|
|
echo '<tr><td align="left">' . $row['name'] . '</td><td align="left">' . $row['StuEmail'] . '</td><td align="left">' . $row['Mobile'] . '</td></tr>
|
|
';
|
|
}
|
|
|
|
echo '</table>'; // Close the table.
|
|
}
|
|
else { // If it did not run OK.
|
|
|
|
// Public message:
|
|
echo '<h1>Error</h1>
|
|
<p class="error">There is no student match with the information you provided</p>';
|
|
|
|
}
|
|
}
|
|
|
|
mysqli_close($dbc); // Close the database connection.
|
|
} // End of the main Submit conditional.
|
|
?>
|
|
<h1>Search Students by First Name</h1>
|
|
<form action="search.php" method="post">
|
|
<p>First Name <input type="text" name="first_name" size="15" maxlength="20" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" /></p>
|
|
<p><input type="submit" name="submit" value="Search Students" /></p>
|
|
</form>
|
|
|
|
<?php
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') { //remember the difference between post and get?
|
|
|
|
require ('./mysqli_connect.php'); // Connect to the db.
|
|
|
|
$errors = array(); // Initialize an error array.
|
|
|
|
// Check for an email address:
|
|
if (empty($_POST['last_name'])) { //$_POST is a global variable. empty() method determines whether a variable is considered to be empty.
|
|
$errors[] = 'You forgot to enter the last name';
|
|
} else {
|
|
$fn = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); //mysqli_real_escape_strin()escapes special characters in a string for use in an SQL statement.
|
|
}
|
|
|
|
if (empty($errors)) { // If there is no errors. If everything's OK.
|
|
// Make the query:
|
|
$q = "SELECT CONCAT(LecLastName, ', ', LecFirstName) AS lecname, LecEmail, WTel FROM Lecturers where LecLastName='$fn'";
|
|
$r = @mysqli_query ($dbc, $q); // Run the query.
|
|
$num = mysqli_num_rows($r);
|
|
|
|
if ($num > 0) { // If it ran OK, display the records.
|
|
|
|
// Print how many lecturers there are:
|
|
echo "<p>There is the information for the lecturer you are looking for.</p>\n";
|
|
|
|
// Table header.
|
|
echo '<table align="center" cellspacing="3" cellpadding="3" width="75%">
|
|
<tr><td align="left"><b>Name</b></td><td align="left"><b>Email</b></td><td align="left"><b>Telphone</b></td></tr>
|
|
';
|
|
|
|
// Fetch and print all the records:
|
|
while ($row = mysqli_fetch_array($r, MYSQLI_ASSOC)) { //MYSQLI_ASSOC makes the returned array assortative.
|
|
echo '<tr><td align="left">' . $row['lecname'] . '</td><td align="left">' . $row['LecEmail'] . '</td><td align="left">' . $row['WTel'] . '</td></tr>
|
|
';
|
|
}
|
|
|
|
echo '</table>'; // Close the table.
|
|
}
|
|
else { // If it did not run OK.
|
|
|
|
// Public message:
|
|
echo '<h1>Error</h1>
|
|
<p class="error">There is no lecturer match with the information you provided</p>';
|
|
|
|
}
|
|
}
|
|
|
|
mysqli_close($dbc); // Close the database connection.
|
|
} // End of the main Submit conditional.
|
|
?>
|
|
|
|
<h1>Search Lecturers by Last Name</h1>
|
|
<form action="search.php" method="post">
|
|
<p>Last Name <input type="text" name="last_name" size="15" maxlength="20" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" /></p>
|
|
<p><input type="submit" name="submit" value="Search Lecturers" /></p>
|
|
</form>
|
|
<?php include ('includes/footer.html'); ?>
|