-
Notifications
You must be signed in to change notification settings - Fork 0
/
usersearch.php
58 lines (46 loc) · 2.63 KB
/
usersearch.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?php
session_start();
include "db_conn.php";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
function validate($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$limit = validate($_POST['limit']);
$search = validate($_POST['search']);
$sqlsearch = "SELECT * FROM user WHERE Name LIKE '%$search%' OR Username LIKE '%$search%' ORDER BY ID DESC LIMIT $limit";
$resultsearch = mysqli_query($conn, $sqlsearch);
// Start outputting the HTML content
if (mysqli_num_rows($resultsearch)) {
echo '<table class="table table-striped" id="startupproftable">';
echo ' <thead>';
echo ' <tr>';
echo ' <th scope="col">Name</th>';
echo ' <th scope="col">Username</th>';
echo ' <th scope="col">Password</th>';
echo ' <th scope="col">Action</th>';
echo ' </tr>';
echo ' </thead>';
echo ' <tbody>';
$i = 0;
while($rows = mysqli_fetch_assoc($resultsearch)) {
$i++;
echo ' <tr>';
echo ' <td>' . htmlspecialchars($rows['Name']) . '</td>';
echo ' <td>' . htmlspecialchars($rows['Username']) . '</td>';
echo ' <td>' . htmlspecialchars($rows['Password']) . '</td>';
echo ' <td><button type="button" onclick="DeleteUserShow(' . (int)$rows['ID'] . ');" class="red-button">Delete</button>';
echo ' <button type="button" onclick="UpdateUserShow(' . (int)$rows['ID'] . ', \'' . htmlspecialchars($rows['Name'], ENT_QUOTES) . '\', \'' . htmlspecialchars($rows['Username'], ENT_QUOTES) . '\', \'' . htmlspecialchars($rows['Password'], ENT_QUOTES) . '\');" class="blue-button">Update</button>';
echo ' </td>';
echo ' </tr>';
}
echo ' </tbody>';
echo '</table>';
} else {
echo ' <tr>';
echo ' <td colspan="4">No records found</td>';
echo ' </tr>';
}
}