CDbCriteria filter

Yii 1.1 General Discussion
1

Hi :)

I’m trying to filter results for one of our reports.




<?php

...

   public $financial_year;


	public function rules()

	{

		return array(


			array('...

                            financial_year', 

                            'safe', 'on'=>'search'),

		);

	}




        public function search2()

	{


                $criteria=new CDbCriteria;                

                

                $criteria->select= new CDbExpression("


                CASE WHEN extract(month from date_created) >= 7 

                THEN extract(year from date_created)   ||'-'|| extract(year from date_created)+1

                ELSE extract(year from date_created)-1 ||'-'|| extract(year from date_created) 

                END financial_year,

                gang_id,

                count(id) as count");


                                

                if(!empty($this->financial_year)) 

                {

                    

                $criteria->condition ="CASE WHEN extract(month from date_created) >= 7 

                THEN extract(year from date_created)   ||'-'|| extract(year from date_created)+1

                ELSE extract(year from date_created)-1 ||'-'|| extract(year from date_created) 

                END = '$this->financial_year' ";

                

                }


                

                $criteria->group = 'financial_year, gang_id';

                $criteria->compare('gang_id',$this->gang_id);


                

		return new CActiveDataProvider($this, array(

			'criteria'=>$criteria,

                        'sort'=>array(

                            'defaultOrder'=>'financial_year DESC, gang_id'),

                                        'pagination'=>array(

                        'pageSize'=>20,

                    ),

                    

		));

	} 

...

?>

With the above, I am able to filter my result by gang_id but I can’t seem to for financial_year, can someone advise if there’s a better approach to perform these type of queries, since I’ll be using CGridView widget to filter I can’t use CSqlDataProvider.

Thanks!

2

Care to give some details? Does is throw an exception? Display invalid results? Crash? Ignore your filter? Are you using Oracle, pg, mysql, sqlserver?

A wild guess is that your filtering is broken because it uses the same field in "group" and "condition".

BTW, I believe you are prone to SQL injection. Using unvalidated and unquoted user parameters is dangerous. Try inputing ’ in your search field.

3

Of course, Thanks for pointing out the SQL injection. I’m trying to initially get the query working before I start addressing security issues :)

I’m using pg as my database, the issue I’m having is that it ignores my filter “financial_year” , so the filter field goes blank with no filtering on CGridView. (Unfiltered data displayed)

Has anyone come across this? The query that I’m trying to execute (and filter) follows:


SELECT CASE WHEN extract(month from date_created) >= 7 

THEN extract(year from date_created)   ||'-'|| extract(year from date_created)+1

ELSE extract(year from date_created)-1 ||'-'|| extract(year from date_created) 

END financial_year, gang_id, count(id)


FROM single_header


WHERE CASE WHEN extract(month from date_created) >= 7 

THEN extract(year from date_created)   ||'-'|| extract(year from date_created)+1

ELSE extract(year from date_created)-1 ||'-'|| extract(year from date_created) 

END = '2010-2011' and gang_id = 114


GROUP BY financial_year, gang_id

PostgreSQL 9.1

PHP Version => 5.3.3

Yii 1.1.10