chiro-canto/public/explore/search/searchrecord.php

<?php
session_reset();
session_start();
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
require "$root/database/credentials.php";
// Connect the database
try {
	$db = new PDO("mysql:host=$host;dbname=$database;charset=utf8", 
		$user, 
		$password, 
		array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
		));
} catch (Exception $e) {
	die("Error : ".$e->getMessage());
}

$_SESSION['error_msg'] = "";
if (isset($_POST['submit'])) 
{
    if (isset($_POST['species']) and $_POST['species'] != "")
    {
        $_SESSION['query']['species'] = $_POST['species'];
    }
    if (isset($_POST['subspecies']) and $_POST['subspecies'] != "")
    {
        $_SESSION['query']['subspecies'] = $_POST['subspecies'];
    }
    if (isset($_POST['recordist']) and $_POST['recordist'] != "")
    {
        $_SESSION['query']['recordist'] = $_POST['recordist'];
    }
    if (isset($_POST['date-after']) and $_POST['date-after'] != "")
    {
        $_SESSION['query']['date-after'] = $_POST['date-after'];
    }
    if (isset($_POST['date-before']) and $_POST['date-before'] != "")
    {
        $_SESSION['query']['date-before'] = $_POST['date-before'];
    }
    if (isset($_POST['keywords']) and $_POST['keywords'] != "") 
    {
        $_SESSION['query']['keywords'] = explode(',', $_POST['keywords']);
    }    
} else {
    $_SESSION['error_msg'] .= "You did not submit the search form. \n";
}

if ($_SESSION['error_msg'] == "") {
    if (isset($_SESSION['query'])) {
        $sql = 'SELECT * FROM `records` WHERE ';
        $and = False;
        if (isset($_SESSION['query']['species']) and $_SESSION['query']['species'] != "") {
            if ($and) {
                $sql .= " AND ";
            }   
            $sql .= ' species="'.$_SESSION['query']['species'].'"';
            $and = True;
        }
        if (isset($_SESSION['query']['subspecies']) and $_SESSION['query']['subspecies'] != "") {
            if ($and) {
                $sql .= " AND ";
            }
            $sql .= ' subspecies="'.$_SESSION['query']['subspecies'].'"';
            $and = True;
        }
        if (isset($_SESSION['query']['recordist']) and $_SESSION['query']['recordist'] != "") {
            if ($and) {
                $sql .= " AND ";
            }
            $sql .= ' recordist_name="'.$_SESSION['query']['recordist'].'"';
            $and = True;
        }
        if (isset($_SESSION['query']['date-after']) and $_SESSION['query']['date-after'] != "") {
            if ($and) {
                $sql .= " AND ";
            }
            $sql .= ' date>='.$_SESSION['query']['date-after'];
            $and = True;
        }
        if (isset($_SESSION['query']['date-before']) and $_SESSION['query']['date-before'] != "") {
            $sql .= ' date<='.$_SESSION['query']['date-before'];
        }
        if (isset($_SESSION['query']['keywords'])) {
            $sql .= " remarks ";
            $and = False;
            foreach ($_SESSION['query']['keywords'] as $keyword) {
                if ($keyword != ""){
                    if ($and) {
                        $sql .= " AND ";
                    }
                    $sql .= " LIKE '%$keyword%' ";
                }
                $and = True;
            }
        }
        // echo $sql;
        $req = $db->prepare($sql);
        $req->execute();
        $result = $req->fetchAll();
    } else {
        $_SESSION['error_msg'] .= "You did not enter any query.\n";
        header("Location: /explore/search");
    }

} else {
    header("Location: /explore/search");
}

if (isset($result)) {
    ?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Explore | Chiro - Canto</title>
    <link rel="stylesheet" type="text/css" href="/styles/style.css">
</head>
<body>
    <?php include("$root/menu.php");?>
    <?php include("$root/header.php");?>
    <section>
        <h3>Explore</h3>
        <h4>Search Results</h4>
        <?php 
        if (empty($result)) {
            echo "No result for this query, please try again.\n";
        } else {
            ?>
            <table>
            <thead>
                <tr>
                    <th>File name</th>
                    <th>Author</th>
                    <th>License</th>
                    <th>Date</th>
                </tr>    
            </thead> 
            <tbody>
        <?php
        foreach($result as $row) {
            ?>
            <tr>
                <td><a href="/explore/spectrograms?record=<?=$row['id']?>"><?=$row['file_name']?></a></td>
                <td><?=$row['recordist_name']?></td>
                <td><?=$row['license']?></td>
                <td><?=$row['date']?> <?=$row['time']?></td>
            </tr>
            <?php
        }
        ?>
            </tbody>
        </table>
        <?php
        }
        ?>
           </section>
    <?php include("$root/footer.php");?>
</body>
<script src="/scripts/script.js"></script>
</html>
    <?php
}