Searching From Date To Date With Datepicker

dyooolicious · November 7, 2012, 8:19am

I need to make a report, and in the report form there are 2 datePickers so it will pick data from database based on the dates which is chosen. this is my view :


<?php $form=$this->beginWidget('CActiveForm', array(

    'id'=>'page-form',

    'enableAjaxValidation'=>true,

)); ?>


<div class="form">

    <div class="row">

<b>Periode :</b>

<?php

        $this->widget('zii.widgets.jui.CJuiDatePicker', array(

            'name' => 'Pembelian[dari_tgl]',

            'model' => $model,

            'attribute' => 'dari_tgl',

            'options' => array(

                'id'=>'dari_tgl',

                'showAnim' => 'fold',

                'dateFormat' => 'dd-M-yy'

            ),

            'htmlOptions' => array(

                'readonly' => 'readonly',

            ),

        ));

        ?>


s/d


<?php

        $this->widget('zii.widgets.jui.CJuiDatePicker', array(

            'name' => 'Pembelian[sampai_tgl]',

            'model' => $model,

            'attribute' => 'sampai_tgl',

            'options' => array(

                'id'=>'sampai_tgl',

                'showAnim' => 'fold',

                'dateFormat' => 'dd-M-yy'

            ),

            'htmlOptions' => array(

                'readonly' => 'readonly',

            ),

        ));

        ?>


<?php echo CHtml::button('submit', array('id'=>'submit')); ?> 

</br>

<div id="hasil">

</div>

<?php $this->endWidget(); ?>

    </div>

</div>


<?php

Yii::app()->clientScript->registerScript('jquery', "

$('#submit').click(function(){

jQuery.ajax({

'dataType':'json',

'success':function(data){

$('#hasil').html(data.pesan);

},

'type':'POST',

'url':'" . Yii::app()->baseUrl . '/penjualan/ajax_send_data' . "',

'data':jQuery(this).parents('form').serialize()

});

});

");


?>

and in my controller, I add this code :


public function actionAjax_send_data() {

        

        if(!empty($_POST['dari_tgl']) && empty($_POST['sampai_tgl']))

        {

            $criteria = "tgl_penjualan >= '".$_POST['dari_tgl']."'"; 

            $report = Penjualan::model()->findAll($criteria);

            

        }elseif(!empty($_POST['sampai_tgl']) && empty($_POST['dari_tgl']))

        {

            $criteria = "tgl_penjualan <= '".$_POST['sampai_tgl']."'";

            $report = Penjualan::model()->findAll($criteria);

            

        }elseif(!empty($_POST['sampai_tgl']) && !empty($_POST['dari_tgl']))

        {

            $criteria = "tgl_penjualan  >= '".$_POST['dari_tgl']."' and tgl_penjualan <= '".$_POST['sampai_tgl']."'";

            $report = Penjualan::model()->findAll($criteria);

        }

        

        Yii::app()->getClientScript()->scriptMap = array('jquery.js' => false); 

        $table = $this->renderPartial('hasil', array(

            'report' => $report

                ), true, true);




        $data = array(

            'status' => 'ok',

            'pesan' => $table,

        );


        echo CJSON::encode($data);

    }

all these codes won’t give me any value. anyone can help? thanks in advance.

Keith · November 7, 2012, 9:11am

Your code is wide open to SQL injection. You shouldn’t be building your $criteria object by concatenating untrusted strings. Before doing anything else, please look into using parameters.

You also need to change your date format into a format that your database engine understands. Typically yyyy-mm-dd will work. You can either alter your datepicker to provide this date format or you can use PHP’s date conversion tools to convert to the correct format before sending it as part of the database query.

dyooolicious · November 7, 2012, 9:24am

I think you are right about change the date format. I’ll try and reply you the result soon. thanks