File manager - Edit - /home/autoph/public_html/connect/SEARCH_USER.php
Back
<?php date_default_timezone_set('Asia/Manila'); header('Content-Type: application/json'); error_reporting(0); $sqlUser = 'autoph_arnel'; $sqlDatabase = 'autoph_connect'; $sqlPass = 'Hke@2001'; $toDate = date_create() ->format("m/d/Y"); // for viewing date only $myDate ="As of ".$toDate; $conn = mysql_connect($sqlHost, $sqlUser, $sqlPass) or die ("Couldn't connct to MySQL server on $sqlHost: ". mysql_error(). '.'); $db = mysql_select_db($sqlDatabase, $conn) or die ("Couldn't select database $sqlDatabase: ". mysql_error(). '.'); $keyID= TRIM($_REQUEST['keyID']); $searchString= $_REQUEST['searchString']; //====================================================================== if($keyID==101010102424){ mysql_query("DROP TABLE IF EXISTS `tempUserSearchResult`"); $sql = "CREATE TABLE IF NOT EXISTS `tempUserSearchResult` (`searchID` int(11) NOT NULL AUTO_INCREMENT,`employeeID` varchar(25) NOT NULL, `fullName` varchar(50) NOT NULL, `CompanyName` varchar(25) NOT NULL, `MobileNumber` varchar(15) NOT NULL,`positionTitle` varchar(25) NOT NULL,`landLineNumber` varchar(11) NOT NULL, `EmailAddress` varchar(30) NOT NULL,`dealerName` varchar(30) NOT NULL,`uStatus` varchar(15) NOT NULL,PRIMARY KEY (`searchID`))"; $sqlResponse = mysql_query($sql, $conn) or die("Couldn't perform query $sql (".__LINE__."): ". mysql_error(). '.'); if($searchString == ""){ $sql = "SELECT * FROM vts_users WHERE u_status = 0 AND deleted = 0"; $sqlTable = mysql_query($sql, $conn); while($sqlRecord = mysql_fetch_assoc($sqlTable)) { $stat = $sqlRecord['u_status']; if($stat ==0){ $userStatus ="IN-ACTIVE"; }else{ $userStatus ="ACTIVE"; } $companyID = $sqlRecord['company']; $dealerID = $sqlRecord['dealer']; $companName = mysql_result(mysql_query("SELECT `comp_name` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $dealName = mysql_result(mysql_query("SELECT `deal_name` FROM `vts_dealerships` WHERE `deal_id`='$dealerID'"),0); $empID = $sqlRecord['employee_id']; $empFname = $sqlRecord['u_fname']; $empLname = $sqlRecord['u_lname']; $fullName = $empLname. ", ". $empFname; $empEmail = $sqlRecord['email']; $empPosition = $sqlRecord['u_position']; $empMobile = $sqlRecord['usr_mobile']; $empLine = $sqlRecord['usr_line']; $sql = "INSERT INTO `tempUserSearchResult` (employeeID, fullName, CompanyName, MobileNumber,positionTitle,landLineNumber,EmailAddress,dealerName, uStatus) VALUES('$empID','$fullName','$companName','$empMobile','$empPosition','$empLandline','$empEmail','$dealName',' $userStatus')"; $sqlQuery = mysql_query($sql, $conn) or die("Couldn't perform query $sql (".__LINE__."): " . mysql_error() . '.'); } $sql = "SELECT * FROM tempUserSearchResult WHERE uStatus = 0 ORDER BY fullName ASC"; }else{ //==================================================== $sql = "SELECT * FROM vts_users WHERE `employee_id` LIKE '%$searchString%' || `u_fname` LIKE '%$searchString%' || `u_lname` LIKE '%$searchString%' || `email` LIKE '%$searchString%' || `usr_mobile` LIKE '%$searchString%'"; $sqlTable = mysql_query($sql, $conn); while($sqlRecord = mysql_fetch_assoc($sqlTable)) { $stat = $sqlRecord['u_status']; if($stat ==0){ $userStatus ="IN-ACTIVE"; }else{ $userStatus ="ACTIVE"; } $companyID = $sqlRecord['company']; $dealerID = $sqlRecord['dealer']; $companName = mysql_result(mysql_query("SELECT `comp_name` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $dealName = mysql_result(mysql_query("SELECT `deal_name` FROM `vts_dealerships` WHERE `deal_id`='$dealerID'"),0); $empID = $sqlRecord['employee_id']; $empFname = $sqlRecord['u_fname']; $empLname = $sqlRecord['u_lname']; $fullName = $empLname. ", ". $empFname; $empEmail = $sqlRecord['email']; $empPosition = $sqlRecord['u_position']; $empMobile = $sqlRecord['usr_mobile']; $empLine = $sqlRecord['usr_line']; $sql = "INSERT INTO `tempUserSearchResult` (employeeID, fullName, CompanyName, MobileNumber,positionTitle,landLineNumber,EmailAddress,dealerName, uStatus) VALUES('$empID','$fullName','$companName','$empMobile','$empPosition','$empLandline','$empEmail','$dealName',' $userStatus')"; $sqlQuery = mysql_query($sql, $conn) or die("Couldn't perform query $sql (".__LINE__."): " . mysql_error() . '.'); } $sql = "SELECT * FROM tempUserSearchResult WHERE `employeeID` LIKE '%$searchString%' || `fullName` LIKE '%$searchString%' || `CompanyName` LIKE '%$searchString%' || `MobileNumber` LIKE '%$searchString%' || `MobileNumber` LIKE '%$searchString%' || `landLineNumber` LIKE '%$searchString%' ORDER BY fullName ASC"; } $return_tag = Array(); $sqlTable = mysql_query($sql, $conn); while($sqlRecord = mysql_fetch_assoc($sqlTable)) { $return_tag[]= $sqlRecord; } $json = json_encode($return_tag); } if($did_something === 0) { $msg = did_nothing_message; $json = json_encode(["status" => "$MyCustomerID", "statusCode" => "$customerType"]); } echo $json; ?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings