Hi i am building software download site. and need to sort software through drop down menu i have gone through w3Schools example (see here) for sorting data through AJAX and made some changes according to my requirement and it is not working properly, when i choose to sort data from picking any category it shows me whole data from database without sorting it respective to category selected to sort.
what i am doing wrong
Please help.
HTML
<form>
<select name="users" onchange="showUser(this.value)">
<option value="">Select a person:</option>
<option value="id">id</option>
<option value="title">title</option>
<option value="image">image</option>
<option value="description">description</option>
<option value="description">rating</option>
<option value="download">download</option>
<option value="buy">buy</option>
</select>
</form>
<br />
<div id="txtHint">content</div>
Javascript(AJAX)
<script type="text/javascript">
function showUser(str)
{
if (str=="")
{
document.getElementById("txtHint").innerHTML="";
return;
}
if (window.XMLHttpRequest)
{// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}
else
{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
document.getElementById("txtHint").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","getuser.php?q="+str,true);
xmlhttp.send();
}
PHP
<?php
$q=$_GET["q"];
$con = mysql_connect('localhost', 'root', '');
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("security_software", $con);
$sql="SELECT * FROM internet_security ORDER by '".$q."' DESC" ;
$result = mysql_query($sql);
echo "<table border='1'>
<tr>
<th>id</th>
<th>title</th>
<th>image</th>
<th>description</th>
<th>rating</th>
<th>download</th>
<th>buy</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['title'] . "</td>";
echo "<td>" . $row['image'] . "</td>";
echo "<td>" . $row['description'] . "</td>";
echo "<td>" . $row['rating'] . "</td>";
echo "<td>" . $row['download'] . "</td>";
echo "<td>" . $row['buy'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysql_close($con);
?>
The PHP can't be working because you are using single quotes in the ORDER BY
clause. This won't order them by the specified field because you're passing a string.
Try backticks:
$sql="SELECT * FROM internet_security ORDER by `".$q."` DESC" ;
I also recommend using a whitelist of values for the order by clause because it is a field name, you don't want to allow any string in there (even if it has been through real_escape). Set an array of possible values and only allow those.
Try using mysql_fetch_assoc(), instead of mysql_fetch_array().
If that fails try to print $result if it holds any value, then try using mysql_num_rows to determine if your query is executing properly.
As what i can see everything in your code is correct, though my brain is not a compiler so it's best for you to trap your errors properly. :)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.