Файл: vsime.com/devices/inc/act_search.php
Строк: 69
<?
$title .= ' - Поиск';
$navigation .= " / Поиск";
$title .= " / Поиск";
ex_head();
echo "<div class='grand_h'>n";
echo "<table>n";
echo "<td><a href='/devices'><span class='block_l'>Популярные</span></a></td>n";
echo "<td><a href='/devices/?act=producers'><span class='block_l'>Производители</span></a></td>n";
echo "<td><span class='block_l'>Поиск</span></td>n";
echo "</table>n";
echo "</div>n";
$devices_search=NULL;
if (isset($_GET['devices_search']))$devices_search = esc(stripcslashes(htmlspecialchars($_GET['devices_search'])));
if (isset($_POST['devices_search']) && hsc(@$_POST['mdp'])==$mdp)$devices_search = esc(stripcslashes(htmlspecialchars($_POST['devices_search'])));
$devices_search = ereg_replace("( ){1,}","",$devices_search);
if ($devices_search) {
echo "<div class='grand_h'>n";
echo "Поиск <b>$devices_search</b><br />n";
echo "</div>n";
$count_results = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `devices_list` WHERE `name` LIKE '%".my_esc($devices_search)."%'"));
$count_pages = count_pages($count_results);
$page = page();
$start = start_pages();
if($count_results == 0)
{
echo "<div class='list'>n";
echo "По запросу <b>$devices_search</b> ничего не найдено<br />n";
echo "</div>n";
}
$query = mysqli_query($dbi, "SELECT * FROM `devices_list` WHERE `name` LIKE '%".my_esc($devices_search)."%' ORDER BY `name` ASC LIMIT $start, $config[rop]");
while ($device = mysqli_fetch_array($query)) {
$cat = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `devices_cat` WHERE `id` = '$device[id_cat]' LIMIT 1"));
echo "<div class='list'>n";
echo "<div class='left'>n";
echo "<img src='/i/devices/device_$device[id]_small.png' />n";
echo "</div>n";
echo "<div class='overf_hid'>n";
echo "<a href='?act=device_info&id_device=$device[id]'>".hsc($cat['name'])." ".hsc($device['name'])."</a>n";
echo "</div>n";
echo "<div class='clear'></div>n";
echo "</div>n";
}
pages_show("?act=search&devices_search=".$devices_search."&"); // Вывод страниц
}
echo "<form method='POST' action='?act=search'>n";
echo "<div class='freespace'>n";
echo "Введите название модели или ее часть:<br />n";
echo "<input type='text' name='devices_search' maxlength='16' value='' /><br />n";
echo "</div>n";
echo "<div class='freespace'>n";
echo "<input type='hidden' name='mdp' value='$mdp' />n";
echo "<input type='submit' name='submited' value='Найти' />n";
echo "</div>n";
echo "</form>n";
echo"<div class='foot'>n";
echo image_back()." <a href='/devices'>Назад</a>n";
echo"</div>n";
ex_foot();
?>