HEX
Server: LiteSpeed
System: Linux lp015.web24.net.au 2.6.32-954.3.5.lve1.4.93.el6.x86_64 #1 SMP Wed Oct 4 17:04:29 UTC 2023 x86_64
User: pgkdistr (10190)
PHP: 8.1.32
Disabled: opcache_get_status
$ pwd: /var/www/vhosts/pgkdistribution.com.au/citisolar.com.au/gatehouse==/
Upload Files
File: /var/www/vhosts/pgkdistribution.com.au/citisolar.com.au/gatehouse==/query.php
<?php 
	  include_once ('db.php');
	session_start();
	if ($_SESSION['ref'] == 'procedit') {
		if (strlen ($_SESSION['mysqlerr']) > 0) {
			echo $_SESSION['mysqlerr']."<br/>Row not edited properly!";
		}
	}
	$_SESSION['ref'] = 'search';
?>
<html>
	<head>
	</head>
	<body>
		<h2>Query Database</h2>
		<h3><a href="index.php">Back to Home Page</a></h3>
		<h3><a href="logout.php">Logout</a></h3>
		<form name="searchForm" action="query.php" method="post">
			<table>
				<tr valign="top" height="20">
					<td align="left">Field:</td>
					<td><select name="field">
<?php
	$result = mysqli_query($conn, "SELECT * FROM `jobfields`");

	while ($row = mysqli_fetch_array($result)) {

		echo "<option value=\"".$row{'jf_id'}."\">".$row{'jf_name'}."</option>";
	}
?>
					</td>
				</tr>
				<tr valign="top" height="20">
					<td align="left">Value:</td>
					<td><input type="text" name="value" size="50" maxlength="50"></td>
				</tr>
			</table>
			<input type="submit" name="submitForm" value="Search" onclick="SubmitForm();  return false;" >
  			<input type="reset" name="resetForm" value="Reset">
		</form>
<?php
if (isset($_POST['field']) && isset($_POST['value'])) {
	$result = mysqli_query($conn, "SELECT * FROM jobfields WHERE jf_id = '".$_POST['field']."'");
	
	while ($row = mysqli_fetch_array($result)) {
		$fieldname = $row{'jf_name'};
	}
	
	$result = mysqli_query($conn, "SELECT * FROM jobs, tradesman, appliance WHERE jobs.".$fieldname." LIKE '%".$_POST['value']."%' AND jobs.tradesman = tradesman.trade_id AND jobs.appliance = appliance.app_id ORDER BY date DESC");

	$count = 0;
	
	while ($row = mysqli_fetch_array($result)) {
		$count++;
		if ($count == 1) {
		echo "<table border='1' cellpadding='2' CELLSPACING='0'><tr><th>Date</th><th>SC Order</th><th>Address</th><th>Appliance</th><th>Codes</th><th>Tradesman</th><th>Invoice Number</th><th>Edit</th></tr>";
		}
		
		echo "<tr><td>".$row{'date'}."</td>";
		echo "<td>".$row{'scorder'}."</td>";
		echo "<td>".$row{'address'}."</td>";
		echo "<td>".$row{'app_name'}."</td>";
		echo "<td>".$row{'codes'}."</td>";
		echo "<td>".$row{'trade_name'}."</td>";
		echo "<td>".$row{'invoicenum'}."</td>";
		echo "<td><a href='edit.php?date=".$row{'date'}."&scorder=".$row{'scorder'}."'>Edit Job</a></td></tr>";
	}
	
	if ($count > 0) {
		echo "</table>";
	}
}
?>
	</body>
</html>
@ Telegram