--- a/displayCategory.php
+++ b/displayCategory.php
@@ -1,60 +1,64 @@
-".$_REQUEST['category']."
";
- $query = "SELECT CNID, description, value, agencyName, category, contractStart, supplierName
- FROM `contractnotice`
- WHERE childCN is null
- AND category = '" . $_REQUEST['category'] . "'
- ORDER BY value DESC";
- $result = mysql_query($query);
- echo "
-
- | Contract Notice Number |
- Contract Description |
- Total Contract Value |
- Agency |
- Contract Start Date |
- Supplier |
-
- ";
- while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
- setlocale(LC_MONETARY, 'en_US');
- $value = number_format(doubleval($row['value']) , 2);
- echo ("
- | {$row['CNID']} |
- {$row['description']} |
- \$$value | {$row['agencyName']} |
- {$row['contractStart']} |
- {$row['supplierName']} |
-
");
- }
- echo "
";
- mysql_free_result($result);
-} else {
- /*
- split by main categories
- */
- include_header("Categories");
-$query = "SELECT sum(value), category
-FROM `contractnotice`
-WHERE childCN is null
-GROUP BY category ORDER BY sum(value) DESC ";
-$result = mysql_query($query);
- echo "
-
- | Category |
- Total Contracts Value |
-
- ";
-while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
- setlocale(LC_MONETARY, 'en_US');
- $value = number_format(doubleval($row[0]) , 2);
- echo ("| {$row[1]} | \$$value |
");
-}
-echo "
";
-mysql_free_result($result);
-}
-include_footer();
+".$_REQUEST['category']."
";
+ $query = 'SELECT "CNID", description, value, "agencyName", category, "contractStart", "supplierName"
+ FROM contractnotice
+ WHERE "childCN" is null
+ AND category = :category
+ ORDER BY value DESC';
+$query = $conn->prepare($query);
+$query->bindParam(":category", $_REQUEST['category']);
+ $query->execute();
+ databaseError($conn->errorInfo());
+
+ echo "
+
+ | Contract Notice Number |
+ Contract Description |
+ Total Contract Value |
+ Agency |
+ Contract Start Date |
+ Supplier |
+
+ ";
+ foreach ($query->fetchAll() as $row) {
+ setlocale(LC_MONETARY, 'en_US');
+ $value = number_format(doubleval($row['value']) , 2);
+ echo ("
+ | {$row['CNID']} |
+ {$row['description']} |
+ \$$value | {$row['agencyName']} |
+ {$row['contractStart']} |
+ {$row['supplierName']} |
+
");
+ }
+ echo "
";
+} else {
+ /*
+ split by main categories
+ */
+ include_header("Categories");
+$query = 'SELECT sum(value), category
+FROM contractnotice
+WHERE "childCN" is null
+GROUP BY category ORDER BY sum(value) DESC ';
+$query = $conn->prepare($query);
+ $query->execute();
+ databaseError($conn->errorInfo());
+ echo "
+
+ | Category |
+ Total Contracts Value |
+
+ ";
+ foreach ($query->fetchAll() as $row) {
+ setlocale(LC_MONETARY, 'en_US');
+ $value = number_format(doubleval($row[0]) , 2);
+ echo ("| {$row[1]} | \$$value |
");
+}
+echo "
";
+}
+include_footer();
?>