Expand|Select|Wrap|Line Numbers
- <?php
- require_once "../inc/functions.php";
- require_once "../inc/vars.inc.php";
- sessionCheck();
- session_start();
- $old_sessionid = session_id(); //i've added these lines
- session_regenerate_id(); //i've added these lines
- $new_sessionid = session_id(); //i've added these lines
- function cleanInput($input) {
- $search = array(
- '@<\s*script[^>]*?>.*?<\s*/\s*script\s*>@si', // Strip out javascript
- '@<\s*[\/\!]*?[^<>]*?>@si', // Strip out HTML tags
- '@<\s*style[^>]*?>.*?<\s*/\s*style\s*>@siU', // Strip style tags properly
- '@<![\s\S]*?–[ \t\n\r]*>@',
- '/<img[^>]+\>/i' // Strip multi-line comments
- );
- $output = preg_replace($search, '', $input);
- return $output;
- }
- // ’slashing
- function sanitize($input) {
- if (is_array($input)) {
- foreach($input as $var=>$val) {
- $outputs[$var] = sanitize($val);
- }
- } else {
- $input = @trim($input);
- if (get_magic_quotes_gpc()) {
- $input = stripslashes($input);
- }
- $input = cleanInput($input);
- $outputs = escape($input);
- }
- return $outputs;
- }
- $_GET = sanitize($_GET);
- ?>
- <?php include_once "admin_templates/case_header.php"; ?>
- <html>
- <head>
- <title>Multiple drop down list box from plus2net</title>
- <link type="text/css" rel="stylesheet" href="../inc/jscalender/css/jscal2.css" />
- <link type="text/css" rel="stylesheet" href="../inc/jscalender/css/border-radius.css" />
- <link id="skin-win2k" title="Win 2K" type="text/css" rel="alternate stylesheet" href="../inc/jscalender/css/win2k/win2k.css" />
- <link id="skinhelper-compact" type="text/css" rel="alternate stylesheet" href="../inc/jscalender/css/reduce-spacing.css" />
- <script src="../inc/jscalender/js/jscal2.js"></script>
- <script src="../inc/jscalender/js/lang/en.js"></script>
- <SCRIPT language=JavaScript>
- function reload(form)
- {
- var val=form.cat.options[form.cat.options.selectedIndex].value;
- self.location='test2.php?cat=' + val ;
- }
- </script>
- </head>
- <body>
- <?
- @$cat=$_GET['cat'];
- if(strlen($cat) > 0 and !is_numeric($cat)){
- echo "Data Error";
- exit;
- }
- $quer2=caseQuery("SELECT DISTINCT gazetted,cat_id FROM category order by gazetted");
- if(isset($cat) and strlen($cat) > 0){
- $quer=caseQuery("SELECT DISTINCT type FROM subcategory where cat_id=$cat order by type");
- }else{$quer=caseQuery("SELECT DISTINCT type FROM subcategory order by type"); }
- ?>
- <form action="test2.php" name="srch_frm" method="post">
- <fieldset style="width:20px">
- <legend ><b> Search File</b></legend>
- <table width="328" border="1">
- <tr width="320">
- <td >gazetted</td>
- <td>
- <?php
- echo "<select name='cat' onchange=\"reload(this.form)\" ><option value=''>Select one</option>";
- while($noticia2 = mysql_fetch_array($quer2)) {
- if($noticia2['cat_id']==@$cat){echo "<option selected value='$noticia2[cat_id]'>$noticia2[gazetted]</option>"."<BR>";}
- else{echo "<option value='$noticia2[cat_id]'>$noticia2[gazetted]</option>";}
- }
- echo "</select>";
- ?>
- </td>
- </tr>
- <tr>
- <td>type</td>
- <td>
- <?php
- echo "<select name='subcat' ><option value=''>Select one</option>";
- while($noticia = mysql_fetch_array($quer)) {
- echo "<option value='$noticia[type]'>$noticia[type]</option>";
- }
- echo "</select>";
- ?>
- </td>
- </tr>
- <td>Keyword:</td>
- <td><input name="key" id="key" type="text" size="15" value="<?=$_POST['key']?>" /></td>
- </tr>
- <tr>
- <td>Date:</td>
- <td><input name="sdate" id="sdate" type="text" size="15" value="<?=( $_POST['sdate'] ? $_POST['sdate'] : "" )?>" readonly="readonly" />
- <img src="http://bytes.com/submit/images/cal.gif" id="srcDOFImg">
- <script type="text/javascript">
- new Calendar({
- inputField: "sdate",
- dateFormat: "%d-%m-%Y",
- trigger: "srcDOFImg",
- bottomBar: true,
- //max: Calendar.dateToInt(new Date()),
- onSelect: function() {
- var date = Calendar.intToDate(this.selection.get());
- this.hide();
- }
- });
- </script>
- </td>
- </tr>
- <tr>
- <td>Name:</td>
- <td>
- <input type="text" name="no" id="no" size="15" value="<?=( $_POST['no'] ? $_POST['no'] : "" )?>" />
- <b>eg:0910-41</b></td>
- </tr>
- </table>
- <input name="Search" type="submit" value="Search" >
- <input name="cancel" value="Cancel" type="reset" onClick="reload(this.form)">
- </fieldset>
- </form>
- <?php
- if($_POST['Search']){
- global $downloadPath;
- $gazetted = escape($_POST['cat']);
- $type = escape($_POST['subcat']);
- $keyword = trim(escape($_POST['key']));
- $sdate = escape($_POST['sdate']);
- $no = trim(escape($_POST['no']));
- /*
- //Search filter function
- $output = searchFilter($gazetted,$type,$keyword,$sdate,$no);
- }
- function searchFilter($gazetted,$type,$keyword,$sdate,$no){
- */
- if($gazetted=='1' || $gazetted=='2'){
- $sqlWhere[]="pan_document_master.pan_doc_gazetted = '".$gazetted."'";
- }
- if($type=='ORDERS' || $type=='NOTIFICATIONS' || $type=='ELECTIONS' || $type=='OTHERS'){
- $sqlWhere[]="pan_document_master.pan_doc_type = '".$type."'";
- }
- if($keyword){
- $sqlWhere[]="pan_document_sub_master.pan_doc_keyword = '".$keyword."'";
- }
- if($sdate){
- $sqlWhere[]="pan_document_sub_master.pan_doc_date = '".$sdate."'";
- }
- if($no){
- $sqlWhere[]="pan_document_sub_master.pan_doc_name = '".$no."'";
- }
- if(!is_array($sqlWhere)){
- $msg[] = "<h3>No Search Filter Specified</h3>";
- }
- if(!$msg){
- $page = $_GET['page'];
- $records_per_page = 2;
- if (!ctype_digit($page)) $page=1;
- $offset = ($page-1) * $records_per_page;
- $sqlWhere[]= "pan_document_master.pan_doc_gazetted=pan_document_sub_master.pan_document_type";
- $srcTerm = @implode(' AND ',$sqlWhere);
- $count = 1;
- $sql = "select * from `pan_document_master`,`pan_document_sub_master` where ".$srcTerm." ORDER BY pan_document_master.gazetted LIMIT $offset, $records_per_page";
- $rows = caseQuery($sql);
- if (mysql_num_rows($rows)){
- $output = '<table border="1" style="border:1px solid #000000; border-collapse:collapse;" width="100%">
- <tr>
- <td width="2%" align="center"><strong>Sr.No.</strong></td>
- <td width="5%" align="center"><strong>Gazetted</strong></td>
- <td width="10%" align="center"><b>Type</b></td>
- <td width="14%" align="center"><b>Keyword</b></td>
- <td width="14%" align="center"><b>Date</b></td>
- <td width="15%" align="center"><b>Name</b></td>
- <td width="10%" align="center"><b>View</b></td>
- </tr> ';
- while($result = @mysql_fetch_object($rows)){
- $sql="select `pan_doc_path` from pan_document_sub_master where pan_doc_sub_id = '".$result->pan_doc_sub_id."'";
- $rowspath = caseQuery($sql);
- if(@mysql_num_rows($rowspath)){
- $path='';
- while($paths = @mysql_fetch_object($rowspath)){
- $path .= "<a href='../".$downloadPath."/".$result->pan_doc_path."'>Download</a>";
- }
- }
- $file = stripslashes($path);
- if($result->pan_doc_gazetted=='2'){
- $output.= '<tr valign="top">
- <td align="center">'.$count++.'</td>
- <td align="center">NO</td>
- <td align="center">'.$result->pan_doc_type.'</td>
- <td align="center">'.$result->pan_doc_keyword.'</td>
- <td align="center">'.$result->pan_doc_date.'</td>
- <td align="center">'.$result->pan_doc_name.'</td>
- <td align="center">'.$file.'</td>';
- }
- else
- if($result->pan_doc_gazetted=='1'){
- $output.= '<tr valign="top">
- <td align="center">'.$count++.'</td>
- <td align="center">YES</td>
- <td align="center">'.$result->pan_doc_type.'</td>
- <td align="center">'.$result->pan_doc_keyword.'</td>
- <td align="center">'.$result->pan_doc_date.'</td>
- <td align="center">'.$result->pan_doc_name.'</td>
- <td align="center">'.$file.'</td>';
- }
- }
- $output .= '</table>';
- //paging toolbar
- //if($page<1) echo "<font size=3><b>Error Displaying Page</b></font>";
- //else
- //{
- $count_result = caseQuery("SELECT COUNT(*) FROM `pan_document_master`,`pan_document_sub_master` where ".$srcTerm."");
- $count_row = mysql_fetch_array($count_result);
- $count = $count_row["COUNT(*)"]; //fetch the total number of rows in the table
- $numofpages = ceil($count/$records_per_page); // how many pages we have when using paging?
- if ($numofpages > '1' )
- {echo "$page";
- pagingScript("test2.php", $page, $numofpages);
- }else {
- echo "<p><b>No Gazette Details</b></p>";
- }
- //}
- //} else {
- //echo "<p><b>No Gazette Details</b></p>";
- //}
- }else{
- $output = "<h3>No files Found</h3>";
- }
- }else{
- $output = addslashes(@implode("<br>",$msg));
- }
- //return $output;
- }
- //echo "$output";
- //echo "$test";
- ?><? echo "$output"; ?>
- </body>
- </html>
the pagination code is placed in a seperate file named functions.php.they are displayed below
Expand|Select|Wrap|Line Numbers
- function build_url($filename, $key, $value){
- $values = array();
- $query_str = array();
- parse_str($_SERVER['QUERY_STRING'], $values);
- foreach ($values as $k=>$v) {
- if ($k!=$key) {
- $query_str[] = "{$k}={$v}";
- }
- }
- $query_str[] = "{$key}={$value}";
- return "$filename?".implode("&", $query_str);
- }
- //paging script
- function pagingScript($filename, $page_num, $numofpages) {
- $range = 20;
- $range_min = ($range % 2 == 0) ? ($range / 2) - 1 : ($range - 1) / 2;
- $range_max = ($range % 2 == 0) ? $range_min + 1 : $range_min;
- $page_min = $page_num- $range_min;
- $page_max = $page_num+ $range_max;
- $page_min = ($page_min < 1) ? 1 : $page_min;
- $page_max = ($page_max < ($page_min + $range - 1)) ? $page_min + $range - 1 : $page_max;
- if ($page_max > $numofpages) {
- $page_min = ($page_min > 1) ? $numofpages - $range + 1 : 1;
- $page_max = $numofpages;
- }
- $page_min = ($page_min < 1) ? 1 : $page_min;
- $page_pagination .= "<br /><table align='center' width='100%'><tr><td align='left' width='10%'>";
- if ( ($page_num > ($range - $range_min)) && ($numofpages > $range) ) {
- $page_pagination .= '<a title="First" href="'.build_url($filename, "page", 1).'"><<</a> ';
- }
- if ($page_num != 1) {
- $page_pagination .= '<a href="'.build_url($filename, "page", $page_num-1).'">Previous</a> ';
- }
- $page_pagination .= "</td><td align='center' width='80%'>";
- for ($i = $page_min;$i <= $page_max;$i++) {
- if ($i == $page_num)
- $page_pagination .= '<b>' . $i . '</b> ';
- else
- $page_pagination.= '<a href="'.build_url($filename, "page", $i).'">'.$i.'</a> ';
- }
- $page_pagination .= "</td><td align='right' width='10%'>";
- if ($page_num < $numofpages) {
- $page_pagination.= ' <a href="'.build_url($filename, "page", $page_num+1).'">Next</a>';
- }
- if (($page_num< ($numofpages - $range_max)) && ($numofpages > $range)) {
- $page_pagination .= ' <a title="Last" href="'.build_url($filename, "page", $numofpages).'">>></a> ';
- }
- $page_pagination .= "</td></tr></table><br />";
- echo $page_pagination;
- }