<?php
use AjaxLiveSearch\core\Handler;
header('Access-Control-Allow-Origin: http://ajaxlivesearch.com');
header('Access-Control-Allow-Methods: *');
header('Content-Type: application/json');
file_exists(realpath(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'Handler.php')) ? require_once realpath(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'Handler.php') : die('There is no such a file: Handler.php');
// 1. Validate all inputs
$errors = Handler::validateInput($_POST);
if (!empty($errors)) {
// Required inputs are not provided
Handler::formResponse('failed', "Error: Required or invalid inputs: " . implode(',', $errors));
}
// 2. A layer of security against those Bots that submit a form quickly
if (!Handler::verifyBotSearched($_POST['ls_page_loaded_at'])) {
// Searching is started sooner than the search start time offset
Handler::formResponse('failed', 'Error: You are too fast, or this is a Bot. Please search now.');
}
// 3. Verify the token - CSRF protection
if (!Handler::verifySessionValue('token', $_POST['ls_token']) || !Handler::verifySessionValue('anti_bot', $_POST['ls_anti_bot'])) {
// Tokens are not matched
Handler::formResponse('failed', 'Error: Please refresh the page. It seems that your session is expired.');
}
// 4. Start looking for the query
$result = json_encode(Handler::getResult($_POST['ls_query'], (int) $_POST['ls_current_page'], (int) $_POST['ls_items_per_page']));
// 5. Return the result
Handler::formResponse('success', 'Successful request', $result);
<link rel="stylesheet" type="text/css" href="css/style.min.css">
</head>
<body>
<!-- Search Form Demo -->
<div class="ls_container">
<!-- Search Form -->
<form accept-charset="UTF-8" class="search" id="ls_form" name="ls_form">
<?php
// Set javascript anti bot value in the session
Handler::getJavascriptAntiBot();
?>
<input type="hidden" name="ls_anti_bot" id="ls_anti_bot" value="">
<input type="hidden" name="ls_token" id="ls_token" value="<?php
echo Handler::getToken();
?>
">
<input type="hidden" name="ls_page_loaded_at" id="ls_page_loaded_at" value="<?php
echo time();
?>
">
<input type="hidden" name="ls_current_page" id="ls_current_page" value="1">
<input type="text" name="ls_query" id="ls_query" placeholder="Type to start search (e.g., Chris, 你好, محمد)" autocomplete="off" maxlength="<?php
echo Config::getConfig('maxInputLength');
?>
">
<!-- Result -->
<div id="ls_result_div">
<div id="ls_result_main">
<?php
file_exists(__DIR__ . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'Handler.php') ? require_once __DIR__ . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'Handler.php' : die('There is no such a file: Handler.php');
file_exists(__DIR__ . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'Config.php') ? require_once __DIR__ . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'Config.php' : die('There is no such a file: Config.php');
use AjaxLiveSearch\core\Config;
use AjaxLiveSearch\core\Handler;
if (session_id() == '') {
session_start();
}
Handler::getJavascriptAntiBot();
$token = Handler::getToken();
$time = time();
$maxInputLength = Config::getConfig('maxInputLength');
?>
<!DOCTYPE html>
<html lang="en">
<head>
<link href='http://fonts.googleapis.com/css?family=Quattrocento+Sans:400,400italic,700,700italic' rel='stylesheet' type='text/css'>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta name="description"
content="AJAX Live Search is a PHP search form that similar to Google Autocomplete feature displays the result as you type">
<meta name="keywords"
content="Ajax Live Search, Autocomplete, Auto Suggest, PHP, HTML, CSS, jQuery, JavaScript, search form, MySQL, web component, responsive">
<meta name="author" content="Ehsan Abbasi">
<title>AJAX Live Search</title>
<!-- Live Search Styles -->
<link rel="stylesheet" href="css/fontello.css">
header('Access-Control-Allow-Methods: *');
header('Content-Type: application/json');
file_exists(realpath(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'Handler.php')) ? require_once realpath(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'Handler.php') : die('There is no such a file: Handler.php');
// 1. Validate all inputs
$errors = Handler::validateInput($_POST);
if (!empty($errors)) {
// Required inputs are not provided
Handler::formResponse('failed', 'Error: Required or invalid inputs: ' . implode(',', $errors));
}
// 2. A layer of security against those Bots that submit a form quickly
if (!Handler::verifyBotSearched($_POST['ls_page_loaded_at'])) {
// Searching is started sooner than the search start time offset
Handler::formResponse('failed', 'Error: You are too fast, or this is a Bot. Please search now.');
}
// 3. Verify the token - CSRF protection
if (!Handler::verifySessionValue('token', $_POST['ls_token']) || !Handler::verifySessionValue('anti_bot', $_POST['ls_anti_bot'])) {
// Tokens are not matched
Handler::formResponse('failed', 'Error: Please refresh the page. It seems that your session is expired.');
}
try {
// 4. Start looking for the query
$result = json_encode(Handler::getResult($_POST['ls_query_id'], $_POST['ls_query'], (int) $_POST['ls_current_page'], (int) $_POST['ls_items_per_page']));
} catch (\Exception $e) {
$catchedError = $e->getMessage();
}
if (empty($catchedError)) {
// 5. Return the result
Handler::formResponse('success', 'Successful request', $result);
} else {
Handler::formResponse('failed', $catchedError);
}
