mysql_fetch_array help. displaying only selected records

[retsamedoc]

Good day! I am new to this forum and a beginner in Php and mysql i have a question

 

my code is working and running.. but i want to have a minor changes..

 

what will be the correct statement for it to not show a specific row in the table?

 

<?php

include('header.inc');

$sort=$_POST['sort'];

$row=mysql_query("select*from user order by $sort");

while($show=mysql_fetch_array($row))

{

$eno=$show['eno'];

 

echo $show['department']."<br>" ;

echo $show['lastname'].", ".$show['firstname'];

echo $show['address']."<br>";

echo $show['contactnum']."<br>";

echo $show['date_emp'];

}

?>

 

sample table:

  Department          Lastname          Address          Contact no.        Date Employed

!        HR                      John                  NY                  11111                1986-1-11

      Finance                Paul                  NY                  22222                1986-1-12

      IT Div.                  Ringo                NY                  33333                1986-1-13

 

in the example above, I don't want the 1st row to be displayed in the page.

 

thank you guys in advance!

[kickstart]

Hi

 

Would depend on how you want to exclude that record.

 

SELECT * FROM user ORDER BY $sort

 

brings back everything.

 

You can use a WHERE clause to limit the rows coming back. For example the following would only bring back rows where the department is 'It Div'

 

SELECT * FROM user WHERE Department = 'IT Div.' ORDER BY $sort

 

Or you can checking multiples with:-

 

SELECT * FROM user WHERE Department = 'IT Div.' OR Department = 'Finance' ORDER BY $sort

 

OR

 

SELECT * FROM user WHERE Department IN ('IT Div.', 'Finance') ORDER BY $sort

 

You can check other columns in the same way.

 

If you just want to ignore the first record brought back (which will depend on the sort order) then you can use LIMIT:-

 

SELECT * FROM user ORDER BY $sort LIMIT 1, 9999999

 

(where 9999999 is a large number bigger than the number of records you will every possibly bring back).

 

Please note that in your code you are using an unescaped variable from a for as a column in the sort clause. This is dangerous as it leaves you wide open to an SQL injection attack (where someone puts malicious SQL code in the data sent to your script). If you want to pass in the sort column I suggest you use something like:-

 

switch ($_POST['sort'])
{
case 'Department' :
$sort= 'Department';
break;
case 'Lastnamecase' :
$sort = 'Lastnamecase';
break;
case 'Address':
$sort = 'Address';
break;
default :
$sort = 'Department';
}

 

This way only fields you really want to allow can be used for the sort.

 

Or if you can put up with the readability issues of having sort columns defined by the column number:-

 

$sort = ((is_numeric($_POST['sort'])) ? intval($_POST['sort']) : 1);

 

but it isn't that useful (prevents nasties easily, but will still cause problems if there is no column with that number, such as column 0).

 

All the best

 

Keith

[retsamedoc]

hi keith,

thank you for giving me the solution of this problem..

 

$row=mysql_query("select*from user order by $sort LIMIT 1, 9999999");

 

works for me..

 

anyways, thank you for pointing out the $sort clauses. In my page i have a dropdown menu where the user can choose what to sort. thank you again for that.. I'm kinda new to the PHP language and i don't know the common and generic jargons in this language. The variables and the tables, I just made it all up for the sake of practicing PHP..

 

thank you for the help bro!

 

Skye

[kickstart]

Hi

 

No problem.

 

In my page i have a dropdown menu where the user can choose what to sort. thank you again for that

 

Users can play around with the page you have sent before returning it. Hence any data on it can have been changed. 99.9% of the time it will be fine, but some users will be a bit nasty.

 

All the best

 

Keith