Get your fill of sci-fi, science, and mockery of stupid ideas
http://stardestroyer.dyndns-home.com/
http://stardestroyer.dyndns-home.com/viewtopic.php?f=7&t=1699
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=iso-8859-1">
<TITLE>Star Trek Canon Database</TITLE>
<LINK REL="STYLESHEET" TYPE="text/css" HREF="../style.css" \>
</HEAD>
<BODY>
<H1 ALIGN=CENTER>Star Trek Canon Database</H1>
<?PHP
$db=mysql_connect("localhost","nobody","nobody");
mysql_select_db("canon",$db);
// Run query if form has already been submitted
if ($Submit || $Name || $Category) {
$sql1="SELECT * FROM startrek";
if ($Series) { $sql2=" WHERE Series='$Series'"; }
if ($Number) {
if ($sql2) { $sql3=" AND Number='$Number'"; }
else { $sql3=" WHERE Number='$Number'"; }
}
if ($Name) {
if ($sql2 || $sql3) { $sql4=" AND Name LIKE '%$Name%'"; }
else { $sql4=" WHERE Name LIKE '%$Name%'"; }
}
if ($Category) {
if ($sql2 || $sql3 || $sql4) { $sql5=" AND Category='$Category'"; }
else { $sql5=" WHERE Category='$Category'"; }
}
if ($Quotes) {
if ($sql2 || $sql3 || $sql4 || $sql5) { $sql6=" AND Quotes LIKE '%$Quotes%'"; }
else { $sql4=" WHERE Quotes LIKE '%$Quotes%'"; }
}
if ($Analysis) {
if ($sql2 || $sql3 || $sql4 || $sql5 || $sql6 ) { $sql7=" AND Analysis LIKE '%$Analysis%'"; }
else { $sql7=" WHERE Analysis LIKE '%$Analysis%'"; }
}
$sql=$sql1.$sql2.$sql3.$sql4.$sql5.$sql6.$sql7." ORDER BY Number";
$result=mysql_query($sql,$db);
$numrows=mysql_num_rows($result);
echo "<P ALIGN=CENTER>Your search returned $numrows records.</P>";
if ($myrow=mysql_fetch_array($result)) {
echo "<P>Database started: 1999-07-27<BR>\n";
$gendate = date("Y-m-d");
echo "Page generated: $gendate</P>\n";
echo "<TABLE BORDER=1>\n";
do {
echo "<TR VALIGN=TOP>\n";
printf("<TD>%s Season %s, Ep# %s: "<A HREF=\"%s?Name=%s\">%s</A>"\n",
$myrow["Series"],$myrow["Season"],$myrow["Number"],$PHP_SELF,$myrow["Name"],$myrow["Name"]);
printf("<BR><BR>\n");
printf("<SPAN CLASS=\"ufp\">%s</SPAN></TD>\n",$myrow["Quotes"]);
printf("<TD><B>%s</B>: ",$myrow["Category"]);
printf("%s</TD></TR>\n",$myrow["Analysis"]);
}
while ($myrow = mysql_fetch_array($result));
echo "</TABLE>\n";
}
else {
echo "<P ALIGN=CENTER>Much to learn, you still have.<BR>\n";
echo "Your search was a failure, my young Padawan.</P>\n";
}
echo "<H2 ALIGN=CENTER>Search Database Again</H2>\n";
}
else {
echo "<H2 ALIGN=CENTER>Search Database</H2>";
}
?>
<FORM METHOD="GET" ACTION="<?PHP echo $PHP_SELF?>">
<TABLE ALIGN=CENTER>
<TR>
<TD>Series:
<SELECT Name="Series">
<OPTION>
<OPTION>TOS
<OPTION>TNG
<OPTION>DS9
<OPTION>VOY
</SELECT></TD>
<TD>Category:
<SELECT Name="Category">
<OPTION>
<OPTION>Naval Weapons
<OPTION>Naval Tactics
<OPTION>Shields and Forcefields
<OPTION>Propulsion
<OPTION>Sensors
<OPTION>Ground Combat
<OPTION>Power
<OPTION>Size and Scope
<OPTION>Communications
<OPTION>Computers and Androids
<OPTION>Transporters
<OPTION>Replicators
<OPTION>Cloaks
<OPTION>Design
<OPTION>Command Structure
<OPTION>Culture
<OPTION>Borg
<OPTION>Realism
<OPTION>Misc
</SELECT></TD></TR>
<TR><TD ALIGN=RIGHT>Episode Name:</TD>
<TD><INPUT TYPE="Text" NAME="Name" SIZE=30 VALUE="<?PHP echo $Name ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Quote keywords:</TD>
<TD><INPUT TYPE="Text" NAME="Quotes" SIZE=30 VALUE="<?PHP echo $Quotes ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Analysis keywords:</TD>
<TD><INPUT TYPE="Text" NAME="Analysis" SIZE=30 VALUE="<?PHP echo $Analysis ?>"></TD></TR>
<TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE="Submit" NAME="Submit" VALUE="Submit"></TD></TR>
</TABLE>
</FORM>
<P><HR>
Return to Database <A HREF="index.html">index</A><BR>
This website is owned and maintained by Michael Wong<BR>
This site is not affiliated with Lucasfilm or Paramount<BR>
All associated materials are used under "Fair Use" provisions of copyright law.<BR>
All original content is © copyrighted by Michael Wong.<BR>
Click <A HREF="../index.html" TARGET="_top">here</A> to go to the main page</P>
</BODY>
</HTML>
Code: Select all
<?PHP
$db=mysql_pconnect("localhost","nobody","nobody");
mysql_select_db("canon",$db);
echo "
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 3.2//EN'>
<HTML>
<HEAD>
<META HTTP-EQUIV='CONTENT-TYPE' CONTENT='text/html; charset=iso-8859-1'>
<TITLE>Star Trek Canon Database</TITLE>
<LINK REL='STYLESHEET' TYPE='text/css' HREF='../style.css' >
</HEAD>
<BODY>
<H1 ALIGN=CENTER>Star Trek Canon Database</H1>
";
// Run query if form has already been submitted
$where = 0;
function addTerm($var,$varName,$like=false){
if($where=0){
if($like=false){
$sql.="WHERE $varName='$var' ";
}
else{
$sql.="WHERE $varName LIKE '%$var%' ";
}
$where=1;
}
else{
if($like=false){
$sql.="AND $varName='$var' ";
}
else{
$sql.="AND $varName LIKE '$var' ";
}
}
}
if ($Series || $Category) {
$sql="SELECT * FROM startrek ";
if ($Series) { addTerm($Series,"Series") }
if ($Name) { addTerm($Name,"Name",true) }
if ($Category) { addTerm($Category,"Category") }
if ($Quotes) { addTerm($Quotes,"Quotes",true) }
if ($Analysis) { addTerm($Analysis,"Analaysis",true) }
sql+=" ORDER BY Number";
$result=mysql_query($sql) or die($sql);
$numrows=mysql_num_rows($result);
echo "<P ALIGN=CENTER>Your search returned $numrows records.</P>";
if ($myrow=mysql_fetch_array($result)) {
echo "<P>Database started: 1999-07-27<BR>\n";
$gendate = date("Y-m-d");
echo "Page generated: $gendate</P>\n";
echo "<TABLE BORDER=1>\n";
do {
echo "<TR VALIGN=TOP>\n";
printf("<TD>%s Season %s, Ep# %s: "<A HREF=\"%s?Name=%s\">%s</A>"\n",
$myrow["Series"],$myrow["Season"],$myrow["Number"],$PHP_SELF,$myrow["Name"],$myrow["Name"]);
printf("<BR><BR>\n");
printf("<SPAN CLASS=\"ufp\">%s</SPAN></TD>\n",$myrow["Quotes"]);
printf("<TD><B>%s</B>: ",$myrow["Category"]);
printf("%s</TD></TR>\n",$myrow["Analysis"]);
}
while ($myrow = mysql_fetch_array($result));
echo "</TABLE>\n";
}
mysql_free_result($result);
else {
echo "<P ALIGN=CENTER>Much to learn, you still have.<BR>\n";
echo "Your search was a failure, my young Padawan.</P>\n";
}
echo "<H2 ALIGN=CENTER>Search Database Again</H2>\n";
}
else {
echo "<H2 ALIGN=CENTER>Search Database</H2>";
}
echo "
<FORM METHOD='GET' ACTION='".$PHP_SELF."'>
<TABLE ALIGN=CENTER>
<TR>
<TD>Series:
<SELECT Name='Series'>
<OPTION>
<OPTION>TOS
<OPTION>TNG
<OPTION>DS9
<OPTION>VOY
</SELECT></TD>
<TD>Category:
<SELECT Name='Category'>
<OPTION>
<OPTION>Naval Weapons
<OPTION>Naval Tactics
<OPTION>Shields and Forcefields
<OPTION>Propulsion
<OPTION>Sensors
<OPTION>Ground Combat
<OPTION>Power
<OPTION>Size and Scope
<OPTION>Communications
<OPTION>Computers and Androids
<OPTION>Transporters
<OPTION>Replicators
<OPTION>Cloaks
<OPTION>Design
<OPTION>Command Structure
<OPTION>Culture
<OPTION>Borg
<OPTION>Realism
<OPTION>Misc
</SELECT></TD></TR>
<TR><TD ALIGN=RIGHT>Episode Name:</TD>
<TD><INPUT TYPE='Text' NAME='Name' SIZE=30 VALUE='".$Name."'></TD></TR>
<TR><TD ALIGN=RIGHT>Quote keywords:</TD>
<TD><INPUT TYPE='Text' NAME='Quotes' SIZE=30 VALUE='".$Quotes."'></TD></TR>
<TR><TD ALIGN=RIGHT>Analysis keywords:</TD>
<TD><INPUT TYPE='Text' NAME='Analysis' SIZE=30 VALUE='".$Analysis."'></TD></TR>
<TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE='Submit' NAME='Submit' VALUE='Submit'></TD></TR>
</TABLE>
</FORM>
<P><HR>
Return to Database <A HREF='index.html'>index</A><BR>
This website is owned and maintained by Michael Wong<BR>
This site is not affiliated with Lucasfilm or Paramount<BR>
All associated materials are used under "Fair Use" provisions of copyright law.<BR>
All original content is © copyrighted by Michael Wong.<BR>
Click <A HREF='../index.html' TARGET='_top'>here</A> to go to the main page</P>
</body>
</html>
";
%>
*points at Mike* [Nelson]HA HA![/Nelson]Darth Wong wrote:OK, here's the current PHP file (but DON't LAUGH at my shitty coding!)
(motions to dark Imperial minions to hunt down this impudent person and lock him in a room with Jar-Jar Binks)Steve wrote:*points at Mike* [Nelson]HA HA![/Nelson]
No, it was just a little rough around the edges. Thanks for the help; I had to fix a couple of bugs to make it work (adding a global variable definition in the function, etc), but nothing really big.Azeron wrote:Well I didn;t go through debugging, but I did review it, and got rid of just about all the bugs I ussually make. Did you adapt the script from someone elses work? I just notcied some variables that weren't set yet included.
What kind of damage could anyone do, since the PHP script runs as a user with read-only access to the database?well if you want the sql vuln taken out, let me know. I don't think its really an issue in this case, though it might be a good idea. in case someone gets a wise idea.
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=iso-8859-1">
<TITLE>Star Trek Canon Database</TITLE>
<LINK REL="STYLESHEET" TYPE="text/css" HREF="../style.css" \>
</HEAD>
<BODY>
<H1 ALIGN=CENTER>Star Trek Canon Database</H1>
<?PHP
// Define page length = 50 rows
$pagelen=50;
$db=mysql_connect("localhost","nobody","nobody");
mysql_select_db("canon",$db);
// Define function for generating SQL query
$where = 0;
function addTerm($var,$varName,$like=false) {
global $sql,$where;
if ($where == 0) {
if ($like == false) { $sql.="WHERE $varName='$var' "; }
else { $sql.="WHERE $varName LIKE '%$var%' "; }
$where=1;
}
else {
if ($like == false) { $sql.="AND $varName='$var' "; }
else { $sql.="AND $varName LIKE '%$var%' "; }
}
}
// Run query if variables are present, ie- form has been submitted
if ($Submit || $pagenum || $Series || $Name || $Category || $Quotes || $Analysis) {
$sql="SELECT * FROM startrek ";
if ($Series) { addTerm($Series,"Series"); }
if ($Name) { addTerm($Name,"Name",true); }
if ($Category) { addTerm($Category,"Category"); }
if ($Quotes) { addTerm($Quotes,"Quotes",true); }
if ($Analysis) { addTerm($Analysis,"Analysis",true); }
$sql.=" ORDER BY Number";
$result=mysql_query($sql,$db) or die($sql);
// Pagination routine
$numrows=mysql_num_rows($result);
$pagetotal = ceil($numrows/$pagelen);
if ( $numrows > $pagelen ) {
if ( ! $pagenum ) { $pagenum = 1; }
$lowerlim = ($pagenum-1)*$pagelen;
$upperlim = ($pagenum)*$pagelen;
}
else
{
$lowerlim = 0;
$upperlim = $pagelen;
$pagenum = 1;
}
$sqlrun=$sql." LIMIT $lowerlim,$pagelen";
$result=mysql_query($sqlrun,$db);
// If search results non-zero results
if ($myrow=mysql_fetch_array($result)) {
// Display headers
if ( $pagenum == ($pagetotal) ) {
echo "<P ALIGN=CENTER>Displaying $lowerlim to $numrows of $numrows records.</P>";
}
else {
echo "<P ALIGN=CENTER>Displaying $lowerlim to $upperlim of $numrows records.</P>";
}
echo "<P>Database started: 1999-07-27<BR>\n";
$gendate = date("Y-m-d");
echo "Page generated: $gendate</P>\n";
// Display page numbers
echo "<P>Page ";
$page=1;
for ( $page=1; $page<=$pagetotal ; $page +=1 ) {
if ( $page == $pagenum ) {
echo "<B>$page</B> ";
}
else {
echo "<A HREF="$PHP_SELF?Series=$Series&Name=$Name&Category=$Category
&Quotes=$Quotes&Analysis=$Analysis&pagenum=$page">$page</A> ";
}
}
// Display results in table form
echo "<TABLE BORDER=1>\n";
do {
echo "<TR VALIGN=TOP>\n";
printf("<TD>%s Season %s, Ep# %s: "<A HREF="%s?Name=%s">%s</A>"\n",
$myrow["Series"],$myrow["Season"],$myrow["Number"],$PHP_SELF,$myrow["Name"],$myrow["Name"]);
printf("<BR><BR>\n");
printf("<SPAN CLASS="ufp">%s</SPAN></TD>\n",$myrow["Quotes"]);
printf("<TD><B>%s</B>: ",$myrow["Category"]);
printf("%s</TD></TR>\n",$myrow["Analysis"]);
}
while ($myrow = mysql_fetch_array($result));
echo "</TABLE>\n";
// Display page numbers again, right-justified this time
echo "<P ALIGN=RIGHT>Page ";
$page=1;
for ( $page=1; $page<=$pagetotal ; $page +=1 ) {
if ( $page == $pagenum ) {
echo "<B>$page</B> ";
}
else {
echo "<A HREF="$PHP_SELF?Series=$Series&Name=$Name&Category=$Category
&Quotes=$Quotes&Analysis=$Analysis&pagenum=$page">$page</A> ";
}
}
// Otherwise, print taunt
}
else {
echo "<P ALIGN=CENTER>Much to learn, you still have.<BR>\n";
echo "Your search was a failure, my young Padawan.</P>\n";
}
echo "<H2 ALIGN=CENTER>Search Database Again</H2>\n";
}
else {
echo "<H2 ALIGN=CENTER>Search Database</H2>";
}
?>
<FORM METHOD="GET" ACTION="<?PHP echo $PHP_SELF?>">
<TABLE ALIGN=CENTER>
<TR>
<TD>Series:
<SELECT Name="Series">
<OPTION>
<OPTION>TOS
<OPTION>TNG
<OPTION>DS9
<OPTION>VOY
</SELECT></TD>
<TD>Category:
<SELECT Name="Category">
<OPTION>
<OPTION>Naval Weapons
<OPTION>Naval Tactics
<OPTION>Shields and Forcefields
<OPTION>Propulsion
<OPTION>Sensors
<OPTION>Ground Combat
<OPTION>Power
<OPTION>Size and Scope
<OPTION>Communications
<OPTION>Computers and Androids
<OPTION>Transporters
<OPTION>Replicators
<OPTION>Cloaks
<OPTION>Design
<OPTION>Command Structure
<OPTION>Culture
<OPTION>Borg
<OPTION>Realism
<OPTION>Misc
</SELECT></TD></TR>
<TR><TD ALIGN=RIGHT>Episode Name:</TD>
<TD><INPUT TYPE="Text" NAME="Name" SIZE=30 VALUE="<?PHP echo $Name ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Quote keyphrase:</TD>
<TD><INPUT TYPE="Text" NAME="Quotes" SIZE=30 VALUE="<?PHP echo $Quotes ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Analysis keyphrase:</TD>
<TD><INPUT TYPE="Text" NAME="Analysis" SIZE=30 VALUE="<?PHP echo $Analysis ?>"></TD></TR>
<TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE="Submit" NAME="Submit" VALUE="Submit"></TD></TR>
</TABLE>
</FORM>
<P><HR>
Return to Database <A HREF="index.html">index</A><BR>
This website is owned and maintained by Michael Wong<BR>
This site is not affiliated with Lucasfilm or Paramount<BR>
All associated materials are used under "Fair Use" provisions of copyright law.<BR>
All original content is © copyrighted by Michael Wong.<BR>
Click <A HREF="../index.html" TARGET="_top">here</A> to go to the main page</P>
</BODY>
</HTML>
Oh, so I can take out the frustrations of my day to day life by beating Jar Jar to the brink of death? Can't kill him, since when he heals up I can repeat the process.Darth Wong wrote:(motions to dark Imperial minions to hunt down this impudent person and lock him in a room with Jar-Jar Binks)Steve wrote:*points at Mike* [Nelson]HA HA![/Nelson]
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=iso-8859-1">
<TITLE>Star Trek Canon Database</TITLE>
<LINK REL="STYLESHEET" TYPE="text/css" HREF="../style.css" \>
</HEAD>
<BODY>
<H1 ALIGN=CENTER>Star Trek Canon Database</H1>
<?PHP
// Define page length = 50 rows
$pagelen=50;
$db=mysql_connect("localhost","nobody","nobody");
mysql_select_db("canon",$db);
// Run query if variables are present, ie- form has been submitted
if ($Submit || $pagenum || $Series || $Name || $Category || $Quotes || $Analysis) {
$sql="SELECT * FROM startrek ";
$sql.="WHERE Series LIKE '%".addSlashes( $Series)."%' ";
$sql.="AND Quotes LIKE '%".addSlashes($Quotes)."%' ";
$sql.="AND Name LIKE '%".addSlahses($Name)."%' ";
$sql.="AND Category LIKE '%".addSlashes($Category)."%' ";
$sql.="AND Analysis LIKE '%".addSlashes($Analysis)."%' ";
$sql.=" ORDER BY Number ";
if(!$pagenum){$pagenum=0}
$sql.="LIMIT ".($pagenum *$ pagelen).",".(++$pagenum*$pagelen);
$result=mysql_query($sql,$db) or die($sql); '
//Stuff Down here needs to be fixed in regards to numbering out.
// If search results non-zero results
if ($myrow=mysql_fetch_array($result)) {
// Display headers
if ( $pagenum == ($pagetotal) ) {
echo "<P ALIGN=CENTER>Displaying $lowerlim to $numrows of $numrows records.</P>";
}
else {
echo "<P ALIGN=CENTER>Displaying $lowerlim to $upperlim of $numrows records.</P>";
}
echo "<P>Database started: 1999-07-27<BR>\n";
$gendate = date("Y-m-d");
echo "Page generated: $gendate</P>\n";
// Display page numbers
echo "<P>Page ";
$page=1;
for ( $page=1; $page<=$pagetotal ; $page +=1 ) {
if ( $page == $pagenum ) {
echo "<B>$page</B> ";
}
else {
echo "<A HREF=\"$PHP_SELF?Series=$Series&Name=$Name&Category=$Category
&Quotes=$Quotes&Analysis=$Analysis&pagenum=$page\">$page</A> ";
}
}
// Display results in table form
echo "<TABLE BORDER=1>\n";
do {
echo "<TR VALIGN=TOP>\n";
printf("<TD>%s Season %s, Ep# %s: "<A HREF=\"%s?Name=%s\">%s</A>"\n",
$myrow["Series"],$myrow["Season"],$myrow["Number"],$PHP_SELF,$myrow["Name"],$myrow["Name"]);
printf("<BR><BR>\n");
printf("<SPAN CLASS=\"ufp\">%s</SPAN></TD>\n",$myrow["Quotes"]);
printf("<TD><B>%s</B>: ",$myrow["Category"]);
printf("%s</TD></TR>\n",$myrow["Analysis"]);
}
while ($myrow = mysql_fetch_array($result));
echo "</TABLE>\n";
// Display page numbers again, right-justified this time
echo "<P ALIGN=RIGHT>Page ";
$page=1;
for ( $page=1; $page<=$pagetotal ; $page +=1 ) {
if ( $page == $pagenum ) {
echo "<B>$page</B> ";
}
else {
echo "<A HREF=\"$PHP_SELF?Series=$Series&Name=$Name&Category=$Category
&Quotes=$Quotes&Analysis=$Analysis&pagenum=$page\">$page</A> ";
}
}
// Otherwise, print taunt
}
else {
echo "<P ALIGN=CENTER>Much to learn, you still have.<BR>\n";
echo "Your search was a failure, my young Padawan.</P>\n";
}
echo "<H2 ALIGN=CENTER>Search Database Again</H2>\n";
}
else {
echo "<H2 ALIGN=CENTER>Search Database</H2>";
}
?>
<FORM METHOD="GET" ACTION="<?PHP echo $PHP_SELF?>">
<TABLE ALIGN=CENTER>
<TR>
<TD>Series:
<SELECT Name="Series">
<OPTION>
<OPTION>TOS
<OPTION>TNG
<OPTION>DS9
<OPTION>VOY
</SELECT></TD>
<TD>Category:
<SELECT Name="Category">
<OPTION>
<OPTION>Naval Weapons
<OPTION>Naval Tactics
<OPTION>Shields and Forcefields
<OPTION>Propulsion
<OPTION>Sensors
<OPTION>Ground Combat
<OPTION>Power
<OPTION>Size and Scope
<OPTION>Communications
<OPTION>Computers and Androids
<OPTION>Transporters
<OPTION>Replicators
<OPTION>Cloaks
<OPTION>Design
<OPTION>Command Structure
<OPTION>Culture
<OPTION>Borg
<OPTION>Realism
<OPTION>Misc
</SELECT></TD></TR>
<TR><TD ALIGN=RIGHT>Episode Name:</TD>
<TD><INPUT TYPE="Text" NAME="Name" SIZE=30 VALUE="<?PHP echo $Name ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Quote keyphrase:</TD>
<TD><INPUT TYPE="Text" NAME="Quotes" SIZE=30 VALUE="<?PHP echo $Quotes ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Analysis keyphrase:</TD>
<TD><INPUT TYPE="Text" NAME="Analysis" SIZE=30 VALUE="<?PHP echo $Analysis ?>"></TD></TR>
<TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE="Submit" NAME="Submit" VALUE="Submit"></TD></TR>
</TABLE>
</FORM>
<P><HR>
Return to Database <A HREF="index.html">index</A><BR>
This website is owned and maintained by Michael Wong<BR>
This site is not affiliated with Lucasfilm or Paramount<BR>
All associated materials are used under "Fair Use" provisions of copyright law.<BR>
All original content is © copyrighted by Michael Wong.<BR>
Click <A HREF="../index.html" TARGET="_top">here</A> to go to the main page</P>
</BODY>
</HTML>
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=iso-8859-1">
<TITLE>Star Trek Canon Database</TITLE>
<LINK REL="STYLESHEET" TYPE="text/css" HREF="../style.css" \>
</HEAD>
<BODY>
<H1 ALIGN=CENTER>Star Trek Canon Database</H1>
<?PHP
// Define page length = 50 rows
$pagelen=50;
$db=mysql_connect("localhost","nobody","nobody");
mysql_select_db("canon",$db);
// Run query if variables are present, ie- form has been submitted
if ($Submit || $pagenum || $Series || $Name || $Category || $Quotes || $Analysis) {
$sql="SELECT *,COUNT FROM startrek ";
$sql.="WHERE Series LIKE '%".addSlashes( $Series)."%' ";
$sql.="AND Quotes LIKE '%".addSlashes($Quotes)."%' ";
$sql.="AND Name LIKE '%".addSlashes($Name)."%' ";
$sql.="AND Category LIKE '%".addSlashes($Category)."%' ";
$sql.="AND Analysis LIKE '%".addSlashes($Analysis)."%' ";
$sql.=" ORDER BY Number ";
if($result=mysql_query($sql,$db)}{
//do some page forwarding
if(!$pagenum){$pagenum=0}
mysql_data_seek($result,$pagenum*$pagelen);
// Display headers
echo "<P ALIGN=CENTER>Displaying ";
echo $pagelen*$pagenum;
echo " to ";
if($numrows>$pagenum*$pagelen+$pagelen){echo $pagenum*$pagelen+$pagelen}
else { echo mysql_num_rows($result)}
echo " of ";
echo mysql_num_rows($result)." records.</P>";
echo "<P>Database started: 1999-07-27<BR>\n";
echo "Page generated: ".date("Y-m-d")."</P>\n";
// Display page numbers
echo "<P>Page ";
var $strTemp;
var $page=1;
for ( $page=1;$page<=ceil(mysql_num_rows($result)/$pagelen);$page++ ) {
if ( $page == $pagenum ) {
$strTemp.="<B>$page</B> ";
}
else {
$strTemp.="<A HREF=\"$PHP_SELF?Series=$Series&Name=$Name&Category=$Category
&Quotes=$Quotes&Analysis=$Analysis&pagenum=$page\">$page</A> ";
}
}
echo $strTemp;
// Display results in table form
echo "<TABLE BORDER=1>\n";
$z=0;
do {
echo "<TR VALIGN=TOP>\n";
printf("<TD>%s Season %s, Ep# %s: "<A HREF=\"%s?Name=%s\">%s</A>"\n",
$myrow["Series"],$myrow["Season"],$myrow["Number"],$PHP_SELF,$myrow["Name"],$myrow["Name"]);
printf("<BR><BR>\n");
printf("<SPAN CLASS=\"ufp\">%s</SPAN></TD>\n",$myrow["Quotes"]);
printf("<TD><B>%s</B>: ",$myrow["Category"]);
printf("%s</TD></TR>\n",$myrow["Analysis"]);
$z++;
}
while ($myrow = mysql_fetch_array($result)&$z!=$pagelen);
echo "</TABLE>\n";
// Display page numbers again, right-justified this time
echo "<P ALIGN=RIGHT>Page ";
echo $strTemp;
}
//print taunt
else{
echo "<P ALIGN=CENTER>Much to learn, you still have.<BR>\n";
echo "Your search was a failure, my young Padawan.</P>\n";
}
echo "<H2 ALIGN=CENTER>Search Database Again</H2>\n";
}
else {
echo "<H2 ALIGN=CENTER>Search Database</H2>";
}
?>
<FORM METHOD="GET" ACTION="<?PHP echo $PHP_SELF?>">
<TABLE ALIGN=CENTER>
<TR>
<TD>Series:
<SELECT Name="Series">
<OPTION>
<OPTION>TOS
<OPTION>TNG
<OPTION>DS9
<OPTION>VOY
</SELECT></TD>
<TD>Category:
<SELECT Name="Category">
<OPTION>
<OPTION>Naval Weapons
<OPTION>Naval Tactics
<OPTION>Shields and Forcefields
<OPTION>Propulsion
<OPTION>Sensors
<OPTION>Ground Combat
<OPTION>Power
<OPTION>Size and Scope
<OPTION>Communications
<OPTION>Computers and Androids
<OPTION>Transporters
<OPTION>Replicators
<OPTION>Cloaks
<OPTION>Design
<OPTION>Command Structure
<OPTION>Culture
<OPTION>Borg
<OPTION>Realism
<OPTION>Misc
</SELECT></TD></TR>
<TR><TD ALIGN=RIGHT>Episode Name:</TD>
<TD><INPUT TYPE="Text" NAME="Name" SIZE=30 VALUE="<?PHP echo $Name ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Quote keyphrase:</TD>
<TD><INPUT TYPE="Text" NAME="Quotes" SIZE=30 VALUE="<?PHP echo $Quotes ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Analysis keyphrase:</TD>
<TD><INPUT TYPE="Text" NAME="Analysis" SIZE=30 VALUE="<?PHP echo $Analysis ?>"></TD></TR>
<TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE="Submit" NAME="Submit" VALUE="Submit"></TD></TR>
</TABLE>
</FORM>
<P><HR>
Return to Database <A HREF="index.html">index</A><BR>
This website is owned and maintained by Michael Wong<BR>
This site is not affiliated with Lucasfilm or Paramount<BR>
All associated materials are used under "Fair Use" provisions of copyright law.<BR>
All original content is © copyrighted by Michael Wong.<BR>
Click <A HREF="../index.html" TARGET="_top">here</A> to go to the main page</P>
</BODY>
</HTML>
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=iso-8859-1">
<TITLE>Star Trek Canon Database</TITLE>
<LINK REL="STYLESHEET" TYPE="text/css" HREF="../style.css" \>
</HEAD>
<BODY>
<H1 ALIGN=CENTER>Star Trek Canon Database</H1>
<?PHP
// Define page length = 50 rows
$pagelen=50;
$db=mysql_connect("localhost","nobody","nobody");
mysql_select_db("canon",$db);
// Run query if variables are present, ie- form has been submitted
if ($Submit || $pagenum || $Series || $EpName || $Category || $Quotes || $Analysis) {
$sql="SELECT * FROM startrek ";
$sql.="WHERE Series LIKE '%".addSlashes($Series)."%' ";
$sql.="AND Name LIKE '%".addSlashes($EpName)."%' ";
$sql.="AND Category LIKE '%".addSlashes($Category)."%' ";
$sql.="AND Quotes LIKE '%".addSlashes($Quotes)."%' ";
$sql.="AND Analysis LIKE '%".addSlashes($Analysis)."%' ";
$sql.=" ORDER BY Number";
// If we get a result with at least 1 row, do some page forwarding
if ( ($result=mysql_query($sql,$db)) && (mysql_num_rows($result)>0) ) {
if( !$pagenum ) { $pagenum=1; }
mysql_data_seek ($result,($pagenum-1)*$pagelen);
// Display headers
echo "<P ALIGN=CENTER>Displaying ";
echo $pagelen*($pagenum-1)+1;
echo " to ";
$numrows=mysql_num_rows($result);
if($numrows>$pagenum*$pagelen) {
echo $pagenum*$pagelen;
}
else { echo $numrows; }
echo " of ";
echo $numrows." records.</P>";
echo "<P>Database started: 1999-07-27<BR>\n";
echo "Page generated: ".date("Y-m-d")."</P>\n";
// Display page numbers
echo "<P>Page";
$strTemp=" ";
$page=1;
for ( $page=1; $page<=ceil($numrows/$pagelen); $page++ ) {
if ( $page == $pagenum ) {
$strTemp.="<B>$page</B> ";
}
else {
$strTemp.="<A HREF=\"$PHP_SELF?Series=$Series&EpName=$EpName&Category=$Category
&Quotes=$Quotes&Analysis=$Analysis&pagenum=$page\">$page</A> ";
}
}
echo $strTemp;
// Display results in table form
echo "<TABLE BORDER=1>\n";
$tabrow=1;
// Note: we use while rather than do-while because we seek to 0,
// so we want to increment our position by 1 before grabbing the first row
while (($myrow = mysql_fetch_array($result)) && ($tabrow<=$pagelen) ) {
echo "<TR VALIGN=TOP>\n";
printf("<TD>%s Season %s, Ep# %s: "<A HREF=\"%s?EpName=%s\">%s</A>"\n",
$myrow["Series"],$myrow["Season"],$myrow["Number"],$PHP_SELF,$myrow["Name"],$myrow["Name"]);
printf("<BR><BR>\n");
printf("<SPAN CLASS=\"ufp\">%s</SPAN></TD>\n",$myrow["Quotes"]);
printf("<TD><B>%s</B>: ",$myrow["Category"]);
printf("%s</TD></TR>\n",$myrow["Analysis"]);
$tabrow++;
}
echo "</TABLE>\n";
// Display page numbers again, right-justified this time
echo "<P ALIGN=RIGHT>Page";
echo $strTemp;
}
// If no records were returned, print taunt
else {
echo "<P ALIGN=CENTER>Much to learn, you still have.<BR>\n";
echo "Your search was a failure, my young Padawan.</P>\n";
}
echo "<H2 ALIGN=CENTER>Search Database Again</H2>\n";
}
else {
echo "<H2 ALIGN=CENTER>Search Database</H2>";
}
?>
<FORM METHOD="GET" ACTION="<?PHP echo $PHP_SELF?>">
<TABLE ALIGN=CENTER>
<TR>
<TD>Series:
<SELECT Name="Series">
<OPTION>
<OPTION>TOS
<OPTION>TNG
<OPTION>DS9
<OPTION>VOY
</SELECT></TD>
<TD>Category:
<SELECT Name="Category">
<OPTION>
<OPTION>Naval Weapons
<OPTION>Naval Tactics
<OPTION>Shields and Forcefields
<OPTION>Propulsion
<OPTION>Sensors
<OPTION>Ground Combat
<OPTION>Power
<OPTION>Size and Scope
<OPTION>Communications
<OPTION>Computers and Androids
<OPTION>Transporters
<OPTION>Replicators
<OPTION>Cloaks
<OPTION>Design
<OPTION>Command Structure
<OPTION>Culture
<OPTION>Borg
<OPTION>Realism
<OPTION>Misc
</SELECT></TD></TR>
<TR><TD ALIGN=RIGHT>Episode Name:</TD>
<TD><INPUT TYPE="Text" NAME="EpName" SIZE=30 VALUE="<?PHP echo $EpName ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Quote keyphrase:</TD>
<TD><INPUT TYPE="Text" NAME="Quotes" SIZE=30 VALUE="<?PHP echo $Quotes ?>"></TD></TR>
<TR><TD ALIGN=RIGHT>Analysis keyphrase:</TD>
<TD><INPUT TYPE="Text" NAME="Analysis" SIZE=30 VALUE="<?PHP echo $Analysis ?>"></TD></TR>
<TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE="Submit" NAME="Submit" VALUE="Submit"></TD></TR>
</TABLE>
</FORM>
<P><HR>
Return to Database <A HREF="index.html">index</A><BR>
This website is owned and maintained by Michael Wong<BR>
This site is not affiliated with Lucasfilm or Paramount<BR>
All associated materials are used under "Fair Use" provisions of copyright law.<BR>
All original content is © copyrighted by Michael Wong.<BR>
Click <A HREF="../index.html" TARGET="_top">here</A> to go to the main page</P>
</BODY>
</HTML>