Send parameters via GET

Asked

Viewed 756 times

5

I’m making a requisition the following way.

http://localhost/sistema-agenda-server/tarefas/listAll?id=1

I asked to see in the answer the generated sql and got the following answer:

SELECT * FROM tarefas WHERE idu_tar=:id

:id has not been changed to 1.

    public function get_listAll($id = null, $filtroData = null, $filtroDuracao = null, $ordem = null)
    {

        $sql = "SELECT * FROM tarefas WHERE idu_tar=:id ";
        $vars = array(':id' => $id);

        if(!is_null($filtroData))
        {
            $sql .= " AND datf_tar = :filtroData";
            $vars[':filtroData'] = $filtroData;
        }
        if(!is_null($filtroDuracao))
        {
            $sql .= " AND tee_tar = :filtroDuracao";
            $vars[':filtroDuracao'] = $filtroDuracao;
        }
        if(!is_null($ordem))
        {
            $sql .= " ORDER BY :ordem";
            $vars[':ordem'] = $ordem;
        }
        else
        {
            $sql .= " ORDER BY gra_tar";
        }

        $stmt = DB::prepare($sql);
        $stmt->execute($vars);
        $tarefas = $stmt->fetchAll();

        if($tarefas != null)
            return $tarefas;
        else
            throw new Exception("Erro ao obter tarefas!");
    }

If I change:

$vars = array(':id' => $id); for $vars = array(':id' => $_GET['id']); works. I believe it is something simple. Someone can help me?

This is the route according to the controller specification, action and the parameter , for my classes:

$app->get('/:controller/:action(/:parameter)',
    function ($controller, $action, $parameter = null) use($app){
        include_once "classes/{$controller}.php";
        $classe = new $controller();
        $retorno = call_user_func_array(array($classe, "get_" . $action), array($parameter));
        echo '{"result":' . json_encode($retorno) . '}';
});
php slim
  • 1

    as this called get_listAll, 'Cause as far as I can tell it should be something like this: get_listAll($_GET['id'], ...), am I correct? Read this: http://answall.com/help/mcve - follow the tips on the link, otherwise it will be difficult to help. I’m sure you’ll understand my comment as a constructive criticism :)

  • Show how you make the call of this method. o execute() does not return error?

  • $_GET['id'] is the right one. If it works without $_GET, it’s a poorly configured hosting signal (or a test-only local server, of course), without proper security care.

  • Is this what William Nascimento is asking me? $app->get('/:controller/:action(/:Parameter)', Function ($controller, $action, $Parameter = null) use($app) { include_once "classes/{$controller}. php"; $class = new $controller(); $return = call_user_func_array(array($class, "get_" . $action), array($Parameter)); echo '{"result":' . json_encode($return) . '}'; });

  • I’m using the slim framework

  • Edit the question and place these codes of comments.

Show 1 more comment

3 answers

1

Your query is returning a syntax error when it is $ordem has some value something like:

You have an error in your SQL syntax; check the manual that Corresponds to your Mysql server version for the right syntax to use near 'order by

For two reasons, first execute() sends all arguments as string, as it is not possible to bind with the column name. However there is a hack where it is possible to pass the column’s input and type it as int, it works in mysql.

  • I didn’t quite understand what you said.

0

before running PDO you need to bind in the parameters, for example below, you are assigning a direct bind in your array, I’ve never seen it used this way.

//exemplo de bind
$stmt->bindParam("id", $vars['id']);
$stmt->execute();

Below follows the Insert example of a task control application that I developed:

public function insertTask($dadosTask)
{
  try{
        $query = "INSERT INTO tasks (title_task,description) VALUES (:titulo,:descricao)";
        $query = Database::getInstance()->prepare($query);
        $query->bindParam("titulo", $dadosTask->title_task);
        $query->bindParam("descricao", $dadosTask->description);
        return $query->execute();
     }catch(PDOException $e){
        echo $e->getMessage();
     }
}

  • The bind on execute() works. Are three types, bindValue(), bindParam() and execute().

  • used this way that showed me, but as I did works perfectly and I believe that improves the code because it does not need to call the function bindParam several times

0

$app->get('/:controller/:action(/:parameter)', function ($controller, $action, $parameter = null) use($app)
                                                {
                                                    include_once "classes/{$controller}.php";
                                                    $classe = new $controller();
                                                    $retorno = call_user_func_array(array($classe, "get_" . $action), array($parameter));
                                                    echo '{"result":' . json_encode($retorno) . '}';
                                                });

  • On the question, hehe, this larger space is the answer. before php has the edit link.

  • first time with stackoverflow,kkkk

  • Normal, everyone misses, because they are used to running a forum. After a look at this link it explains quick how the site works and pq is different from a forum.

  • rray, answering your question from above, called the method like this: http://localhost/system-agenda-server/tasks/listAll? id=1 and fell on my Exception and Exception put the sql string to see what was going for the query and the answer was SELECT * FROM tasks WHERE idu_tar=:id... the placeholder continued :id

  • Aaaaah got it, ta using this? ta following some book/apostille?

  • Yes, Restful;...I’m following several books and websites.

  • Have you tried to make the call like this: http://localhost/sistema-agenda-server/tarefas/listAll/1. I asked about the book because this code reminds me that

  • Rray did the index following this book. It worked using http://localhost/system-agenda-server/tasks/listAll/1 but as sending the other parameters?

  • I need to modify my route...

  • I tried using wildcard route Parameters $app->get('/:controller/:action(/:Parameter+)' and couldn’t get... server response {'error':{"message":"Array to string Conversion"

  • What other parameters?

Show 6 more comments

Browser other questions tagged php slim

You are not signed in. Login or sign up in order to post.