prepare sql

This commit is contained in:
Felix Ivo 2025-06-16 10:25:46 +02:00
parent b6d51cbc37
commit 5248f1c59c

View File

@ -2,25 +2,40 @@
namespace ppa\Model;
use ppa\Model\ParticipantModel;
use ppb\Library\Msg;
use PDOException;
class NotesModel extends Database
{
public function selectNotesForUser($userid, $sortBy = 'updated_at', $sortOrder = 'DESC')
{
$pdo = $this->linkDB();
$erg=array();
$params=array();
$sql = "SELECT n.*, u.username AS owner_username
FROM notes n
JOIN users u ON n.user_id = u.id
ORDER BY {$sortBy} {$sortOrder}";
ORDER BY :sortBy :sortOrder";
$pdo = $this->linkDB();
$params[':sortBy']=$sortBy;
$params[':sortOrder']=$sortOrder;
try {
$res = $pdo->query($sql);
} catch (\PDOException $e) {
new \ppa\Library\ErrorMsg("Ihre Anfrage konnte nicht verarbeitet werden", $e);
die;
}
$stmt=$pdo->prepare($sql);
$stmt->execute($params);
} catch (PDOException $e) {
new Msg(true, null, $e);
return false;
}
$erg=$stmt->fetchAll(\PDO::FETCH_ASSOC);
return $res->fetchAll(\PDO::FETCH_ASSOC);
foreach($erg as $key=>$row) {
$erg[$key]['id']+=0;
}
return $erg;
}
}