Tutor search
// Search results page - formatting html has been omited.
1 2 <?php include 'db.inc.php'; 3 4 // The basic SELECT statement 5 $select = 'SELECT id, title, forename, surname, userlevel'; 6 $from = ' FROM users'; 7 $where = " WHERE userlevel='2'"; 8 9 $forename = $_POST['forename']; 10 if ($forename !='') { //Forename was specified 11 $where .= " AND forename LIKE '%$forename%'"; 12 13 $surname = $_POST['surname']; 14 if ($surname !='') { //Surnamename was specified 15 $where .= " AND surname LIKE '%$surname%'"; 16 } 17 ?> 18 19 <?php 20 $users = @mysql_query($select . $from . $where); 21 if (!$users) { 22 exit ('<p>Unable to abtain user list from the database'); 23 } 24 25 ?> 26 <table> 27 <tr><th>Username</th><th>Title</th><th>Forename</th><th>Surname</th><th>Options</th></tr> 28 29 <?php 30 while ($user = mysql_fetch_array($users)) { 31 echo "<tr vlaign='top'>\n"; 32 $id = $user['id']; 33 $username = htmlspecialchars($user['username']); 34 $title = htmlspecialchars($user['title']); 35 $forename = htmlspecialchars($user['forename']); 36 $surname = htmlspecialchars($user['surname']); 37 38 echo "<td>$username</td><td>$title</td><td>$forename</td><td>$surname</td>\n"; 39 echo "<td><a href='edituser.php?id=$id'>Edit</a> | <a href='deleteuser.php?id=$id' onClick=\"return confirm('WARNING: Deleted users cannot be retrieved. All files associated with that user will be deleted. Continue?');\">Delete</a></td>\n"; 40 echo "</tr>\n"; 41 } 42 ?> 43 </table>
