01.<?php require_once('Connections/connection.php'); ?>
02.
03.<html>
04.<head>
05.<?php
06.if (!function_exists("GetSQLValueString")) {
07.function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
08.{
09.global $connection;
10. if (PHP_VERSION < 6) {
11. $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
12. }
13.
14. $theValue = function_exists("mysqli_real_escape_string") ? mysqli_real_escape_string($connection, $theValue) : mysqli_escape_string($connection, $theValue);
15.
16. switch ($theType) {
17. case "text":
18. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
19. break;
20. case "long":
21. case "int":
22. $theValue = ($theValue != "") ? intval($theValue) : "NULL";
23. break;
24. case "double":
25. $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
26. break;
27. case "date":
28. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
29. break;
30. case "password":
31. $theValue = ($theValue != "") ? "'" . md5($theValue) . "'" : "NULL";
32. break;
33. case "defined":
34. $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
35. break;
36. }
37. return $theValue;
38.}
39.}
40.
41.$colname_Recordset1 = "";
42.if (isset($_POST['key_card'])) {
43. $colname_Recordset1 = $_POST['key_card'];
44.}
45.
46.$query_Recordset1 = sprintf("SELECT * FROM tb_member WHERE key_card = %s", GetSQLValueString($colname_Recordset1, "text"));
47.$Recordset1 = mysqli_query($connection, $query_Recordset1) or die(mysqli_error($connection));
48.$row_Recordset1 = mysqli_fetch_assoc($Recordset1);
49.$totalRows_Recordset1 = mysqli_num_rows($Recordset1);
50.?>
51.</head>
52.
53.<body>
54.<form name="frmSearch" method="get" action="<?php echo $_SERVER['SCRIPT_key_card'];?>">
55. <table width="599" border="1">
56. <tr>
57. <th>Keyword
58. <input name="key_card" type="text" id="key_card" value="<?php echo $colname_Recordset1;?>">
59. <input type="submit" value="Search"></th>
60. </tr>
61. </table>
62.</form>
63.<table width="600" border="1">
64. <tr>
65. <th width="91"> <div align="center">username </div></th>
66. <th width="98"> <div align="center">password </div></th>
67. </tr>
68. <?php
69. while ($row_Recordset1 = mysqli_fetch_assoc($Recordset1));
70. {
71. ?>
72. <tr>
73. <td><?php echo $row_Recordset1['username']; ?></td>
74. <td><?php echo $row_Recordset1['password']; ?></td>
75. </tr>
76. <?php
77.}
78. ?>
79. </table>
80. <?php
81. mysqli_free_result($Recordset1);
82.
83.?>
84.</body>
85.</html>
