Support the ongoing development of Laravel.io →
kyslik
posted 10 years ago
Eloquent
Last updated 2 years ago.
0
jarektkaczyk
replied 10 years ago
Solution

First off, you don't need to return anything from the scope (however you may do so):

public function scopeSortable( $query ) {
     if(Input::has('s') && Input::has('o')) {
         $query->orderBy(Input::get('s'), Input::get('o'));
     }
}

Also I wouldn't couple that scope with Input, but that's your call.

Now, to get the table name, simply use $this->getTable()

Last updated 2 years ago.
0
thepsion5
replied 10 years ago

jarektkaczyk said:

First off, you don't need to return anything from the scope (however you may do so):

public function scopeSortable( $query ) {
    if(Input::has('s') && Input::has('o')) {
        $query->orderBy(Input::get('s'), Input::get('o'));
    }
}

Also I wouldn't couple that scope with Input, but that's your call.

Now, to get the table name, simply use $this->getTable() Instead of using the input facade, you can specify parameters as part of the scope:

function scopeSortable($query, $orderBy = null, and $orderDir = null)
{
    if(!$orderBy !== null && $orderDir !== null) {
         $query->orderBy($orderBy, $orderDir);
    }
}

Also, something to be aware of - you MUST validate the column name for an order by clause. It's not escaped by default (it can't be, it's a column name after all) so if you just accept it blindly you're vulnerable to SQL injection attacks.

Last updated 2 years ago.
0
kyslik
replied 10 years ago

thepsion5 said:

jarektkaczyk said:

First off, you don't need to return anything from the scope (however you may do so):

public function scopeSortable( $query ) {
    if(Input::has('s') && Input::has('o')) {
        $query->orderBy(Input::get('s'), Input::get('o'));
    }
}

Also I wouldn't couple that scope with Input, but that's your call.

Now, to get the table name, simply use $this->getTable() Instead of using the input facade, you can specify parameters as part of the scope:

function scopeSortable($query, $orderBy = null, and $orderDir = null)
{
   if(!$orderBy !== null && $orderDir !== null) {
        $query->orderBy($orderBy, $orderDir);
   }
}

Also, something to be aware of - you MUST validate the column name for an order by clause. It's not escaped by default (it can't be, it's a column name after all) so if you just accept it blindly you're vulnerable to SQL injection attacks.

is validation ok with line like (btw: thats original question about I just didnt know how to get table name):

if (Schema::hasColumn($this->getTable(), Input::get('s')) && (Input::get('o') == 'asc' || Input::get('o') == 'desc')) {

I also figured if I do not return $query is throws error (wrong column) even I do not pass if statement... its weird

    if(Input::has('s') && Input::has('o')) {
        if (Schema::hasColumn($this->getTable(), Input::get('s')) && (Input::get('o') == 'asc' || Input::get('o') == 'desc')) { 
            return $query->orderBy(Input::get('s'), Input::get('o'));
        } else {
            return $query;
        }
    }

code above no error

without return it throws error I mention.

Last updated 2 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

Kyslik kyslik Joined 23 Jul 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
BairesDev
Dotcom-monitor
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X (Twitter) GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise