Jump to content

Sort database query without writing more code

stirrah

By stirrah
in Applications

Recommended Posts

stirrah Member

stirrah

Posted
Posted

Hey!

 

I'm fetching data frmo my database and displaying it in a table. Now I want to be able to display that data but sorted in different ways.

Right now it's sorted by id ASC. 

I want to make the <th> links, so when i press one of them, the page will sort the data in that way.

 

How can I make this without writing a lot of new querys? I want to use the one query i already have made.  

 

Here is my code:

<?php 
		if(isset($_GET['hpid'])) {
		    $hpid = (int)$_GET['hpid'];
		    $test = mysql_query("SELECT *  FROM `project`, `users`, `projectStatus` WHERE `projectHuvudId` = $hpid AND project.projectCreatorId = users.user_Id AND project.projectStatusId = projectStatus.statusId");
        $test2 = mysql_query("SELECT p.projektName
    , p.projectId
    , s1.statusName
    , u1.username as creatorName
    , u2.username as ansvarig
    , p.projectDescription
    , p.projectCreateDate
    , p.projectStartDate
    , p.projectEndDate
    
    FROM project p
    INNER JOIN users u1 ON p.projectCreatorId = u1.user_Id
    INNER JOIN users u2 ON p.projectAnsvarig = u2.user_Id
    INNER JOIN projectStatus s1 ON p.projectStatusId = s1.statusId 
    WHERE `projectHuvudId` = $hpid ORDER BY p.projectId ASC");

             ?> <table class="display">
             <th>ID</th>
              <th>Skapat</th>
              <th>Namn</th>
              <th>Start</th>
              <th>Slut</th>
              <th>Skapare</th>
              <th>Ansvarig</th>
              <th>Status</th>
              <?php
                  while($row = mysql_fetch_assoc($test2)) 
                  { ?>

                 
		
		    <tr>
        <td><?php echo "<a href='project.php?pid=" . $row['projectId'] . "'>" . $row['projectId'] . "</a>"; ?></td> 
		    <td><?php echo $row['projectCreateDate'] ?></td>
		    <td><?php echo $row['projektName'] ?></td>
        <td><?php echo $row['projectStartDate'] ?></td>
        <td><?php echo $row['projectEndDate'] ?></td>
        <td><?php echo $row['creatorName'] ?></td>
		    <td><?php echo $row['ansvarig'] ?></td>
        <td><?php echo $row['statusName'] ?></td>
		    </tr>
		
    <?php
                  }
                 ?> </table><?php

		    
		}
      ?>
mac_gyver Prolific Member

mac_gyver

Posted
Posted

the field name and sort direction being put into your existing query would instead be variables who's value comes from the links. to prevent sql injection you must either use a level of abstraction (use just a number in the links that is associated with each column name, then map the submitted number to the actual column name in your php code - an array with the index/value would work) or you must validate that the submitted column name is only just a permitted column name without anything else being part of it (an in_array() statement would work.)

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.