<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
<head> 
  <title>Book Report</title>
  <link rel="stylesheet" type="text/css" href="../style.css" />
  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
</head> 

<body>

<?php

// function definitions first
function doGetAll($db) {
    $sortby = $_GET['sortby'];

    $possibleSorts = array("time", "lastname", "firstname", "title", "year");

    if (!in_array($sortby, $possibleSorts)) {$sortby = "";}

    if ($sortby == "") {$sortby = "lastname";}
    
    $sql = "select time, lastname, firstname, title, year, location, quotes from bookstuff.entries order by $sortby";

//    $sql = $db->prepare('select time, lastname, firstname, title, year, location, quotes from bookstuff.entries order by :sb');

//   $sql->bindParam(':sb', $sortby, PDO::PARAM_STR);


//  $sql->execute();

   //print "query is: $sql";
   $result = $db->query($sql) or die ("Mysql query failed");

    echo <<<END

     <p>Here are all the books sorted by $sortby:</p>

    <table border=\"1\">
    <tr><th><a href="bookreportpub2.php?sortby=time">Date</a></th>
    <th><a href="bookreportpub2.php?sortby=lastname">Last Name</a></th>
    <th><a href="bookreportpub2.php?sortby=firstname">First Name</a></th>
    <th><a href="bookreportpub2.php?sortby=title">Title</a></th>
    <th><a href="bookreportpub2.php?sortby=year">Year</a></th>
    <th><a href="bookreportpub2.php?sortby=location">Location</a></th>
    <th>Quotes</th></tr>
END;

   foreach ($result as $r) {

//    while ($r = mysql_fetch_array($result)) {
      // This magically sets $xyz to the value of the column named
          // xyz in the current query.
      extract($r);
          // If extract is not used, achieve the same effect by doing
          //  $r["xyz"]
          // Also, mysql_fetch_row returns a regular positional array
          // instead of an associative array.

//    $time = date("D M j G:i:s T Y",$time); 
    $time = date("n/j/Y",$time);

    print "<tr><td>$time</td><td>$lastname</td><td>$firstname</td><td>$title</td><td>$year</td><td>$location</td><td>$quotes</td></tr>";
      }
    print "</table>";
}

   $db = new PDO("mysql:dbname=bookstuff;host=vh216602.truman.edu", 
                  "bookuserSel", "AbQm");


//    $db = mysql_connect("vh216602.truman.edu", "bookuserSel", "AbQm");
 if (!$db) {
    print "Error - Could not connect to mysql";
    exit;
 }

//  $er = mysql_select_db("bookstuff");
// if (!$er) {
//     print "Error - Could not select bookstuff database";
//    exit;
//  }

doGetAll($db);