| ID | Description |
| 2201 | Me on skis. Bet you can't see where Dave's finger was blocking part of the snow. I don't usually alter pictures aside from basic editing, but I liked this version and wanted it to look nice. |
<html><body bgcolor="#EEEEEE">
<h1>Gallery2 ID Lookup</h1>
<?php
if ($_POST['title']){
//I know.. cheap, but never trust user input
if (strlen($_POST['title']) > 80) die ("hacking attempt");
$title = str_replace(Array('"',"'",'>','<',';'),Array(NULL,NULL,NULL,NULL,NULL),$_POST['title']);
}else{
$title = "imgp3883_reconstructed_gallery2";
}
?>
<form action="http://dwm.cc/test.php" method="post">
Please enter the <i>exact</i> picture title from Gallery2 where you wish to find the ID:
<br><input name="title" value=<?php echo $title;?> size="40" maxlength="80"><input type="Submit">
<br><i>eg imgp3883_reconstructed_gallery2</i>
</form>
<br><b>Search Results</b>
<br>An empty table means your search returned no results.
<?php
if ($title){
//Replace with your database login ($dbhost is usually "localhost"):
$link = mysql_connect($dbhost, $dbusername, $dbpasswd) or die("Could not connect: ".mysql_error());
$select = mysql_select_db($dbname)
or die("Could not connect to database: ".mysql_error());
$result=mysql_query("SELECT g_id, g_summary FROM g2_Item WHERE g_title = '$title' ORDER BY g_id DESC LIMIT 0 , 15");
echo "<br><br><table border=1><tr><td><b>ID</b></td><td><b>Description</b></td></tr>";
while ($row=mysql_fetch_assoc($result))
echo "<tr><td>".$row['g_id']."</td><td>".$row['g_summary']."</td></tr>";
echo "</table>";
mysql_free_result($result);
mysql_close($link);
}
?>
</body></html>