01.
<?php
02.
$db
=
new
mysqli(
'000'
,
'000'
,
'000'
,
'0000'
);
03.
if
(!
$db
) {
04.
05.
echo
'Could not connect to the database.'
;
06.
}
else
{
07.
08.
if
(isset(
$_POST
[
'queryString'
])) {
09.
$queryString
=
$db
->real_escape_string(
$_POST
[
'queryString'
]);
10.
11.
if
(
strlen
(
$queryString
) >0) {
12.
13.
$query
=
$db
->query(
"SELECT prod_name FROM customer WHERE prod_name LIKE '$queryString%' LIMIT 20"
);
14.
if
(
$query
) {
15.
echo
'<ul>'
;
16.
while
(
$result
=
$query
->fetch_object()) {
17.
echo
'<li onClick="fill(\''
.
addslashes
(
$result
->prod_name).
'\');">'
.
$result
->prod_name.
'</li>'
;
18.
}
19.
echo
'</ul>'
;
20.
21.
}
else
{
22.
echo
'OOPS we had a problem :('
;
23.
}
24.
}
else
{
25.
26.
}
27.
}
else
{
28.
echo
'There should be no direct access to this script!'
;
29.
}
30.
}
31.
?>