Skip to content
Permalink
ae335aeb5c
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time
166 lines (140 sloc) 8.03 KB
<?php
require("../dbCon.php");
require("../commonFunctions.php");
$sql = "SELECT * FROM employees WHERE EmployeeID = '" . $_SESSION["EmployeeID"] . "'";
//echo $sql;
if (!$result = $con->query($sql)) {}
$row = $result->fetch_assoc();
if ($row) {
$FirstName = $row['FirstName'];
$Photo = $row['Photo'];
}
//echo "Welcome " . $_SESSION["userName"] . "!";
?>
<html>
<head>
<link rel="stylesheet" href="../style.css">
</head>
<body>
<div id="header">
<?php writeMenuEmp(basename($_SERVER['PHP_SELF'])); ?>
</div>
<div id="contentwrapper">
<div id='contentwrapperLeft'>
<form action = "ReviewCustomerDemographics.php" method = "get">
<h1>Simple Search</h1>
<div class="form-group">
<input type="text" name="SimpleSearch" id="SimpleSearch" required value="<?php
if(isset($_GET['SimpleSearch'])){echo $_GET['SimpleSearch'];}?>">
<input type="submit" value="Search">
</div>
</form>
</div>
<div id="contentwrapperRight">
<form action = "ReviewCustomerDemographics.php" method = "get">
<h1>Advanced Search</h1>
<div class="form-group">
<label>Customer ID</label>
<input type="text" name="CustomerID" id="CustomerID" value="<?php
if(isset($_GET['CustomerID'])){echo $_GET['CustomerID'];}?>">
<label>Company Name</label>
<input type="text" name="CompanyName" id="CompanyName" value="<?php
if(isset($_GET['CompanyName'])){echo $_GET['CompanyName'];}?>">
<label>Contact Name</label>
<input type="text" name="ContactName" id="ContactName" value="<?php
if(isset($_GET['ContactName'])){echo $_GET['ContactName'];}?>">
<label>Contact Title</label>
<input type="text" name="ContactTitle" id="ContactTitle" value="<?php
if(isset($_GET['ContactTitle'])){echo $_GET['ContactTitle'];}?>">
<label>Address</label>
<input type="text" name="Address" id="Address" value="<?php
if(isset($_GET['Address'])){echo $_GET['Address'];}?>">
<label>City</label>
<input type="text" name="City" id="City" value="<?php
if(isset($_GET['City'])){echo $_GET['City'];}?>">
<label>Region</label>
<input type="text" name="Region" id="Region" value="<?php
if(isset($_GET['Region'])){echo $_GET['Region'];}?>">
<label>Postal Code</label>
<input type="text" name="PostalCode" id="PostalCode" value="<?php
if(isset($_GET['PostalCode'])){echo $_GET['PostalCode'];}?>">
<label>Country</label>
<input type="text" name="Country" id="Country" value="<?php
if(isset($_GET['Country'])){echo $_GET['Country'];}?>">
<label>Phone</label>
<input type="text" name="Phone" id="Phone" value="<?php
if(isset($_GET['Phone'])){echo $_GET['Phone'];}?>">
<label>Fax</label>
<input type="text" name="Fax" id="Fax" value="<?php
if(isset($_GET['Fax'])){echo $_GET['Fax'];}?>">
<input type="submit" value="Search">
</div>
</form>
</div>
</div>
<div id='contentwrapper'>
<?php
if (empty($_GET)) { //Show all customers by default
$query ="SELECT CustomerID as ID, CompanyName as Company, ContactName as Name, ContactTitle as Title, Address, City, Region, PostalCode as `Postal Code`, Country, Phone, Fax
FROM
customers";
$stmt = $con->prepare($query);
}elseif (isset($_GET["SimpleSearch"]) && !empty($_GET["SimpleSearch"])) { //Simple search
$query ="SELECT CustomerID as ID, CompanyName as Company, ContactName as Name, ContactTitle as Title, Address, City, Region, PostalCode as `Postal Code`, Country, Phone, Fax
FROM
customers
WHERE
CustomerID LIKE ? OR
CompanyName LIKE ? OR
ContactName LIKE ? OR
ContactTitle LIKE ? OR
Address LIKE ? OR
City LIKE ? OR
Region LIKE ? OR
PostalCode LIKE ? OR
Country LIKE ? OR
Phone LIKE ? OR
Fax LIKE ?";
// echo $query;
$SimpleSearch = "%" . $_GET['SimpleSearch'] . "%";
$stmt = $con->prepare($query);
$stmt ->bind_param("sssssssssss", $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch);
}else{ //Advanced search
$query ="SELECT CustomerID as ID, CompanyName as Company, ContactName as Name, ContactTitle as Title, Address, City, Region, PostalCode as `Postal Code`, Country, Phone, Fax
FROM
customers
WHERE
CustomerID LIKE ? AND
CompanyName LIKE ? AND
ContactName LIKE ? AND
ContactTitle LIKE ? AND
Address LIKE ? AND
City LIKE ? AND
Region LIKE ? AND
PostalCode LIKE ? AND
Country LIKE ? AND
Phone LIKE ? AND
Fax LIKE ?";
$CustomerID = "%" . $_GET['CustomerID'] . "%";
$CompanyName = "%" . $_GET['CompanyName'] . "%";
$ContactName = "%" . $_GET['ContactName'] . "%";
$ContactTitle = "%" . $_GET['ContactTitle'] . "%";
$Address = "%" . $_GET['Address'] . "%";
$City = "%" . $_GET['City'] . "%";
$Region = "%" . $_GET['Region'] . "%";
$PostalCode = "%" . $_GET['PostalCode'] . "%";
$Country = "%" . $_GET['Country'] . "%";
$Phone = "%" . $_GET['Phone'] . "%";
$Fax = "%" . $_GET['Fax'] . "%";
$stmt = $con->prepare($query);
$stmt ->bind_param("sssssssssss", $CustomerID, $CompanyName, $ContactName, $ContactTitle,
$Address, $City, $Region,
$PostalCode, $Country, $Phone, $Fax);
}
$stmt ->execute();
$result = $stmt->get_result();
makeTable($result);
?>
</div>
</body>
</html>