Codice PHP:
<?php require_once('Connections/con_IH.php'); ?>
<?php require_once('Connections/Con_IH.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$currentPage = $_SERVER["PHP_SELF"];
$maxRows_RS_prodotti = 2;
$pageNum_RS_prodotti = 0;
if (isset($_GET['pageNum_RS_prodotti'])) {
$pageNum_RS_prodotti = $_GET['pageNum_RS_prodotti'];
}
$startRow_RS_prodotti = $pageNum_RS_prodotti * $maxRows_RS_prodotti;
$colname_RS_prodotti = "-1";
if (isset($_GET['testo'])) {
$colname_RS_prodotti = $_GET['testo'];
}
$cat_RS_prodotti = "-1";
if (isset($_GET['categoria'])) {
$cat_RS_prodotti = $_GET['categoria'];
}
$costo_RS_prodotti = "-1";
if (isset($_GET['costo'])) {
$costo_RS_prodotti = $_GET['costo'];
}
//----------Questa è la parte che ho modificato----------------------------------------
mysql_select_db($database_con_IH, $con_IH);
$query_RS_prodotti = sprintf("SELECT * FROM prodotti WHERE descrizione LIKE %s ",
GetSQLValueString("%" . $colname_RS_prodotti . "%", "text"),GetSQLValueString($cat_RS_prodotti, "text"),GetSQLValueString($costo_RS_prodotti, "int"));
$query_limit_RS_prodotti = sprintf("%s LIMIT %d, %d", $query_RS_prodotti, $startRow_RS_prodotti, $maxRows_RS_prodotti);
$RS_prodotti = mysql_query($query_limit_RS_prodotti, $con_IH) or die(mysql_error());
$row_RS_prodotti = mysql_fetch_assoc($RS_prodotti);
if (isset($_GET['totalRows_RS_prodotti']) AND (isset($cat) && $cat != "Qualsiasi")) {
$totalRows_RS_prodotti = $_GET['totalRows_RS_prodotti'];
$query_RS_prodotti .= " AND categoria = ".$_GET['cat'];
} else {
$all_RS_prodotti = mysql_query($query_RS_prodotti);
$totalRows_RS_prodotti = mysql_num_rows($all_RS_prodotti);
}
//--------------------------------------------------------
$totalPages_RS_prodotti = ceil($totalRows_RS_prodotti/$maxRows_RS_prodotti)-1;
$queryString_RS_prodotti = "";
if (!empty($_SERVER['QUERY_STRING'])) {
$params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param) {
if (stristr($param, "pageNum_RS_prodotti") == false &&
stristr($param, "totalRows_RS_prodotti") == false) {
array_push($newParams, $param);
}
}
if (count($newParams) != 0) {
$queryString_RS_prodotti = "&" . htmlentities(implode("&", $newParams));
}
}
$queryString_RS_prodotti = sprintf("&totalRows_RS_prodotti=%d%s", $totalRows_RS_prodotti, $queryString_RS_prodotti);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "livello_utente";
$MM_redirectLoginSuccess = $_SERVER['HTTP_REFERER'];
$MM_redirectLoginFailed = $_SERVER['HTTP_REFERER'];
$MM_redirecttoReferrer = false;
mysql_select_db($database_Con_IH, $Con_IH);
$LoginRS__query=sprintf("SELECT id_clienti, nome, livello_utente FROM clienti WHERE id_clienti=%s AND nome=%s",
GetSQLValueString($loginUsername, "int"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $Con_IH) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'livello_utente');
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
function TagliaStringa($stringa, $max_char){
if(strlen($stringa)>$max_char){
$stringa_tagliata=substr($stringa, 0,$max_char);
$last_space=strrpos($stringa_tagliata," ");
$stringa_ok=substr($stringa_tagliata, 0,$last_space);
return $stringa_ok."...";
}else{
return $stringa;
}
}
?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Index</title>
<link href="style.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
<!--
function MM_swapImgRestore() { //v3.0
var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
//-->
</script>
</head>
<body onload="MM_preloadImages('images/categorie_blue.jpg','images/profilo_blue.jpg','images/home_blue.jpg','images/prodotti_blue.jpg','images/contattaci_blue.jpg','images/registrati_blue.jpg')">
<div id="contenitore">
<div id="carrello">
<table width="100%" border="0">
<tr>
<td width="55%">
<form METHOD="POST" name="login" action="<?php echo $loginFormAction; ?>">
USER <input type="text" size="15" name="username" /> PASSWORD
<input type="password" size="15" name="password" />
<input type="submit" value="Entra" /></p>
</form>
</td>
<td width="45%">carrello</td>
</tr>
</table>
</div>
<div id="logo"></div>
<div id="inutile"></div>
<div id="testataDx"></div>
<div id="pulsantiera">
<div id="home">[url="#"][img]images/home.jpg[/img][/url]</div>
<div id="prodotti">[url="#"][img]images/prodotti.jpg[/img][/url]</div>
<div id="categorie">[url="#"][img]images/categorie.jpg[/img][/url]</div>
<div id="profilo">[url="#"][img]images/profilo.jpg[/img][/url]</div>
<div id="contattaci">[url="#"][img]images/contattaci.jpg[/img][/url]</div>
<div id="registrati">[url="#"][img]images/registrati.jpg[/img][/url]</div>
</div>
<div id="testata"></div>
<div id="sinusoide"> </div>
<div id="corpo">
<?php if ($totalRows_RS_prodotti > 0) { // Show if recordset not empty ?>
<h3 align="right">Risultati da <?php echo ($startRow_RS_prodotti + 1) ?> A <?php echo min($startRow_RS_prodotti + $maxRows_RS_prodotti, $totalRows_RS_prodotti) ?> su <?php echo $totalRows_RS_prodotti ?></h3>
<?php do { ?>
<table width="100%" border="0">
<tr>
<td width="30%" rowspan="2">[img]<?php echo $row_RS_prodotti['foto']; ?>[/img]</td>
<td width="34%" bgcolor="#CCCCCC"><?php echo $row_RS_prodotti['nome']; ?></td>
<td colspan="2" bgcolor="#CCCCCC"><?php echo $row_RS_prodotti['marca']; ?></td>
</tr>
<tr>
<td colspan="3">
<?php $row_RS_prodotti['descrizione'];
$stringa = $row_RS_prodotti['descrizione'];
$stringa_tagliata = TagliaStringa($stringa, 200);
echo $stringa_tagliata?>
</td>
</tr>
<tr>
<td bgcolor="#FFFFFF">Disponibilità: [img]<?php echo $row_RS_prodotti['qnt']; ?>[/img]</td>
<td bgcolor="#CCCCCC"><?php echo $row_RS_prodotti['prezzo']; ?></td>
<td width="12%" bgcolor="#CCCCCC"></td>
<td width="24%" bgcolor="#CCCCCC"></td>
</tr>
</table>
<?php } while ($row_RS_prodotti = mysql_fetch_assoc($RS_prodotti)); ?>
<table border="0" align="center">
<tr>
<td><?php if ($pageNum_RS_prodotti > 0) { // Show if not first page ?>
[url="<?php printf("]">[img]./First.gif[/img][/url]
<?php } // Show if not first page ?></td>
<td><?php if ($pageNum_RS_prodotti > 0) { // Show if not first page ?>
[url="<?php printf("]">[img]./Previous.gif[/img][/url]
<?php } // Show if not first page ?></td>
<td><?php if ($pageNum_RS_prodotti < $totalPages_RS_prodotti) { // Show if not last page ?>
[url="<?php printf("]">[img]./Next.gif[/img][/url]
<?php } // Show if not last page ?></td>
<td><?php if ($pageNum_RS_prodotti < $totalPages_RS_prodotti) { // Show if not last page ?>
[url="<?php printf("]">[img]./Last.gif[/img][/url]
<?php } // Show if not last page ?></td>
</tr>
</table>
<?php } /* Show if recordset not empty */ else {?>
spiacenti nessun risultato trovato
<?php } ?>
</div>
<div id="contOfferta">
<div id="publicita"></div>
<div id="offerta"></div>
</div>
<div id="footer"></div>
</div>
</body>
</html>
<?php
mysql_free_result($RS_prodotti);
?>
in teoria nell'ulr quando la variabile cat è = a "Qualsiasi" non dovrebbe passare invece passa cmq....
Rispondi quotando