--- a/displayAgency.php
+++ b/displayAgency.php
@@ -24,12 +24,17 @@
Histograph, overlaying number value reported per week over X years
Compliance statistics: amendments, delay in reporting average and number completely late*/
- $query = "SELECT CNID, description, value, agencyName, category, contractStart, supplierName
- FROM `contractnotice`
- WHERE agencyName = '".mysql_real_escape_string($agency)."'
- ORDER BY value DESC";
- echo $query;
- $result = mysql_query($query);
+ $query = 'SELECT "CNID", "description", "value", "agencyName", "category",
+ "contractStart", "supplierName"
+ FROM contractnotice
+ WHERE "agencyName" = :agency
+ ORDER BY "value" DESC';
+$query = $conn->prepare($query);
+$query->bindParam(":agency", $agency);
+ $query->execute();
+ if (!$query) {
+ databaseError($conn->errorInfo());
+ }
echo "
@@ -41,7 +46,7 @@
| Supplier |
";
- while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
+ foreach ($query->fetchAll() as $row) {
setlocale(LC_MONETARY, 'en_US');
$value = number_format(doubleval($row['value']) , 2);
echo ("
@@ -53,31 +58,33 @@
");
}
echo "
";
- mysql_free_result($result);
} else {
/*
split by portfolio
*/
include_header("Agencies");
- $query = "SELECT SUM(value), agencyName
-FROM `contractnotice`
-WHERE childCN = 0
-GROUP BY agencyName ";
- $result = mysql_query($query);
+ $query = 'SELECT SUM("value"), "agencyName"
+FROM contractnotice
+WHERE "childCN" = 0
+GROUP BY "agencyName" ';
+$query = $conn->prepare($query);
+ $query->execute();
+ if (!$query) {
+ databaseError($conn->errorInfo());
+ }
echo "
| Agency |
Total Contracts Value |
";
- while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
+ foreach ($query->fetchAll() as $row) {
setlocale(LC_MONETARY, 'en_US');
$value = number_format(doubleval($row[0]) , 2);
$agency = stripslashes($row[1]);
echo ("| {$agency} | \$$value |
\n");
}
echo "
";
- mysql_free_result($result);
}
include_footer();
?>