Administrator / extrem

Browse Code »

Commit 69d82cdf2fce7c2c9d2788117dab299dd5b0bc29

Authored by andryeyev 2015-11-25 16:33:42 +0200

1 parent 51634459

+ fix лишнего ввода паролей для подключения к sql

Showing 1 changed file with 84 additions and 76 deletions Show diff stats

Inline Side-by-side

ajax/rpc.php

Show/Hide comments View file @69d82cd

1	-<?php
2	-header("Content-type: text/html; charset=windows-1251");
3	-?>
4	-<div id="searchresults">
5	-<?php
6	- define("DB_HOST",'localhost');
7	- define("DB_USER",'extremstyle');
8	- define("DB_PSW",'Ry4PWmM6GCp3UCTf');
9	- define("DB_BASE",'extremstyle');
10	- // PHP5 Implementation - uses MySQLi.
11	- // mysqli('localhost', 'yourUsername', 'yourPassword', 'yourDatabase');
12	- $db = new mysqli(DB_HOST, DB_USER, DB_PSW, DB_BASE);
13	-
14	- if(!$db) {
15	- // Show error if we cannot connect.
16	- echo 'ERROR: Could not connect to the database.';
17	- } else {
18	- $db->query("set names cp1251");
19	- // Is there a posted query string?
20	- if(isset($_POST['queryString'])) {
21	- $queryString = trim($db->real_escape_string(iconv('UTF-8', 'windows-1251', $_POST['queryString'])));
22	- $q_row = explode(" ",$queryString);
23	- //print_r($q_row);
24	- $search = array();
25	- foreach($q_row as $row){
26	- $search[] = "(catalogs_products.name LIKE '%".$row."%' OR catalogs_products.text LIKE '%".$row." %' OR catalogs_products.art LIKE '%".$row." %' OR catalogs_rubrics.name LIKE '%".$row."%' OR catalogs_brends.name LIKE '%".$row."%' OR catalogs_modifications.code='".$row."')";
27	- }
28	- //print_r($search);
29	- // Is the string length greater than 0?
30	- if(strlen($queryString) >0) {
31	- $sql = "SELECT catalogs_rubrics.translit as translit2,catalogs_rubrics.name as rubric,catalogs_brends.name as brend,catalogs_products.* FROM catalogs_products	1	+<?
		2	+header ("Content-type: text/html; charset=windows-1251");
		3	+
		4	+// Ïîäêëþ÷åíèå
		5	+include_once ($_SERVER['DOCUMENT_ROOT'] . "/config/config.php");
		6	+
		7	+echo '<div id="searchresults">';
		8	+
		9	+// Is there a posted query string?
		10	+if (isset ($_POST['queryString']))
		11	+{
		12	+ $queryString = trim (addslashes (iconv ('UTF-8', 'windows-1251', strip_tags ($_POST['queryString']))));
		13	+ $q_row = explode (" ", $queryString);
		14	+ // print_r($q_row);
		15	+ $search = array ();
		16	+ foreach ($q_row as $row)
		17	+ {
		18	+ $search[] = "(catalogs_products.name LIKE '%" . $row . "%' OR catalogs_products.text LIKE '%" . $row . " %' OR catalogs_products.art LIKE '%" . $row . " %' OR catalogs_rubrics.name LIKE '%" . $row . "%' OR catalogs_brends.name LIKE '%" . $row . "%' OR catalogs_modifications.code='" . $row . "')";
		19	+ }
		20	+ // print_r($search);
		21	+ // Is the string length greater than 0?
		22	+ if (strlen ($queryString) > 0)
		23	+ {
		24	+ $sql = "SELECT catalogs_rubrics.translit as translit2,catalogs_rubrics.name as rubric,catalogs_brends.name as brend,catalogs_products.* FROM catalogs_products
32	LEFT JOIN catalogs_rubrics ON catalogs_rubrics.id=catalogs_products.rubric_id	25	LEFT JOIN catalogs_rubrics ON catalogs_rubrics.id=catalogs_products.rubric_id
33	LEFT JOIN catalogs_brends ON catalogs_brends.id=catalogs_products.brend_id	26	LEFT JOIN catalogs_brends ON catalogs_brends.id=catalogs_products.brend_id
34	LEFT JOIN catalogs_modifications ON catalogs_modifications.product_id=catalogs_products.id	27	LEFT JOIN catalogs_modifications ON catalogs_modifications.product_id=catalogs_products.id
35	WHERE catalogs_products.count_modifications>0 ";	28	WHERE catalogs_products.count_modifications>0 ";
36	- //(catalogs_products.name LIKE '%".$queryString."%' OR catalogs_rubrics.name LIKE '%".$queryString."%' OR catalogs_brends.name LIKE '%".$queryString."%')
37	- if(count($search))$sql .= "AND (" . implode(" AND ",$search) . ") ";
38	- $sql .= " GROUP BY catalogs_products.id ORDER BY catalogs_products.id DESC limit 6";
39	- $query = $db->query($sql);
40	-
41	- if($query) {
42	- // While there are results loop through them - fetching an Object.
43	-
44	- // Store the category id
45	- $catid = 0;
46	- while ($result = $query ->fetch_object()) {
47	- echo'<div class="row_p">';
48	- echo '<a href="/'.$result->translit2.'-catalogs/'.$result->translit.'-'.$result->id.'/">';
49	- echo '<img class="pic" width="100" src="/uploaded/pic/catalogs/products/'.$result->pic.'" alt="" />';
50	-
51	- $name = $result->name;
52	- if(strlen($name) > 35) {
53	- $name = substr($name, 0, 35) . "...";
54	- }
55	- echo "<p>".$result->rubric . ' <span class="searchheading">'.$name.'</span></p>';
56	- echo "<p>Êîìïàíèÿ ".$result->brend . '</p>';
57	- echo '<p><span class="cost1">'.$result->cine.' ãðí.</span></p>';
58	-
59	- /** $description = $result->desc;
60	- if(strlen($description) > 80) {
61	- $description = substr($description, 0, 80) . "...";
62	- }
63	-
64	- echo '<span>'.$description.'</span>';**/
65	- echo'</a>';
66	- echo'<div class="both"></div></div>';
67	- }
68	- echo '<span class="seperator"><a href="/catalogs/?search_str='.urlencode($queryString).'">Âñå ðåçóëüòàòû ïîèñêà</a></span>';
69	- } else {
70	- echo 'ERROR: There was a problem with the query.';
71	- }
72	- } else {
73	- // Dont do anything.
74	- } // There is a queryString.
75	- } else {
76	- echo 'There should be no direct access to this script!';
77	- }
78	- }
79	-?>
80	-</div>
81	\ No newline at end of file	29	\ No newline at end of file
		30	+ // (catalogs_products.name LIKE '%".$queryString."%' OR catalogs_rubrics.name LIKE '%".$queryString."%' OR catalogs_brends.name LIKE '%".$queryString."%')
		31	+ if (count ($search))
		32	+ $sql .= "AND (" . implode (" AND ", $search) . ") ";
		33	+ $sql .= " GROUP BY catalogs_products.id ORDER BY catalogs_products.id DESC limit 6";
		34	+ $query = mysql_query ($sql) or die (mysql_error ());
		35	+ if (mysql_affected_rows () != 0)
		36	+ {
		37	+
		38	+ // While there are results loop through them - fetching an Object.
		39	+
		40	+ // Store the category id
		41	+ $catid = 0;
		42	+
		43	+ while ($result = mysql_fetch_assoc ($query))
		44	+ {
		45	+ echo '<div class="row_p">';
		46	+ echo '<a href="/' . $result['translit2'] . '-catalogs/' . $result['translit'] . '-' . $result['id'] . '/">';
		47	+ echo '<img class="pic" width="100" src="/uploaded/pic/catalogs/products/' . $result['pic'] . '" alt="" />';
		48	+
		49	+ $name = $result['name'];
		50	+
		51	+ if (strlen ($name) > 35)
		52	+ {
		53	+ $name = substr ($name, 0, 35) . "...";
		54	+ }
		55	+
		56	+ echo "<p>" . $result['rubric'] . ' <span class="searchheading">' . $name . '</span></p>';
		57	+ echo "<p>Êîìïàíèÿ " . $result['brend'] . '</p>';
		58	+ echo '<p><span class="cost1">' . $result['cine'] . ' ãðí.</span></p>';
		59	+
		60	+ /**
		61	+ * $description = $result['desc'];
		62	+ * if(strlen($description) > 80) {
		63	+ * $description = substr($description, 0, 80) .
		64	+ * "...";
		65	+ * }
		66	+ *
		67	+ * echo '<span>'.$description.'</span>';*
		68	+ */
		69	+ echo '</a>';
		70	+ echo '<div class="both"></div></div>';
		71	+ }
		72	+ echo '<span class="seperator"><a href="/catalogs/?search_str=' . urlencode ($queryString) . '">Âñå ðåçóëüòàòû ïîèñêà</a></span>';
		73	+ }
		74	+ else
		75	+ {
		76	+ echo 'íè÷åãî íå íàéäåíî';
		77	+ }
		78	+ }
		79	+ else
		80	+ {
		81	+ // Dont do anything.
		82	+ } // There is a queryString.
		83	+}
		84	+else
		85	+{
		86	+ echo 'There should be no direct access to this script!';
		87	+}
		88	+
		89	+echo '</div>';
82	\ No newline at end of file	90	\ No newline at end of file