From 1cac6bebea9dba1e7ed6d5459c4b66b0c6e2f36f Mon Sep 17 00:00:00 2001
From: Lan Hui <lanhui@zjnu.edu.cn>
Date: Thu, 7 Sep 2023 19:49:35 +0800
Subject: [PATCH] Courses.php: improve search logic

---
 Courses.php | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/Courses.php b/Courses.php
index 688086e..7820623 100644
--- a/Courses.php
+++ b/Courses.php
@@ -506,27 +506,26 @@ include 'Header.php';
 
 		<?php
 		error_reporting(0);
-		$student_id= $_SESSION['user_student_id'];
+		$student_id = $_SESSION['user_student_id'];
 		// current academic year - i.e 2021 - 2022 , so we will show in search result:
 		// course containing either 2021 or 2022 as academic year.
 		$oldest_academic_year = date('Y') - 1;
-		if(!empty($_GET["search"]) || !empty($_GET["faculty"]))
-		{
+		if (!empty($_GET["search"]) || !empty($_GET["faculty"])) {
 		    $search = trim(mysqli_real_escape_string($con, $_GET["search"]));
-		    $search = strtoupper($_GET['search']);
+		    $search = strtoupper($search); # was strtoupper($_GET['search']);
 		    $faculty = mysqli_real_escape_string($con, $_GET["faculty"]);
 
 		    // the user has not entered something under "Find course by Code"
-		    if($faculty=="")
+		    if($search != "" && $faculty == "")
 		    {
-			echo "<h4> Search results for course code: $search </h4><hr>";
-			$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
+                echo "<h4>Search results for course code: $search </h4><hr>";
+                $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
 						  . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`  "
 						  . " , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table"
 						  . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Academic_Year >= $oldest_academic_year and Course_Code like '%{$search}%'  and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id) order by Academic_Year desc");
 		    }
 		    // the user has entered something under "Find course by Code"
-		    else
+		    else if ($faculty != "")
 		    {
 			echo "<h3> Find courses under faculty: $faculty</h3>";
 			$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,