darknet-lantern/www/search.php

<!DOCTYPE html>
<html>

<body>
    <head>
        <title>Darknet Onion Webring</title>
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
        <link rel="stylesheet" type="text/css" href="style.css">
        <link rel="icon" href="/favicon.ico">
    </head>


    <center>

<?php 
require("header.php");
?>

<form action="search.php" method="GET">
    <input type="text" name="query" />
    <input type="submit" value="Search" />
</form>


<?php
	$query = $_GET['query']; 
	// gets value sent over search form
	
	$min_length = 1;
	$max_length = 32;
	if(strlen($query) >= $min_length and strlen($query) <= $max_length){ // if query length is more or equal minimum length then
		
		$query = htmlspecialchars($query); 
		// removes the risky characters
		// there needs to be regex checking, only allow [a-zA-Z0-9.:/] 
		$query=preg_replace("/[^a-zA-Z0-9:\/.\ ]/", "", $query);
		
		echo "<p>Search results for " . $query . " :</p>";	
		echo nl2br("\n");
		echo "<p>" . "Instance name: " . $_SERVER['SERVER_NAME'] . "</p>";
		$instance= $_SERVER['SERVER_NAME'];
		echo nl2br("\n");
		$verifiedcsvpath="participants/" . $instance . '/verified.csv';
		$unverifiedcsvpath="participants/" . $instance . '/unverified.csv';
		//echo $verifiedcsvpath;
		//echo nl2br("\n");
		//echo $unverifiedcsvpath;
		echo "<h3><u>Verified Links:</u></h3>";
		echo nl2br("\n");
		DisplayCSVNEW($verifiedcsvpath,$query);
		echo "<h3><u>Unverified Links:</u></h3>";
		echo nl2br("\n");
		DisplayCSVNEW($unverifiedcsvpath,$query);
		// display the results of verified.csv
		// only display the results of verified.csv that matches with the search term
		// display the results of unverified.csv 
		// only display the results of unverified.csv that matches with the search term
		
	}
	else{ // if query length is less than minimum or more than maximum
		echo "<p>Search query must be between ".$min_length . " and ".$max_length . " characters.</p>";
	}
?>