Добрый день!
Есть страница на которой задаются правила фильтрации для SQL запроса, далее эти данные отправляются для обработки PHP.
<body>
<script type="text/javascript">
function startAjax(url){
var hello=document.getElementById("printResult");
var p1=document.createTextNode("Обновление...");
hello.appendChild(p1);
var request;
if(window.XMLHttpRequest){
request = new XMLHttpRequest();
} else if(window.ActiveXObject){
request = new ActiveXObject("Microsoft.XMLHTTP");
} else {
return;
}
request.onreadystatechange = function(){
switch (request.readyState) {
case 1: break
case 2: break
case 3: break
case 4:{
if(request.status==200){
var xmlDoc = request.responseXML;
var table="<table><tr><th>Дата</th><th>Подразделение</th><th>Тип проблемы</th><th>Описание</th></tr>";
var invent = xmlDoc.getElementsByTagName("view");
for (i = 1; i <invent.length; i++) {
table += "<tr><td>" +invent[i].getElementsByTagName("time")[0].childNodes[0].nodeValue+"</td>";
table +="<td>" +invent[i].getElementsByTagName("Subdivision")[0].childNodes[0].nodeValue +"</td>";
table +="<td>" +invent[i].getElementsByTagName("type_problem")[0].childNodes[0].nodeValue +"</td>";
table +="<td>" +invent[i].getElementsByTagName("Description")[0].childNodes[0].nodeValue +"</td></tr>";
}
table +="</table>";
document.getElementById("printResult").innerHTML = table;
}else if(request.status==404){
alert("Ошибка: запрашиваемый скрипт не найден!");
}
else alert("Ошибка: сервер вернул статус: "+ request.status);
break
}
}
}
request.open ('GET', 'prosm.php', true);
request.send (null);
}
//-----------------------------------------------------------------------------------------------------
//-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
</script>
<h1>Страница Администратора</h1>
<!--------------------------------------------------------------------->
Просмотр списка проблем<br>
Фильтр<br>
<form name="add" action="prosm.php" method="post">
Выберите дату с <input type="date" name="Data1"> по <input type="date" name="Data2"><br>
<!--<input type="text" name="Subdivision" pattern="[A-Za-zА-Яа-яЁё]{1,}" placeholder="Подразделение" value='5 отделение','4 отделение'><br> -->
<select name="Subdivision">
<option selected value="*">Все подразделения</option>
<option value="1 отделение">1 отделение</option>
<option value="2 отделение">2 отделение</option>
<option value="3 отделение">3 отделение</option>
<option value="4 отделение">4 отделение</option>
<option value="5 отделение">5 отделение</option>
</select>
<input type="text" name="type_problem" pattern="[A-Za-zА-Яа-яЁё]{1,}" placeholder="Тип проблемы"><br>
<input type="button" value="Просмотр" onclick="startAjax('prosm.php')">
<div id="printResult"></div>
</form>
<!--------------------------------------------------------------------->
<form action="exit.php" method="post">
<input class="submit-button" type="submit" name="submit" value="Выйти">
</form>
</body>
Проблема в том, что PHP игнорирует условия if в строке 33 и выводит всю таблицу даже если условие ложно.
<?php
session_start();
$aud = $_SESSION['login'];
date_default_timezone_set('Europe/Moscow');
$mysqli = new mysqli("localhost", "root", "", "problem");
header('Content-Type: text/xml; charset=cp1251');
echo '<?xml version="1.0" encoding="cp1251"?>';
echo '<view>';
$type_problem=$_POST['type_problem'];
$Data1=$_POST['Data1'];
$Data2=$_POST['Data2'];
$Subdivision =$_POST['Subdivision'];
/* проверка соединения */
if ($mysqli->connect_errno) {
printf("Соединение не удалось: %s\n", $mysqli->connect_error);
exit();
}
if ((!empty($Data1)) || (!empty($Data2))) {
exit ("Укажите начальную и конечную дату!");
}
/*
if (empty($type_problem)) {
$type_problem = ('*');
}
if (empty($Data1)) {
$Data1 = ('*');
}
if (empty($Data2)) {
$Data2 = ('*');
}*/
if (empty($type_problem) && empty($Data1) && empty($Data2) && $Subdivision = '*') {
$mysqli->query("SET NAMES cp1251");
$query = "SELECT Data,Subdivision,type_problem,Description FROM problem";
if ($result = $mysqli->query($query)) {
while ($row = $result->fetch_assoc()) {
echo '<view><time>'.$row["Data"].'</time><Subdivision>'.$row["Subdivision"].'</Subdivision><type_problem>'.$row["type_problem"].'</type_problem><Description>'.$row["Description"].'</Description></view>';
}
}
}
if ((!empty($type_problem)) && (empty($Data1)) && (empty($Data2)) && ($Subdivision='*')) {
$mysqli->query("SET NAMES cp1251");
$query = "SELECT Data,Subdivision,type_problem,Description FROM problem WHERE type_problem='$type_problem'";
if ($result = $mysqli->query($query)) {
while ($row = $result->fetch_assoc()) {
echo '<view><time>'.$row["Data"].'</time><Subdivision>'.$row["Subdivision"].'</Subdivision><type_problem>'.$row["type_problem"].'</type_problem><Description>'.$row["Description"].'</Description></view>';
}
}
}
if ((empty($type_problem)) && (!empty($Data1)) && (!empty($Data2)) && ($Subdivision='*')) {
$mysqli->query("SET NAMES cp1251");
$query = "SELECT Data,Subdivision,type_problem,Description FROM problem WHERE Data>='$Data1' AND Data<='$Data2'";
if ($result = $mysqli->query($query)) {
while ($row = $result->fetch_assoc()) {
echo '<view><time>'.$row["Data"].'</time><Subdivision>'.$row["Subdivision"].'</Subdivision><type_problem>'.$row["type_problem"].'</type_problem><Description>'.$row["Description"].'</Description></view>';
}
}
}
if ((empty($type_problem)) && (empty($Data1)) && (empty($Data2)) && ($Subdivision=!'*')) {
$mysqli->query("SET NAMES cp1251");
$query = "SELECT Data,Subdivision,type_problem,Description FROM problem WHERE Subdivision='$Subdivision'";
if ($result = $mysqli->query($query)) {
while ($row = $result->fetch_assoc()) {
echo '<view><time>'.$row["Data"].'</time><Subdivision>'.$row["Subdivision"].'</Subdivision><type_problem>'.$row["type_problem"].'</type_problem><Description>'.$row["Description"].'</Description></view>';
}
}
}
if (!(empty($type_problem)) && (!empty($Data1)) && (!empty($Data2)) && ($Subdivision='*')) {
$mysqli->query("SET NAMES cp1251");
$query = "SELECT Data,Subdivision,type_problem,Description FROM problem WHERE type_problem='$type_problem' AND Data>='$Data1' AND Data<='$Data2'";
if ($result = $mysqli->query($query)) {
while ($row = $result->fetch_assoc()) {
echo '<view><time>'.$row["Data"].'</time><Subdivision>'.$row["Subdivision"].'</Subdivision><type_problem>'.$row["type_problem"].'</type_problem><Description>'.$row["Description"].'</Description></view>';
}
}
}
if ((empty($type_problem)) && (!empty($Data1)) && (!empty($Data2)) && ($Subdivision=!'*')) {
$mysqli->query("SET NAMES cp1251");
$query = "SELECT Data,Subdivision,type_problem,Description FROM problem WHERE Subdivision='$Subdivision' AND Data>='$Data1' AND Data<='$Data2'";
if ($result = $mysqli->query($query)) {
while ($row = $result->fetch_assoc()) {
echo '<view><time>'.$row["Data"].'</time><Subdivision>'.$row["Subdivision"].'</Subdivision><type_problem>'.$row["type_problem"].'</type_problem><Description>'.$row["Description"].'</Description></view>';
}
}
}
if ((!empty($type_problem)) && (empty($Data1)) && (empty($Data2)) && ($Subdivision=!'*')) {
$mysqli->query("SET NAMES cp1251");
$query = "SELECT Data,Subdivision,type_problem,Description FROM problem WHERE Subdivision='$Subdivision' AND type_problem='$type_problem'";
if ($result = $mysqli->query($query)) {
while ($row = $result->fetch_assoc()) {
echo '<view><time>'.$row["Data"].'</time><Subdivision>'.$row["Subdivision"].'</Subdivision><type_problem>'.$row["type_problem"].'</type_problem><Description>'.$row["Description"].'</Description></view>';
}
}
}
if ((!empty($type_problem)) && (!empty($Data1)) && (!empty($Data2)) && ($Subdivision=!'*')) {
$mysqli->query("SET NAMES cp1251");
$query = "SELECT Data,Subdivision,type_problem,Description FROM problem WHERE Subdivision='$Subdivision' AND Data>='$Data1' AND Data<='$Data2' AND type_problem='$type_problem'";
if ($result = $mysqli->query($query)) {
while ($row = $result->fetch_assoc()) {
echo '<view><time>'.$row["Data"].'</time><Subdivision>'.$row["Subdivision"].'</Subdivision><type_problem>'.$row["type_problem"].'</type_problem><Description>'.$row["Description"].'</Description></view>';
}
}
}
$mysqli->close();
echo "</view>";
?>