我在我的控制器中创建了sqlDataProvider并且它正在工作。我的问题是我不知道如何提供搜索字段,因为我没有使用搜索模型。
这是我控制器中的代码
public function actionAnalisa()
{
$sql = "SELECT
tbl_permohonan.permohonan_id As permohonan_id,
user.id As id,
tbl_moderator.bm_id As bm_id,
tbl_bhgnmod.unit_kampuscawangan As unit_kampuscawangan,
tbl_bahagian.bahagian_nama As bahagian_nama,
tbl_unit.unit_nama As unit_nama
FROM tbl_permohonan
INNER JOIN user
ON tbl_permohonan.user_id=user.id
INNER JOIN tbl_moderator
ON user.id=tbl_moderator.user_id
INNER JOIN tbl_bhgnmod
ON tbl_moderator.bm_id=tbl_bhgnmod.bm_id
INNER JOIN tbl_bahagian
ON tbl_bhgnmod.bahagian_id=tbl_bahagian.bahagian_id
INNER JOIN tbl_unit
ON tbl_bhgnmod.unit_id=tbl_unit.unit_id";
$dataProvider = new SqlDataProvider([
'sql' => $sql,
]);
return $this->render('analisis', [
// 'searchModel' => $searchModel,
'dataProvider' => $dataProvider,
]);
}
这是我认为的
<?= GridView::widget([
'dataProvider' => $dataProvider,
'columns' => [
['class' => 'yii\grid\SerialColumn'],
'permohonan_id',
'id',
'bm_id',
'unit_kampuscawangan',
'bahagian_nama',
'unit_nama',
//~ ['class' => 'yii\grid\ActionColumn'],
],
]); ?>
答案 0 :(得分:4)
我建议不要使用原始SQL,特别是在寻找提供搜索字段时,因为这会在应用程序中提供潜在的漏洞并将其打开,以防止SQL注入攻击。相反,我鼓励使用Yiis查询构建器或DAO,如概述here。
话虽如此,我已使用Yiis内置查询构建器重写了您的代码。
public function actionAnalisa()
{
// store any $_GET parameters passed for filtering via GridView
$params = Yii::$app->request->queryParams;
// use query builder instead of raw SQL to avoid SQL injection attacks
$query = (new Query())
->select([
'permohonan_id' => 'tbl_permohonan.permohonan_id',
'id' => 'user.id',
'bm_id' => 'tbl_moderator.bm_id',
'unit_kampuscawangan' => 'tbl_bhgnmod.unit_kampuscawangan',
'bahagian_nama' => 'tbl_bahagian.bahagian_nama',
'unit_nama' => 'tbl_unit.unit_nama'
])
->from('tbl_permohonan')
->join('INNER JOIN', 'user', 'tbl_permohonan.user_id=user.id')
->join('INNER JOIN', 'tbl_moderator', 'user.id=tbl_moderator.user_id')
->join('INNER JOIN', 'tbl_bhgnmod', 'tbl_moderator.bm_id=tbl_bhgnmod.bm_id')
->join('INNER JOIN', 'tbl_bahagian', 'tbl_bhgnmod.bahagian_id=tbl_bahagian.bahagian_id')
->join('INNER JOIN', 'tbl_unit', 'tbl_bhgnmod.unit_id=tbl_unit.unit_id');
// Adds additional WHERE conditions to the existing query but ignores empty operands
$query->andFilterWhere(['like', 'tbl_permohonan.permohonan_id', $params['pid']])
->andFilterWhere(['like', 'user.id', $params['id']])
->andFilterWhere(['like', 'tbl_moderator.bm_id', $params['bm_id']])
->andFilterWhere(['like', 'tbl_bhgnmod.unit_kampuscawangan', $params['unitk']])
->andFilterWhere(['like', 'tbl_bahagian.bahagian_nama', $params['banama']])
->andFilterWhere(['like', 'tbl_unit.unit_nama', $params['unnama']]);
// an ActiveDataProvider will accept a Query object instead of raw SQL
$dataProvider = new ActiveDataProvider([
'query' => $query,
]);
return $this->render('analisis', [
'dataProvider' => $dataProvider,
]);
}
请记住,您必须将以下内容添加到控制器文件的顶部。
use yii\data\ActiveDataProvider;
use yii\db\Query;
为了在视图文件的GridView中呈现搜索字段,您必须指定filterModel,如here所述。
GridView中的列允许您指定过滤器属性,该属性将使用属性指定的HTML在列顶部呈现过滤器单元格。这些过滤器通过GET自动提交到同一页面,这就是为什么它们已使用此GridView中指定的名称在控制器中处理。
<?
use yii\helpers\Html;
use yii\grid\GridView;
?>
<?= GridView::widget([
'dataProvider' => $dataProvider,
// filterModel must be set to render filter cells within GridView
'filterModel' => true,
'columns' => [
['class' => 'yii\grid\SerialColumn'],
[
// specify attribute to display
'attribute' => 'permohonan_id',
// filter attribute accepts HTML to render
// in this case an input field of type string, with a name of 'pid'
'filter' => Html::input('string', 'pid')
],
[
'attribute' => 'id',
'filter' => Html::input('string', 'id')
],
[
'attribute' => 'bm_id',
'filter' => Html::input('string', 'bmid')
],
[
'attribute' => 'unit_kampuscawangan',
'filter' => Html::input('string', 'unitk')
],
[
'attribute' => 'bahagian_nama',
'filter' => Html::input('string', 'banama')
],
[
'attribute' => 'unit_nama',
'filter' => Html::input('string', 'unnama')
],
],
]); ?>