somewhat functional notes table (needs improvement)

Controller/NotesController.php

@@ -18,10 +18,19 @@ class NotesController
 
     public function showNotes() 
     {
-        $this->view->setVars([
-            "notes" => $this->notesModel->selectNotes()
-        ]);
+        $sortBy = $_GET['sort_by'] ?? 'updated_at';
+        $sortOrder = strtoupper($_GET['sort_order'] ?? 'DESC');
         
+        // Validate sort order to prevent SQL injection
+        $sortOrder = in_array($sortOrder, ['ASC', 'DESC']) ? $sortOrder : 'DESC';
+        
+        // Validate sort column to prevent SQL injection
+        $validSortColumns = ['id', 'title', 'updated_at', 'created_at'];
+        $sortBy = in_array($sortBy, $validSortColumns) ? $sortBy : 'updated_at';
+        
+        $this->view->setVars([
+            "notes" => $this->notesModel->selectNotesForUser(2, $sortBy, $sortOrder) //$_SESSION['user_id']
+        ]);
     }
 
 }