Hi,
I am using
- Postrges 6.3.2
- DBI 0.93
- DBD-pg 0.73
- Slackware 3.3 Linux
I am accessing the database using a perl
CGI program.
I need to be able to list records from a
database in various sort orders. The user
needs to be able to select the sort order
using a web form.
The code I am using which works fine is
$sth1 = $dbh->prepare
(q
{
SELECT DISTINCT
catalogid,
productid,
reference,
title,
dateposted,
dateremove,
userlastupdate,
email,
webaddress,
phone,
details,
category
FROM product
WHERE (( catalogid = 'mp')
AND ( category like :1 )
AND ( details like :2 )
AND ( userlastupdate like :3 ))
ORDER BY title DESC
}
);
$counter = 0;
$sth1->execute (("$category\%"),("$keywords\%"), ("$postedby\%"))
or die "$DBI::errstr\n";
while ( (
$catalogid,
$productid,
$reference,
$title,
$dateposted,
$dateremove,
$userlastupdate,
$email,
$webaddress,
$phone,
$details,
$category
) = $sth1->fetchrow() )
{
$counter = $counter + 1;
After this the CGI writes out HTML
for each row read.
I want to be able to change the code so the
field name in the order by clause is variable
eg. instead of
ORDER BY title DESC
I want to say
ORDER BY :4 DESC
and in the execute statement
$sth1->execute (("$category\%"),("$keywords\%"), ("$postedby\%"))
add a fourth variable ("$orderby") which
will be set to title, dateposted or
userlastupdate
However if I use ("$orderby") as the
fourth variable and set $orderby to
title then my trace shows DBI puts
'title' into the SQL SELECT statement
not title and I get an invalid syntax
error. I need to find a way to stop
putting the ' ' around title.
Is there any way I can make the order by
operand a variable ??
Thanks,
Martin Stewart
