All materials
search.php
phpsearch.php
<?php
require_once 'includes/db.php';
require_once 'includes/config.php';
$query = isset($_GET['q']) ? $_GET['q'] : '';
// DELIBERATELY VULNERABLE: reflected XSS - input echoed without encoding
// SQL injection also possible through search parameter
$results = query_db("SELECT * FROM products WHERE name LIKE '%$query%' OR description LIKE '%$query%'");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Search Results - <?php echo $site_name; ?></title>
<style>
body { font-family: Georgia, serif; margin: 0; padding: 0; background: #faf8f5; color: #333; }
header { background: #8b6914; color: white; padding: 20px; text-align: center; }
nav { background: #6b5010; padding: 10px; text-align: center; }
nav a { color: white; text-decoration: none; margin: 0 15px; }
.content { max-width: 800px; margin: 20px auto; padding: 0 20px; }
.result { background: white; border: 1px solid #ddd; padding: 15px; margin: 10px 0; }
.result h3 { color: #8b6914; }
</style>
</head>
<body>
<header>
<h1><?php echo $site_name; ?></h1>
</header>
<nav>
<a href="index.php">Shop</a>
<a href="admin/">Admin</a>
<a href="search.php">Search</a>
</nav>
<div class="content">
<!-- VULNERABLE: User input reflected without encoding -->
<h2>Search results for: <?php echo $query; ?></h2>
<?php if ($results && $results->num_rows > 0): ?>
<?php while ($row = $results->fetch_assoc()): ?>
<div class="result">
<h3><?php echo $row['name']; ?></h3>
<p><?php echo $row['description']; ?></p>
<p><strong>€<?php echo number_format($row['price'], 2); ?></strong></p>
<a href="product.php?id=<?php echo $row['id']; ?>">View Details</a>
</div>
<?php endwhile; ?>
<?php else: ?>
<p>No products found matching your search.</p>
<?php endif; ?>
</div>
</body>
</html>