Skip to content
Permalink
master
Go to file
 
 
Cannot retrieve contributors at this time
156 lines (133 sloc) 7.84 KB
<?php
require("../dbCon.php");
require("../commonFunctions.php");
?>
<html>
<head>
<link rel="stylesheet" href="../style.css">
</head>
<body>
<div id="header">
<?php writeMenuAdm(basename($_SERVER['PHP_SELF'])); ?>
</div>
<form action = "NewProduct.php" class="form-group" style='display: block; margin: auto; width: 960px;'>
<input type="submit" value="New Product">
</form>
<hr>
<div id="contentwrapper">
<div id='contentwrapperLeft'>
<form action = "EditProducts.php" method = "get">
<h1>Simple Search</h1>
<div class="form-group">
<input type="text" name="SimpleSearch" id="SimpleSearch" required value="<?php
if(isset($_GET['SimpleSearch'])){echo $_GET['SimpleSearch'];}?>">
<input type="submit" value="Search">
</div>
</form>
</div>
<div id="contentwrapperRight">
<form action = "EditProducts.php" method = "get">
<h1>Advanced Search</h1>
<div class="form-group">
<label>Product Name</label>
<input type="text" name="ProductName" id="ProductName" value="<?php
if(isset($_GET['ProductName'])){echo $_GET['ProductName'];}?>">
<label>Category</label>
<select name="Category" id="Category">
<option value=""></option>
<?php
$category = "";
if(isset($_GET['Category'])){
$category = $_GET['Category'];
}
$query ="SELECT * FROM categories";
$stmt = $con->prepare($query);
$stmt ->execute();
$result = $stmt->get_result();
while($row = mysqli_fetch_array($result))
{
echo "<option ";
if($row['CategoryName'] === $category){
echo "selected='selected'";
}
echo "value='" . $row['CategoryName'] . "'>" . $row['CategoryName'] . "</option>";
}
?>
</select>
<label>Company Name</label>
<input type="text" name="CompanyName" id="CompanyName" value="<?php
if(isset($_GET['CompanyName'])){echo $_GET['CompanyName'];}?>">
<label>Unit Price Greater Than</label>
<input type="text" name="UnitPriceLow" id="UnitPriceLow" value="<?php
if(isset($_GET['UnitPriceLow'])){echo $_GET['UnitPriceLow'];}?>">
<label>Unit Price Less Than</label>
<input type="text" name="UnitPriceHigh" id="UnitPriceHigh" value="<?php
if(isset($_GET['UnitPriceHigh'])){echo $_GET['UnitPriceHigh'];}?>">
<input type="submit" value="Search">
</div>
</form>
</div>
</div>
<div id='contentwrapper'>
<?php
if (empty($_GET)) { //Show all products by default
$query ="SELECT ProductID as _ProductID, ProductName as Product, CategoryName as Category, CompanyName as Company,
QuantityPerUnit as Quantity, CONCAT('$', FORMAT(p.UnitPrice,2)) as Price, UnitsInStock as Stock
FROM
((products as p LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID)
LEFT JOIN categories c ON p.CategoryID = c.CategoryID)
LEFT JOIN company co ON s.CompanyId = co.CompanyID";
$stmt = $con->prepare($query);
}elseif (isset($_GET["SimpleSearch"]) && !empty($_GET["SimpleSearch"])) { //Simple search
$query ="SELECT ProductID as _ProductID, ProductName as Product, CategoryName as Category, CompanyName as Company,
QuantityPerUnit as Quantity, CONCAT('$', FORMAT(p.UnitPrice,2)) as Price, UnitsInStock as Stock
FROM
((products as p LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID)
LEFT JOIN categories c ON p.CategoryID = c.CategoryID)
LEFT JOIN company co ON s.CompanyId = co.CompanyID
WHERE
CategoryName LIKE ? OR
ProductName LIKE ? OR
CompanyName LIKE ?";
$SimpleSearch = "%" . $_GET['SimpleSearch'] . "%";
$stmt = $con->prepare($query);
$stmt ->bind_param("sss", $SimpleSearch, $SimpleSearch, $SimpleSearch);
}else{ //Advanced search
$query ="SELECT ProductID as _ProductID, ProductName as Product, CategoryName as Category, CompanyName as Company,
QuantityPerUnit as Quantity, CONCAT('$', FORMAT(p.UnitPrice,2)) as Price, UnitsInStock as Stock
FROM
((products as p LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID)
LEFT JOIN categories c ON p.CategoryID = c.CategoryID)
LEFT JOIN company co ON s.CompanyId = co.CompanyID
WHERE
ProductName LIKE ? AND
CompanyName LIKE ? AND
CategoryName LIKE ? AND
UnitPrice > ? AND
UnitPrice < ?";
$ProductName = "%" . $_GET['ProductName'] . "%";
$CompanyName = "%" . $_GET['CompanyName'] . "%";
$Category = "%" . $_GET['Category'] . "%";
if (empty($_GET["UnitPriceLow"])){
$UnitPriceLow = 0.00;
}else{
$UnitPriceLow = number_format($_GET['UnitPriceLow'], 2);
}
if (empty($_GET["UnitPriceHigh"])){
$UnitPriceHigh = 10000000.00;
}else{
$UnitPriceHigh = number_format($_GET['UnitPriceHigh'], 2);
}
$stmt = $con->prepare($query);
$stmt ->bind_param("sssdd", $ProductName, $CompanyName, $Category, $UnitPriceLow, $UnitPriceHigh);
}
$stmt ->execute();
$result = $stmt->get_result();
$trArgs = array("onclick=\"window.document.location='ViewProduct.php?productID=%ProductID%'\"",
array('%ProductID%' => '_ProductID')
);
makeTable($result, $trArgs);
?>
</div>
</body>
</html>
You can’t perform that action at this time.