Jump to content

Sort database query without writing more code

stirrah

By stirrah
in Applications

 Share

Recommended Posts

stirrah Member

stirrah

Posted
Posted

Hey!

 

I'm fetching data frmo my database and displaying it in a table. Now I want to be able to display that data but sorted in different ways.

Right now it's sorted by id ASC. 

I want to make the <th> links, so when i press one of them, the page will sort the data in that way.

 

How can I make this without writing a lot of new querys? I want to use the one query i already have made.  

 

Here is my code:

<?php 
		if(isset($_GET['hpid'])) {
		    $hpid = (int)$_GET['hpid'];
		    $test = mysql_query("SELECT *  FROM `project`, `users`, `projectStatus` WHERE `projectHuvudId` = $hpid AND project.projectCreatorId = users.user_Id AND project.projectStatusId = projectStatus.statusId");
        $test2 = mysql_query("SELECT p.projektName
    , p.projectId
    , s1.statusName
    , u1.username as creatorName
    , u2.username as ansvarig
    , p.projectDescription
    , p.projectCreateDate
    , p.projectStartDate
    , p.projectEndDate
    
    FROM project p
    INNER JOIN users u1 ON p.projectCreatorId = u1.user_Id
    INNER JOIN users u2 ON p.projectAnsvarig = u2.user_Id
    INNER JOIN projectStatus s1 ON p.projectStatusId = s1.statusId 
    WHERE `projectHuvudId` = $hpid ORDER BY p.projectId ASC");

             ?> <table class="display">
             <th>ID</th>
              <th>Skapat</th>
              <th>Namn</th>
              <th>Start</th>
              <th>Slut</th>
              <th>Skapare</th>
              <th>Ansvarig</th>
              <th>Status</th>
              <?php
                  while($row = mysql_fetch_assoc($test2)) 
                  { ?>

                 
		
		    <tr>
        <td><?php echo "<a href='project.php?pid=" . $row['projectId'] . "'>" . $row['projectId'] . "</a>"; ?></td> 
		    <td><?php echo $row['projectCreateDate'] ?></td>
		    <td><?php echo $row['projektName'] ?></td>
        <td><?php echo $row['projectStartDate'] ?></td>
        <td><?php echo $row['projectEndDate'] ?></td>
        <td><?php echo $row['creatorName'] ?></td>
		    <td><?php echo $row['ansvarig'] ?></td>
        <td><?php echo $row['statusName'] ?></td>
		    </tr>
		
    <?php
                  }
                 ?> </table><?php

		    
		}
      ?>
Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

the field name and sort direction being put into your existing query would instead be variables who's value comes from the links. to prevent sql injection you must either use a level of abstraction (use just a number in the links that is associated with each column name, then map the submitted number to the actual column name in your php code - an array with the index/value would work) or you must validate that the submitted column name is only just a permitted column name without anything else being part of it (an in_array() statement would work.)

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.