Support the ongoing development of Laravel.io →
posted 10 years ago
Eloquent
Last updated 2 years ago.
0

First off, you don't need to return anything from the scope (however you may do so):

public function scopeSortable( $query ) {
     if(Input::has('s') && Input::has('o')) {
         $query->orderBy(Input::get('s'), Input::get('o'));
     }
}

Also I wouldn't couple that scope with Input, but that's your call.

Now, to get the table name, simply use $this->getTable()

Last updated 2 years ago.
0

jarektkaczyk said:

First off, you don't need to return anything from the scope (however you may do so):

public function scopeSortable( $query ) {
    if(Input::has('s') && Input::has('o')) {
        $query->orderBy(Input::get('s'), Input::get('o'));
    }
}

Also I wouldn't couple that scope with Input, but that's your call.

Now, to get the table name, simply use $this->getTable() Instead of using the input facade, you can specify parameters as part of the scope:

function scopeSortable($query, $orderBy = null, and $orderDir = null)
{
    if(!$orderBy !== null && $orderDir !== null) {
         $query->orderBy($orderBy, $orderDir);
    }
}

Also, something to be aware of - you MUST validate the column name for an order by clause. It's not escaped by default (it can't be, it's a column name after all) so if you just accept it blindly you're vulnerable to SQL injection attacks.

Last updated 2 years ago.
0

thepsion5 said:

jarektkaczyk said:

First off, you don't need to return anything from the scope (however you may do so):

public function scopeSortable( $query ) {
    if(Input::has('s') && Input::has('o')) {
        $query->orderBy(Input::get('s'), Input::get('o'));
    }
}

Also I wouldn't couple that scope with Input, but that's your call.

Now, to get the table name, simply use $this->getTable() Instead of using the input facade, you can specify parameters as part of the scope:

function scopeSortable($query, $orderBy = null, and $orderDir = null)
{
   if(!$orderBy !== null && $orderDir !== null) {
        $query->orderBy($orderBy, $orderDir);
   }
}

Also, something to be aware of - you MUST validate the column name for an order by clause. It's not escaped by default (it can't be, it's a column name after all) so if you just accept it blindly you're vulnerable to SQL injection attacks.

is validation ok with line like (btw: thats original question about I just didnt know how to get table name):

if (Schema::hasColumn($this->getTable(), Input::get('s')) && (Input::get('o') == 'asc' || Input::get('o') == 'desc')) {

I also figured if I do not return $query is throws error (wrong column) even I do not pass if statement... its weird

    if(Input::has('s') && Input::has('o')) {
        if (Schema::hasColumn($this->getTable(), Input::get('s')) && (Input::get('o') == 'asc' || Input::get('o') == 'desc')) { 
            return $query->orderBy(Input::get('s'), Input::get('o'));
        } else {
            return $query;
        }
    }

code above no error

without return it throws error I mention.

Last updated 2 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

Kyslik kyslik Joined 23 Jul 2014

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 Laravel.io - All rights reserved.