$sorts = array(1 => ' ORDER BY `name` ASC', 2 => ' ORDER BY `name` DESC', 3 => ' ORDER BY `exp` ASC', 4 => ' ORDER BY `exp` DESC'); $search = isset($_GET['search']) ? $_GET['search'] : ''; $sort = $_GET['sort']; $sortKey = isset($sort) && in_array($sort, array_keys($sorts)) ? $sort : 1; $orderSql = $sorts[$sortKey]; $searchSql = ''; if (!empty($search)) { $searchSqlSafe = cleanSql($search); $searchHtmlSafe = cleanHtml($search); $searchSql = " AND `name` LIKE '%{$searchSqlSafe}%' "; } $countQuery = mysql_query("SELECT `id` FROM `user_pokemon` WHERE `uid`='{$gid}' {$searchSql}"); $numRows = mysql_num_rows($countQuery); $pagination = new Pagination($numRows); if (!empty($search)) { $pagination->addQueryStringVar('search', $search); } if (isset($_GET['id'])) { $pagination->addQueryStringVar('id', (int) $_GET['id']); } if ($sortKey != 1) { $pagination->addQueryStringVar('sort', $sortKey); } $query = mysql_query("SELECT * FROM `user_pokemon` WHERE `uid`='{$gid}' {$searchSql} {$orderSql} LIMIT {$pagination->itemsPerPage} OFFSET {$pagination->startItem}"); echo ' <form method="get" style="text-align: center; margin: 20px 0px;"> '; if (isset($_GET['id'])) { $uuid = (int) $_GET['id']; echo '<input type="hidden" name="id" value="' . $uuid . '" />'; }
$sorts = array(1 => ' ORDER BY `name` ASC', 2 => ' ORDER BY `name` DESC', 3 => ' ORDER BY `exp` ASC', 4 => ' ORDER BY `exp` DESC', 5 => ' ORDER BY `price` ASC', 6 => ' ORDER BY `price` DESC', 7 => ' ORDER BY `id` ASC', 8 => ' ORDER BY `id` DESC'); $search = isset($_GET['search']) ? $_GET['search'] : ''; $searchSql = ''; $sort = $_GET['sort']; $sortKey = isset($sort) && in_array($sort, array_keys($sorts)) ? $sort : 5; $orderSql = $sorts[$sortKey]; if (!empty($search)) { $searchSqlSafe = cleanSql($search); $searchHtmlSafe = cleanHtml($search); $searchSql = " AND `name` LIKE '%{$searchSqlSafe}%' "; } $countQuery = mysql_query("SELECT * FROM `sale_pokemon` WHERE `uid` != '{$uid}' {$searchSql}"); $numRows = mysql_num_rows($countQuery); $pagination = new Pagination($numRows); if (!empty($search)) { $pagination->addQueryStringVar('search', $_GET['search']); } $pagination->addQueryStringVar('p', 'all'); $query = mysql_query("SELECT * FROM `sale_pokemon` WHERE `uid` != '{$uid}' {$searchSql} {$orderSql} LIMIT {$pagination->itemsPerPage} OFFSET {$pagination->startItem}"); $qs = ''; $qs .= 'p=all'; if (!empty($search)) { $qs .= '&search=' . urlencode($search); } $nameOrder = $_GET['sort'] == 1 ? 2 : 1; $expOrder = $_GET['sort'] == 3 ? 4 : 3; $priceOrder = $_GET['sort'] == 6 ? 5 : 6; $idOrder = $_GET['sort'] == 7 ? 8 : 7; echo ' <form method="get" action="" style="text-align: center; margin: 20px 0px;"> <input type="hidden" value="all" name="p" />
$sorts = array(1 => ' ORDER BY `name` ASC', 2 => ' ORDER BY `name` DESC', 3 => ' ORDER BY `exp` ASC', 4 => ' ORDER BY `exp` DESC', 5 => ' ORDER BY `id` ASC', 6 => ' ORDER BY `id` DESC'); $search = isset($_GET['search']) ? $_GET['search'] : ''; $searchSql = ''; $sort = $_GET['sort']; $sortKey = isset($sort) && in_array($sort, array_keys($sorts)) ? $sort : 1; $orderSql = $sorts[$sortKey]; if (!empty($search)) { $searchSqlSafe = cleanSql($search); $searchHtmlSafe = cleanHtml($search); $searchSql = " WHERE `name` LIKE '%{$searchSqlSafe}%' "; } $countQuery = mysql_query("SELECT `id` FROM `trade_pokemon` {$searchSql}"); $numRows = mysql_num_rows($countQuery); $pagination = new Pagination($numRows); if (!empty($_GET['a'])) { $pagination->addQueryStringVar('a', $_GET['a']); } if (!empty($search)) { $pagination->addQueryStringVar('search', $_GET['search']); } $query = mysql_query("SELECT * FROM `trade_pokemon` {$searchSql} {$orderSql} LIMIT {$pagination->itemsPerPage} OFFSET {$pagination->startItem}"); echo ' <h2 class="text-center">Pokemon Up For Trade</h2> <form method="get" action="" style="text-align: center; margin: 20px 0px;"> <input type="hidden" name="a" value="' . cleanHtml($_GET['a']) . '" /> <input type="hidden" name="page" value="' . cleanHtml($_GET['page']) . '" /> Search For: <input type="text" name="search" value="' . $searchHtmlSafe . '" /> <input type="submit" value="Search" /> </form> '; if (mysql_num_rows($query) == 0) { echo '<div class="info">Could not find any pokemon.</div>';
$uid = (int) $_SESSION['userid']; $search = isset($_GET['search']) ? $_GET['search'] : ''; $sort = $_GET['sort']; $sortKey = isset($sort) && in_array($sort, array_keys($sorts)) ? $sort : 1; $orderSql = $sorts[$sortKey]; $searchSql = ''; if (!empty($search)) { $searchSqlSafe = cleanSql($search); $searchHtmlSafe = cleanHtml($search); $searchSql = " AND `name` LIKE '%{$searchSqlSafe}%' "; } $countQuery = mysql_query("SELECT `id` FROM `user_pokemon` WHERE `uid`='{$uid}' {$searchSql}"); $numRows = mysql_num_rows($countQuery); $pagination = new Pagination($numRows); if (!empty($search)) { $pagination->addQueryStringVar('search', $search); } if ($sortKey != 1) { $pagination->addQueryStringVar('sort', $sortKey); } $query = mysql_query("SELECT * FROM `user_pokemon` WHERE `uid`='{$uid}' {$searchSql} {$orderSql} LIMIT {$pagination->itemsPerPage} OFFSET {$pagination->startItem}"); echo ' <form method="get" style="text-align: center; margin: 20px 0px;"> Search For: <input type="text" name="search" value="' . $searchHtmlSafe . '" /> <input type="submit" value="Search" /> </form> '; if (mysql_num_rows($query) == 0) { echo '<div class="info">Could not find any pokemon.</div>'; } else { $qs = ''; if (!empty($search)) {