shop/searched.php at master · 88Group/shop · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<!DOCTYPE html>
<html>
<head>
	<title>Product information </title>
	<link rel="stylesheet" href="style.css">
		<style>
			input[type=number]{
			max-width: 80px;
		}
		img{
  			max-width: 300px;
  			max-height: 400px;
  			float: left;
		}
		.f{
			margin-top: 40px;
		}
			input[type=submit]{
			background-color: #fb6e6e;
			color: #ffffff;
			padding: 14px;
		}
			.btn:disabled{
			min-width: 100px;
			background-color:#dddddd;
			color:black;
		}
		</style>
</head>
<body>
<button class="btn" onclick="history.go(-1)">Back</button><br>
<?php
$con=mysqli_connect("us-cdbr-iron-east-04.cleardb.net","b966a2a16a969f","01d02abd","heroku_0b7502a16e114a3");

// Check connection
if (mysqli_connect_errno())
	{
	echo "Failed to connect to MySQL: " . mysqli_connect_error(); }
	elseif(isset($_POST['target']))
	{
		$pName = mysqli_real_escape_string($con,$_POST['target']);
		$sql = "SELECT * FROM product WHERE name LIKE '%$pName%'";
		$res = mysqli_query($con,$sql);
	if (!$res)
	{
	die('Error: ' . mysqli_error($con));
	 }
	else
		{
			if(mysqli_num_rows($res)>0)
			{
			while($row = mysqli_fetch_array($res))
			{
				echo '<div class = "f">';
				echo '<img src= "data:image/jpeg;base64,' .base64_encode($row['image']).'">';
				echo '<div class = "probox"><div class = "txt">';
				echo '<br>Product Name:&nbsp&nbsp'.$row['name'];
				echo '<br>Category:&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp' .$row['category'];
				if($row['color']!= NULL)
				{
					echo '<br>Color:&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp' .$row['color'];
				}
				echo '<br>Price:&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp'.$row['price'].' Baht';
				$today = date("Y-m-d");
				$brnd = $row['brand'];
				$brnd = addslashes($brnd);
				$sql2 = "SELECT proID, percent,value,brand FROM promotion WHERE brand LIKE '$brnd' && '$today' BETWEEN sDAte AND eDate LIMIT 1";
				$res2 = mysqli_query($con,$sql2);
				if (!$res2)
					{
					die('Error: ' . mysqli_error($con));
					 }
				else
				{
					echo "&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp";
					while($row2 = mysqli_fetch_array($res2))
					{
						if($row2['proID']==1)
						{
						echo '&nbsp&nbsp&nbspBuy 1 Get 1 Free !';
						}
						else if($row2['proID']==2)
						{
						echo '&nbsp&nbsp&nbspBy 2 Get 1 Free !';
						}
						else if ($row2['proID']==3)
						{
						echo '&nbsp&nbsp&nbspGet&nbsp&nbsp'.$row2['percent'].'&nbsppercent off !';
						}
						else if($row2['proID']==4)
						{
						echo '&nbsp&nbsp&nbspGet&nbsp&nbsp'.$row2['value'].'&nbspBaht off !';
						}
					}
				echo '<br>Stock:&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp'.$row['stock'];
				echo '<br>Brand:&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp'.$row['brand'].'<br>';
				echo '<div class = "orderbtn"><form method="post" action = "../order.php"> <input type="hidden" name="pID" value='.$row['productID'].'>';
				echo 'quantity:<input type = "number" name="quantity" min="1" max ='.$row['stock'].'>';
				if($row['stock']<=0)
				{
					echo '&nbsp<input type="submit" name="submit2" value="Order" class="btn" disabled></form></div><br>';

				}
				else
				{
					echo '&nbsp<input type="submit" name="submit2" value="Order" class="btn"></form></div><br>';
				}
				echo '<br><br></div></div></div>';

			}
		}
	}
		else
		{
			echo 'Product not found';
		}
		}
	}
mysqli_close($con);
 ?>
</body>
</html>