<?php
error_reporting(0);
include("config.php");

$query = isset($_POST['query']) ? trim($_POST['query']) : "";
$condition = "";

// Escape the query safely
if (!empty($query)) {
    $query = $conn->real_escape_string($query);
    $condition = "WHERE 
        applications.applicant_name LIKE '%$query%' OR 
        applications.appjob_id LIKE '%$query%' OR 
        applications.postname2 LIKE '%$query%' OR 
        applications.postname3 LIKE '%$query%' OR 
        applications.status LIKE '%$query%' OR 
        applications.mobile LIKE '%$query%' OR 
        applications.alt_mobile LIKE '%$query%'";
}

$sql = "SELECT * FROM applications 
        $condition 
        ORDER BY id DESC";

$result = $conn->query($sql);
$count = 0;

if ($result->num_rows > 0) {
    while ($meta = mysqli_fetch_assoc($result)) {
        $count++;
        echo "<tr>
            <td>{$count}</td>
            <td>" . date('d M Y', strtotime($meta['appliaction_date'])) . "</td>
            <td>" . ucfirst($meta['appjob_id']);
                if (!empty($meta['postname2'])) echo "<br>" . ucfirst($meta['postname2']);
                if (!empty($meta['postname3'])) echo "<br>" . ucfirst($meta['postname3']);
        echo "</td>
            <td>" . ucfirst($meta['applicant_name']) . "</td>
            <td>" . htmlspecialchars($meta['mobile']) . "<br>" . htmlspecialchars($meta['alt_mobile']) . "</td>
            <td><a href='view_info.php?id={$meta['id']}'>Manage Profile</a></td>
            <td>
                <a class='btn3' title='delete' href='del_form.php?flag=del&id={$meta['id']}' onclick='return confirm(\"Do You Want To Delete This?\");'>
                    <center><i class='fa fa-trash icon-white'></i></center>
                </a>
            </td>
        </tr>";
    }
} else {
    echo "<tr><td colspan='7' style='text-align:center;'>No records found.</td></tr>";
}

$conn->close();
?>
