PHP isValidColumn Examples

Programming Language: PHP

Method/Function: isValidColumn

Examples at hotexamples.com: 2

PHP isValidColumn - 2 examples found. These are the top rated real world PHP examples of isValidColumn extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: remote.php Project: rinnkisi/TestTheory

<?php

require_once '../conf.php';
$where = "";
$filterValue = "";
if (isset($_POST["filterIndx"]) && isset($_POST["filterValue"])) {
    $filterIndx = $_POST["filterIndx"];
    if (isValidColumn($filterIndx) == false) {
        throw "invalid filter column";
    }
    $filterValue = $_POST["filterValue"];
    $where = " where " . $filterIndx . " like CONCAT('%', ?, '%')";
}
$sortIndx = $_POST["sortIndx"];
if (isValidColumn($sortIndx) == false) {
    throw "invalid sort column";
}
$sortDir = $_POST["sortDir"];
$sortDir = $sortDir == "up" ? "asc" : "desc";
$dbh = getDatabaseHandle();
//count filtered records.
$sql = "Select count(*) from invoices " . $where;
$pq_curPage = $_POST["pq_curpage"];
$pq_rPP = $_POST["pq_rpp"];
$stmt = $dbh->prepare($sql);
$stmt->execute(array($filterValue));
$total_Records = $stmt->fetchColumn();
$skip = pageHelper($pq_curPage, $pq_rPP, $total_Records);
$sql = "Select OrderID,CustomerName,ProductName,UnitPrice,Quantity,\n            OrderDate,RequiredDate,ShippedDate,ShipCountry,Freight,ShipName,\n            ShipAddress,ShipCity,ShipRegion,ShipPostalCode from invoices " . $where . " order by " . $sortIndx . " " . $sortDir . "  limit " . $skip . " , " . $pq_rPP;
//$stmt = $dbh->query($sql);
$stmt = $dbh->prepare($sql);

Example #2

Show file

File: remote.php Project: rinnkisi/TestTheory

<?php

require_once '../conf.php';
$where = "";
$filterValue = "";
if (isset($_POST["filterIndx"]) && isset($_POST["filterValue"])) {
    $filterIndx = $_POST["filterIndx"];
    if (isValidColumn($filterIndx) == false) {
        throw "invalid filter column";
    }
    $filterValue = $_POST["filterValue"];
    $where = " where " . $filterIndx . " like CONCAT('%', ?, '%')";
}
$dbh = getDatabaseHandle();
//count filtered records.
$sql = "Select count(*) from invoices " . $where;
$pq_curPage = $_POST["pq_curpage"];
$pq_rPP = $_POST["pq_rpp"];
$stmt = $dbh->prepare($sql);
$stmt->execute(array($filterValue));
$total_Records = $stmt->fetchColumn();
$skip = pageHelper($pq_curPage, $pq_rPP, $total_Records);
$sql = "Select OrderID,CustomerName,ProductName,UnitPrice,Quantity,\n            OrderDate,RequiredDate,ShippedDate,ShipCountry,Freight,ShipName,\n            ShipAddress,ShipCity,ShipRegion,ShipPostalCode from invoices " . $where . " order by OrderID limit " . $skip . " , " . $pq_rPP;
//$stmt = $dbh->query($sql);
$stmt = $dbh->prepare($sql);
$stmt->execute(array($filterValue));
$products = $stmt->fetchAll(PDO::FETCH_ASSOC);
$sb = "{\"totalRecords\":" . $total_Records . ",\"curPage\":" . $pq_curPage . ",\"data\":" . json_encode($products) . "}";
echo $sb;