My website allows people to send PM's - just like on Coding Forums - and now I would like to add the ability to SORT PMs BY FIELD.
For security reasons, I have always used PHP Prepared Statements.
Here is a sample Prepared Statement used to populate the User's Inbox...
$q1 = 'SELECT pm.id, r.read_on, r.flag, m.username AS username_from, pm.subject, pm.sent_on
WHERE r.member_id_to = ?
ORDER BY pm.sent_on DESC';
$stmt1 = mysqli_prepare($dbc, $q1);
mysqli_stmt_bind_param($stmt1, 'i', $memberID);
What is the best way to make it so I can add sorting on the columns??
1.) Have a Hard-Coded Query for for each scenario, and then use a Case Statement to branch to the appropriate query??
2.) Can I add a '?' (i.e. Bound Variable) in the "ORDER BY" portion of the query??
3.) Some other approach??
Similar to how Coding Forums does things, I would like it so that the Column Headings in the User's Inbox are hyperlinks, and if you click on one (e.g. "From"), it will be a URL with the "Sort Column" and "Sort Order" in the Query String, and then my PHP can grab that and adjust the query above accordingly.
Hope that makes sense?