Paste2.org - Viewing Paste GwtOEXjD

<?php
include('../auth.php');
if($_SESSION["userdata"]["acces"] != 4){
header("Loaction: ../home");
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>Usersuche Test</title>
<script type="text/javascript" src="https://code.jquery.com/jquery-2.2.3.min.js"></script>
</head>
<script type="text/javascript">
$(function(){
$('#search').keyup(function() {
if($(this).val().length > 0) {
$.get("search.php", {search: $(this).val()}, function(data) {
$("#results").html(data);
});
}
});
});
</script>
<body>
<form action="">
<fieldset>
<label for="filter">User: </label>
<input type="text" name="search" id="search" />
</fieldset>
</form>
<?php
require_once('../db.connect.php');
if($_GET['search'])
$sql = mysqli_query($DBCONN, "SELECT * FROM users ORDER BY username ASC;");
else
$sql = mysqli_query($DBCONN, "SELECT * FROM users WHERE username LIKE '%" . $_GET['search'] . "%'
ORDER BY name ASC;");
while($row = mysqli_fetch_object($sql)) {
echo "<br />".$row->name;
}
?>
<div id="results"></div>
</body>
</html>