#!/usr/bin/perl
use strict;
use CGI qw/:standard :html3 *table/;
use DBI;
require "functions.pl";
our ($dbh,$owneremail,$ownerdesc,$sendmail,@states,@professions,$url_base,@industry);
my ($action,$sth,$rc,$query);
my (@buff,$city,$state,$zip,$profession,$industry);
my ($rows,$i);
$action=(param('action'))?param('action'):"";
if($action eq "Search") {
$city=(param('city'))?param('city'):"";
$state=(param('state'))?param('state'):"";
$zip=(param('zip'))?param('zip'):"";
$profession=(param('profession'))?param('profession'):"";
$industry=(param('industry'))?param('industry'):"";
db_connect();
$query="SELECT a.username,a.surname,a.middle,a.name,b.firm_name,b.city,
b.postal_code,b.state,b.services,b.industry,b.profession FROM
basic_auth a, personal_info b WHERE a.status='active' AND
a.superuser='N' AND a.id=b.id";
if ($city ne "") {
$city=quotemeta($city);
$query=$query." AND b.city='$city'";
}
if ($state ne "") {
$query=$query." AND b.state='$state'";
}
if ($profession ne "") {
$query=$query." AND b.profession='$profession'";
}
if ($industry ne "") {
$query=$query." AND b.industry='$industry'";
}
if ($zip ne "") {
$query=$query." AND b.postal_code LIKE '$zip%'";
}
$query=$query." ORDER BY a.surname,a.middle,a.name";
$sth = $dbh->prepare($query);
if (!$sth) {
print_error("[DBI]: Prepare Error Occured!",$DBI::errstr);
db_disconnect();
exit(1);
}
$rc=$sth->execute;
if (!$rc) {
print_error("[DBI]: Execute Error Occured!",$DBI::errstr);
$sth->finish();
db_disconnect();
exit(1);
}
$rows=$sth->rows;
if ($rows <= 0){
print_header('BizInc USA - Member Search');
print_form();
print "