-
Notifications
You must be signed in to change notification settings - Fork 0
/
admin-backend-search.php
71 lines (67 loc) · 2.46 KB
/
admin-backend-search.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
/* Attempt MySQL server connection. Assuming you are running MySQL
server with default setting (user 'root' with no password) */
try{
$pdo = new PDO("mysql:host=localhost;dbname=fnf", "root", "1001");
// Set the PDO error mode to exception
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e){
die("ERROR: Could not connect. " . $e->getMessage());
}
// Attempt search query execution
try{
if(isset($_REQUEST["term"])){
// create prepared statement
// SELECT DISTINCT(`p`.`pid`), `p`.`productName`, `p`.`productImage`, `pt`.`ptName` FROM `product` AS `p` LEFT JOIN `producttype` AS `pt` ON `p`.`pid` = `pt`.`pid` WHERE `p`.`productName` LIKE '%parsley%' OR `pt`.`ptName` LIKE '%parsley%' && `p`.`productName` != 'NULL' && `pt`.`ptName` != 'NULL'
$sql = "SELECT `p`.* , `pt`.*
FROM `product` AS `p`
LEFT JOIN `producttype` AS `pt` ON `p`.`pid` = `pt`.`pid`
WHERE `p`.`productName` LIKE :term
OR `pt`.`ptName` LIKE :term
&& `p`.`productName` != 'NULL'
&& `p`.`productName` != ''
&& `pt`.`ptName` != 'NULL'
&& `pt`.`ptName` != ''
GROUP BY `p`.`productName`";
$stmt = $pdo->prepare($sql);
$term = $_REQUEST["term"] . '%';
// bind parameters to statement
$stmt->bindParam(":term", $term);
// execute the prepared statement
$stmt->execute();
if($stmt->rowCount() > 0){
while($row = $stmt->fetch()){
$pid = $row['pid'];
$ptQ = "SELECT `ptid`, `ptName`, `ptImage`
FROM `producttype`
WHERE `pid` = :term
&& `ptName` != 'NULL'
&& `ptName` != ''";
$ptS = $pdo->prepare($ptQ);
$ptTerm = $pid;
// bind parameters to statement
$ptS->bindParam(":term", $ptTerm);
// execute the prepared statement
$ptS->execute();
if($ptS->rowCount() > 0){
while($variety = $ptS->fetch()){?>
<p> <a href="productview.php?pid=<?php echo $variety['ptid']; ?>" class="btn btn-success">
<img src="images/<?php echo $variety['ptImage'] ?>" width="15px" height="15px" alt="<?php echo $variety["ptName"]; ?>" title="<?php echo $variety["ptName"]; ?>"/> <?php echo $variety["ptName"]; ?>
</a>
</p>
<?php
}
}
}
} else{
echo "<p>No matches found</p>";
}
}
} catch(PDOException $e){
die("ERROR: Could not able to execute $sql. " . $e->getMessage());
}
// Close statement
unset($stmt);
// Close connection
unset($pdo);
?>