--- /dev/null
+<?php
+
+$form_departure_city = filter_input(INPUT_POST, "departure_city", FILTER_SANITIZE_STRING);
+$form_departure_date = filter_input(INPUT_POST, "departure_date", FILTER_SANITIZE_STRING);
+$form_arrival_city = filter_input(INPUT_POST, "arrival_city", FILTER_SANITIZE_STRING);
+$form_arrival_date = filter_input(INPUT_POST, "arrival_date", FILTER_SANITIZE_STRING);
+$form_date_now = filter_input(INPUT_POST, "date_now", FILTER_SANITIZE_STRING);
+
+$oDepartureDate = new DateTime($form_departure_date);
+$oArrivalDate = new DateTime($form_arrival_date);
+$oDateNow = new Datetime($form_date_now);
+
+/**
+ * Sanity checks
+ */
+
+$input_failure = false;
+
+if ($form_departure_city === $form_arrival_city) {
+ echo "Departure and arrival city are the same. <br>";
+ $input_failure = true;
+}
+
+if ($oDepartureDate < $oDateNow) {
+ echo "The departure date is before the current date. <br>";
+ $input_failure = true;
+}
+
+if ($oArrivalDate <= $oDepartureDate) {
+ echo "Arrival date is before departure date. <br>";
+ $input_failure = true;
+}
+
+?>
+
+<h1> Rechercher un vol </h1>
+
+<form action="index.php" id="search" method="post">
+ <input type="hidden" name="form" value="search" />
+ <input type="hidden" name="date_now" value="<?php echo $form_date_now; ?>" />
+ <label> Départ : Ville -> </label>
+ <input type="text" size="15" name="departure_city" value="<?php echo $form_departure_city; ?>" required/>
+ <label> Date -> </label>
+ <input type="datetime-local" name="departure_date" value="<?php echo $form_departure_date; ?>" required/>
+ <label> Arrivée : Ville -> </label>
+ <input type="text" size="15" name="arrival_city" value="<?php echo $form_arrival_city; ?>" required/>
+ <label> Date -> </label>
+ <input type="datetime-local" name="arrival_date" value="<?php echo $form_arrival_date; ?>" required/>
+ <input type="submit" value="Valider">
+</form>
+<br>
+
+<?php
+if (!$input_failure) {
+ global $connection;
+ $sql_pquery = "select VOLS.NumVol as NumVol, VilleD, DateD, VilleA, DateA, Classe, round(CoutVol*CoeffPrix, 2) as Prix from VOLS, DEFCLASSES
+ where DEFCLASSES.NumVol = VOLS.NumVol and
+ DateD >= ? and VilleD = ? and DateA <= ? and VilleA = ?
+ order by DateD, NumVol, Prix";
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("ssss", array($form_departure_date, $form_departure_city, $form_arrival_date, $form_arrival_city));
+ $connection->run_prepared_query();
+ $connection->get_pquery_result();
+ $rows = $connection->get_result_array();
+ $connection->close_prepared_query();
+ //var_dump($rows);
+ if (empty($rows)) {
+ echo "Aucun vol ne correspond aux critères de recherche. <br>";
+ } else {
+ echo "<table id=\"search\">\n";
+ echo " <tr>\n";
+ echo " <th>Numéro de vol</th>\n";
+ echo " <th>Ville de départ</th>\n";
+ echo " <th>Date de départ</th>\n";
+ echo " <th>Ville d'arrivée</th>\n";
+ echo " <th>Date d'arrivée</th>\n";
+ echo " <th>Classe</th>\n";
+ echo " <th>Prix d'une place</th>\n";
+ echo " <th>Réserver</th>\n";
+ echo " </tr>\n";
+ foreach ($rows as $row) {
+ echo " <tr>\n";
+ echo " <td>" . $row['NumVol'] . "</td>\n";
+ echo " <td>" . $row['VilleD'] . "</td>\n";
+ echo " <td>" . $row['DateD'] . "</td>\n";
+ echo " <td>" . $row['VilleA'] . "</td>\n";
+ echo " <td>" . $row['DateA'] . "</td>\n";
+ echo " <td>" . $row['Classe'] . "</td>\n";
+ echo " <td>" . $row['Prix'] . "€</td>\n";
+ echo " <td>
+ <form action=\"index.php\" id=\"booking\" method=\"post\">
+ <input type=\"hidden\" name=\"form\" value=\"booking\" />
+ <input type=\"hidden\" name=\"flight_id\" value=\"" . $row['NumVol'] . "\" />
+ <input type=\"hidden\" name=\"class_name\" value=\"" . $row['Classe'] . "\" />
+ <input type=\"hidden\" name=\"place_price\" value=\"" . $row['Prix'] . "\" />
+ <label> Place(s) : </label>
+ <input type=\"number\" name=\"nb_place\" min=\"1\" max=\"9\" value=\"1\" required/>
+ <label> Vol retour : </label>
+ <input type=\"checkbox\" name=\"return_flight\" checked required/>
+ <input type=\"submit\" value=\"Reserver\">
+ </form>
+ </td>\n";
+ echo " </tr>\n";
+ }
+ echo "</table>";
+ }
+}
+
+?>