- stripslashes: documentation ( source)
- htmlspecialchars: documentation ( source)
- trim: documentation ( source)
<?php
// connect to database
//db_host = "localhost" ;
$db_name = "maffeij_art" ;
//$db_user = "maffeij" ;
//$db_password = "a1yorkie" ;
//@ $db = mysql_pconnect('localhost','maffeij_maffeij','sheepish1986');
$db = mysqli_connect('localhost', 'maffeij_maffeij', 'sheepish1986', 'maffeij_art');
if(!$db)
{
echo 'Could not connect to the database';
exit;
}
// select table
mysql_select_db ('maffeij_art');
// see if we should be showing the category or the sub category
$sub = trim($_POST['sub']);
if(empty($sub))
{
// we didn't come from an edit record, we came from a results page
// so grab the id appended to the url
$sub = $_GET['sub'];
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title>Contents</title>
</head>
<!-- <body text="#000000" link="#666666" vlink="#808080" alink="#000000" bgcolor="#CCCCCC"> -->
<body text="#000000" link="#666666" vlink="#808080" alink="#000000" bgcolor="#666666">
<p align="center"> </p>
<p align="center">
<?php
if($sub == '')
{
echo "<a href='detail.php?id=179&home=1' target ='mainframe'><img border='0' src='images/home.gif' width='140' height='40'></a>";
}
else
{
//echo "<a href='contents.php' target ='menuframe'><img border='0' src='images/back.gif' width='140' height='40'></a>";
echo "<a href='contents.php'><img border='0' src='images/return.gif' width='140' height='40'></a>";
}
echo "<img border='0' src='images/line.gif'>";
if($sub == '')
{
$query = 'select * from category order by catorder';
}
else
{
$query = "select * from subcategory where parentid = ".$sub." order by subcatorder";
}
$result = mysql_query($query);
$num_results = mysql_num_rows($result);
for($i=0; $i < $num_results; $i++)
{
$row = mysql_fetch_array($result);
$id = htmlspecialchars(stripslashes($row['id']));
$parentid = htmlspecialchars(stripslashes($row['parentid']));
$name = htmlspecialchars(stripslashes($row['name']));
$url = htmlspecialchars(stripslashes($row['url']));
$image = htmlspecialchars(stripslashes($row['image']));
$target = htmlspecialchars(stripslashes($row['target']));
if($image != '')
{
if($url != '')
{
if($target == '')
{
echo "<a href='$url'><img border='0' src='images/$image' width='140' height='40'></a>";
}
else
{
echo "<a href='$url' target = '$target'><img border='0' src='images/$image' width='140' height='40'></a>";
}
}
else
{
echo "<img border='0' src='images/$image' width='140' height='40'>";
}
}
else
{
if($url != '')
{
if($target == '')
{
echo "<a href='$url'>".$name."</a>";
}
else
{
echo "<font color='#666666' size='1' face='Arial Special G1'><a href='$url' target = '$target'>".$name."</a>";
}
}
else
{
echo $name;
}
}
//echo $name;
}
?>
<!-- <base target="mainframe">
<CENTER>
<form action="browse.php" method="post">
<input type="text" name="keyword" SIZE="10">
<input type="image" src="images/search.gif">
</form>
</CENTER>
<p align="center"> </p> -->
</body>
</html>