donatsadiko/search.php at master · gvasilakiss/donatsadiko · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<?php include ("redirect_login.php"); ?>

<?php ob_start(); ?>
<?php include ("dbconnect.php"); ?>
<!DOCTYPE html>
<html>

<head>
    <title>Search Donut</title>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <script src="https://unpkg.com/sweetalert/dist/sweetalert.min.js"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>

    <link rel="stylesheet" href="assets/bootstrap/css/bootstrap.min.css?h=f1d2fef1b7b619906014980fa4fbbe13">

    <link rel="stylesheet" href="style.css">
</head>

<body>
    <!-- Check to see if a user is an admin -->
    <?php if($_SESSION["user_type"] == "Admin") : ?>
    <?php include ('nav.php') ?>
    <br>
    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
        Search Order (by Name): <input type="text" name="query" />
        <input type="submit" value="Search" />
    </form>
    <br>

    <?php
    $query = $_POST['query'];
    // gets value sent over search form

        $sql = "SELECT * FROM `donut` WHERE `Order_Name` = '$query'";

            foreach($conn->query($sql, PDO::FETCH_ASSOC) as $row){
                echo "<table border='1'>
                <tr>
                <th>Order ID</th>
                <th>Order Name</th>
                <th>Field 1</th>
                <th>Field 2</th>
                <th>Field 3</th>
                <th>Field 4</th>
                <th>Field 5</th>
                <th>Field 6</th>

                </tr>";
                echo "<tr>";
                echo  "<td>" . $row['Order_ID'] . '<br>' . "</td>";
                echo  "<td>" . $row['Order_Name'] . '<br>' . "</td>";
                echo  "<td>" . $row['field1'] . '<br>' . "</td>";
                echo  "<td>" . $row['field2'] . '<br>' . "</td>";
                echo  "<td>" . $row['field3'] . '<br>' . "</td>";
                echo  "<td>" . $row['field4'] . '<br>' . "</td>";
                echo  "<td>" . $row['field5'] . '<br>' . "</td>";
                echo  "<td>" . $row['field6'] . '<br>' . "</td>";
                echo "</tr>";
            }
            echo "</table>";
?>

    <br>
    <br>

    <?php

$sql= "SELECT Order_Name, Order_ID FROM donut order by Order_Name";

echo "<select name=student value=''>Orders</option>";

echo "DropDown";
foreach ($conn->query($sql, PDO::FETCH_ASSOC) as $row){


echo "<option value=$row[Order_ID]>$row[Order_Name]</option>";

}

 echo "</select>";// Closing of list box
?>
    </select>
    <?php else:                     echo '
                        <script type="text/javascript">

                        $(document).ready(function(){

                        swal({
                            icon: "warning",
                            title: "Oups, something is wrong!",
                            text: "You are here by mistake, sending you back to your account area" ,
                        }).then(function() {
                            // Redirect the user
                            window.location.href = "myaccount.php";
                        })
                        });

                        </script>
                    ';?>
    <?php endif ?>
</body>

</html>