datenbanksuche.php

Quell Code

<html>
<head>
<meta charset="UTF-8">
<style>


* {
  margin: 0;
  padding: 0;
}

td{
border:1px solid black;
}
</style>
  


<title>RFL</title></head>
<body>
<h1>Datenbank durchsuchen</h1>
<form action= "htmlde.php" method="post">
<?php
$id=rand(0,1000000000000);
echo "<input name='id' type='hidden' value='$id' >"; ?><br>
<span> Suchwort nach Email:<input type="text" name="Mail" maxlegnth="50"></span><br>
<span> Suchwort nach Name :<input type="text" name="Suche"></span><br>
<button type="submit" name="gesendet" >Suche starten</button><br>
</form>

 <?php
error_reporting(E_ALL);
ini_set('display_errors', true);
    
$DB_HOST = "http://127.0.0.1:51590";
$DB_USER = "root";
$DB_PASS = "FelixG";
$DB_NAME = "rfl";
$con = @new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);

$DB_HOST = "localhost";
$DB_USER = "sebastian1012";
$DB_PASS = "basti1012";
$DB_NAME = "sebastian1012";
$con = @new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);



if (isset($_POST["gesendet"])){
   $su=mysqli_escape_string($con,$_POST["Suche"]);
      $su1=mysqli_escape_string($con,$_POST["Mail"]);
   $sql = "SELECT * FROM profila   WHERE Nickname LIKE '%".$su."%' AND Mail LIKE '%".$su1."%'";
   $res = mysqli_query($con, $sql) or die ("MySQL-Error: " . mysqli_error($con));

   $rr=0;
   $all='<table>';
       $num = mysqli_num_rows($res);
        if($res){
           while ($dsatz = mysqli_fetch_assoc($res)){
              $id=htmlspecialchars($dsatz["id"]);
              $name=htmlspecialchars($dsatz["Nickname"]);
              $rr++;
              $all.= '<tr><td>'.$rr.'</td><td><a href="profil.php?id='.$id.'">'.$name.'</a></td><td>'.htmlspecialchars($dsatz["Mail"]).'</td></tr>';
           }
       }else{
           echo '<tr>Keine Einträge gefunden</tr>';
       }
     $all.= '</table>';
  $all.= $num.' Einträge gefunden';
   mysqli_close($con);
   
}
?>
<?php echo $all; ?>
</body></html>