<?php
session_start();

$title = "Product Search";

include ('head.php');
$source = 'search';

// if (!isset($_SESSION['user'])) {
//     echo "<p>Not logged in. This should be an error page.</p>\n";
//     include ('foot.php');
//     exit;
// } 
?>
    <div class="row">
        <form class="form-horizontal" action="#" method="post">
            <div class="form-group">
                <label for="search" class="col-sm-3 control-label">Product</label>
                <div class="col-sm-6">
                  <input type="text" class="form-control" id="search" name="search">
                </div>
            </div>
            <div class="form-group">
                <div class="col-sm-offset-3 col-sm-10">
                    <button type="submit" class="btn btn-primary">Search</button>
                </div>
            </div>
        </form>
    </div>

<?php

if (isset($_POST['search'])) {
    require('DbPdoConnection.php');

    $db = DbPdoConnection::getDbConnection();

    $sql = "SELECT name, price FROM products WHERE name LIKE '{$_POST['search']}%'";
    $results = $db->query($sql);

    //DEBUG
    if (!$results) {
        var_dump($db->errorInfo());
        var_dump($sql);
        die;
    }

    $rows = $results->fetchAll();

    echo "<table><thead>\n";
    echo "\t<tr><th>Product</th><th>Price</tr>\n";
    echo "</thead><tbody>";

    foreach ($rows as $key=>$val) {
        echo "\t<tr><td>{$val['name']}</th><th>{$val['price']}</tr>\n";
    }

    echo "<tbody>\n</table>";
} // end if

include ('foot.php');