Home/ Questions/Q 6685649
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T05:04:52+00:00

I want to use a dropdown list to order the query result. Whatever option

  • 0

I want to use a dropdown list to order the query result. Whatever option is chosen in the dropdown list, the query will be ordered in ascending order by the option selected. I am almost there but problem is that no matter which otion I choose from the drop down menu, it orders the table by Session ID only. How can I get the other drop down values to work so that when they are selected the table is ordered depending on the value chosen. Please look at the form, switchstatment and ORDER BY clause in query carefully and please help me on this problem.

Below is the code:

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title>Exam Interface</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>

<form action="exam_interface.php" method="post" name="sessionform">        <!-- This will post the form to its own page"-->
<p>Session ID: <input type="text" name="sessionid" /></p>      <!-- Enter Session Id here-->
<p>Module Number: <input type="text" name="moduleid" /></p>      <!-- Enter Module Id here-->
<p>Teacher Username: <input type="text" name="teacherid" /></p>      <!-- Enter Teacher here-->
<p>Student Username: <input type="text" name="studentid" /></p>      <!-- Enter User Id here-->
<p>Grade: <input type="text" name="grade" /></p>      <!-- Enter Grade here-->
<p>Order Results By: <select name="order">
<option value="noorder">Don't Order Results</option>
<option value="ordersessionid">Session ID</option>
<option value="ordermoduleid">Module Number</option>
<option value="orderteacherid">Teacher Username</option>
<option value="orderstudentid">Student Username</option>
<option value="ordergrade">Grade</option>
</select>
<p><input type="submit" value="Submit" /></p>
</form>

<?php

$username="xxx";
$password="xxx";
$database="mobile_app";

mysql_connect('localhost',$username,$password);

@mysql_select_db($database) or die("Unable to select database");

$sessionid = isset ($_POST['sessionid']) ? $_POST['sessionid'] : "";
$moduleid = isset ($_POST['moduleid']) ? $_POST['moduleid'] : "";
$teacherid = isset ($_POST['teacherid']) ? $_POST['teacherid'] : "";
$studentid = isset ($_POST['studentid']) ? $_POST['studentid'] : "";
$grade = isset ($_POST['grade']) ? $_POST['grade'] : "";
$orderfield = isset ($_POST['order']) ? $_POST['order'] : 'default order field';

$sessionid = mysql_real_escape_string($sessionid);
$moduleid = mysql_real_escape_string($moduleid);
$teacherid = mysql_real_escape_string($teacherid);
$studentid = mysql_real_escape_string($studentid);
$grade = mysql_real_escape_string($grade);

$_POST['ordersessionid'] = 'gr.SessionId';

$orderfield = isset ($_POST['order']);
switch ($orderfield) {
    case 'ordersessionid': $orderfield = 'gr.SessionId';
    break;
    case 'ordermoduleid': $orderfield = 'm.ModuleId'; 
    break;
    case 'orderteacherid': $orderfield = 's.TeacherId';
    break;
    case 'orderstudentid': $orderfield = 'gr.StudentId'; 
    break;
    case 'ordergrade': $orderfield = 'gr.Grade';
    break;
}

echo $orderfield;

$result = mysql_query("SELECT * FROM Module m INNER JOIN Session s ON m.ModuleId = s.ModuleId JOIN Grade_Report gr ON s.SessionId = gr.SessionId JOIN Student st ON gr.StudentId = st.StudentId WHERE ('$sessionid' = '' OR gr.SessionId = '$sessionid') AND ('$moduleid' = '' OR m.ModuleId = '$moduleid') AND ('$teacherid' = '' OR s.TeacherId = '$teacherid') AND ('$studentid' = '' OR gr.StudentId = '$studentid') AND ('$grade' = '' OR gr.Grade = '$grade') ORDER BY {$orderfield} ASC");

$num=mysql_numrows($result);    

echo "<table border='1'>
<tr>
<th>Student Id</th>
<th>Forename</th>
<th>Session Id</th>
<th>Grade</th>
<th>Mark</th>
<th>Module</th>
<th>Teacher</th>
</tr>";

while ($row = mysql_fetch_array($result)){

 echo "<tr>";
  echo "<td>" . $row['StudentId'] . "</td>";
  echo "<td>" . $row['Forename'] . "</td>";
  echo "<td>" . $row['SessionId'] . "</td>";
  echo "<td>" . $row['Grade'] . "</td>";
  echo "<td>" . $row['Mark'] . "</td>";
  echo "<td>" . $row['ModuleName'] . "</td>";
  echo "<td>" . $row['TeacherId'] . "</td>";
  echo "</tr>";
}

echo "</table>";

mysql_close();


 ?>

</body>
</html>

Thank You very much and please help.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This happens because you define $orderfield to be isset ($_POST['order']). isset() returns a boolean value; it doesn’t return the value of its argument, not even if the variable used as its argument is in fact defined. If you change that line to look more like the other lines involving isset(), you will get it to work.

    $orderfield = isset ($_POST['order']) ? $_POST['order'] : "";

    For security, I recommend two additional steps:

    • add a default case to your switch in case the submitted order field isn’t one of your expected values
    • use a different named variable in the query to the one used to contain the POST value, in order to make sure that content you put in the query is only the content that you have sanitised, or crafted yourself.
    • 0