diff --git a/admin/templates/request/conditions.tpl b/admin/templates/request/conditions.tpl index fcf5da3..c0af58a 100644 --- a/admin/templates/request/conditions.tpl +++ b/admin/templates/request/conditions.tpl @@ -47,7 +47,7 @@ - {foreach from=$fields_list item=field_group} diff --git a/functions/func.parserequest.php b/functions/func.parserequest.php index 7f1968e..a31b98c 100644 --- a/functions/func.parserequest.php +++ b/functions/func.parserequest.php @@ -134,21 +134,21 @@ function request_get_settings ($id) { global $AVE_DB; - // Получаем информацию о запросе + // Модифицированный запрос: джойним настройки поля, выбранного для сортировки $sql = " SELECT - #REQUEST SETTINGS = " . $id . " - * + r.*, + f.rubric_field_numeric AS order_field_is_numeric FROM - " . PREFIX . "_request + " . PREFIX . "_request AS r + LEFT JOIN + " . PREFIX . "_rubric_fields AS f ON f.Id = r.request_order_by_nat WHERE - " . (is_numeric($id) ? 'Id' : 'request_alias') . " = '" . $id . "' + " . (is_numeric($id) ? 'r.Id' : 'r.request_alias') . " = '" . $id . "' "; - // Выполняем запрос с учетом кеширования $reqest_settings = $AVE_DB->Query($sql, -1, 'rqs_' . $id, true, '.settings')->FetchRow(); - // Выходим, если нет запроса if (! is_object($reqest_settings)) return ''; else @@ -194,20 +194,22 @@ function request_get_condition_sql_string($id) } } - // Теперь мы можем безопасно запросить условия, используя гарантированный ID. +// Теперь мы тянем не только условия, но и тип поля из таблицы определений $sql_ak = $AVE_DB->Query( " SELECT - condition_field_id, - condition_value, - condition_compare, - condition_join - FROM " . PREFIX . "_request_conditions + c.condition_field_id, + c.condition_value, + c.condition_compare, + c.condition_join, + f.rubric_field_numeric -- Добавляем информацию о типе поля + FROM " . PREFIX . "_request_conditions AS c + LEFT JOIN " . PREFIX . "_rubric_fields AS f ON f.Id = c.condition_field_id WHERE - request_id = '" . $request_settings->Id . "' - AND condition_status = '1' + c.request_id = '" . $request_settings->Id . "' + AND c.condition_status = '1' ORDER BY - condition_position ASC; + c.condition_position ASC; ", -1, 'rqc_' . $request_settings->Id, @@ -229,7 +231,7 @@ function request_get_condition_sql_string($id) } } - while ($row_ak = $sql_ak->FetchRow()) +while ($row_ak = $sql_ak->FetchRow()) { $fid = $row_ak->condition_field_id; @@ -238,19 +240,40 @@ function request_get_condition_sql_string($id) if ($i) $from[] = "JOIN " . PREFIX . "_document_fields AS t$i ON t$i.document_id = t0.document_id"; $val = $row_ak->condition_value; + + // Проверяем флаг числа + $is_num = ($row_ak->rubric_field_numeric == 1); + + // Формируем имя колонки + $col = $is_num ? "t$i.field_number_value" : "t$i.field_value"; + + // ПОДГОТОВКА ЗНАЧЕНИЯ: + // Если число — строго (float) без кавычек. Если строка — экранируем и в кавычки. + if ($is_num) { + $val_sql = (float)str_replace(',', '.', $val); // Заменяем запятую на точку на всякий случай + } else { + $val_sql = "'" . $AVE_DB->Escape($val) . "'"; + } + + $val_esc = $AVE_DB->Escape($val); - switch ($row_ak->condition_compare) + // Убираем лишние пробелы из условия для корректного срабатывания switch + $compare = trim($row_ak->condition_compare); + + switch ($compare) { - case ' <': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value < '" . $AVE_DB->Escape($val) . "'"; break; - case ' >': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value > '" . $AVE_DB->Escape($val) . "'"; break; - case '<=': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value <= '" . $AVE_DB->Escape($val) . "'"; break; - case '>=': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value >= '" . $AVE_DB->Escape($val) . "'"; break; - case '==': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value = '" . $AVE_DB->Escape($val) . "'"; break; - case '!=': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value != '" . $AVE_DB->Escape($val) . "'"; break; - case '%%': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value LIKE '%" . $AVE_DB->Escape($val) . "%'"; break; - case '%': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value LIKE '" . $AVE_DB->Escape($val) . "%'"; break; - case '--': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value NOT LIKE '%" . $AVE_DB->Escape($val) . "%'"; break; - case '!-': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value NOT LIKE '" . $AVE_DB->Escape($val) . "%'"; break; + case '<': $where[] = "t$i.rubric_field_id = $fid AND $col < $val_sql"; break; + case '>': $where[] = "t$i.rubric_field_id = $fid AND $col > $val_sql"; break; + case '<=': $where[] = "t$i.rubric_field_id = $fid AND $col <= $val_sql"; break; + case '>=': $where[] = "t$i.rubric_field_id = $fid AND $col >= $val_sql"; break; + case '==': $where[] = "t$i.rubric_field_id = $fid AND $col = $val_sql"; break; + case '!=': $where[] = "t$i.rubric_field_id = $fid AND $col != $val_sql"; break; + + // LIKE всегда по текстовому полю + case '%%': $where[] = "t$i.rubric_field_id = $fid AND t$i.field_value LIKE '%$val_esc%'"; break; + case '%': $where[] = "t$i.rubric_field_id = $fid AND t$i.field_value LIKE '$val_esc%'"; break; + case '--': $where[] = "t$i.rubric_field_id = $fid AND t$i.field_value NOT LIKE '%$val_esc%'"; break; + case '!-': $where[] = "t$i.rubric_field_id = $fid AND t$i.field_value NOT LIKE '$val_esc%'"; break; } if ($i || $row_ak->condition_join == 'AND') ++$i; @@ -681,12 +704,14 @@ function request_parse($id) ? "GROUP BY a.Id" : ""; - if ($request_order_by_nat != 0) { - $join_fields = "LEFT JOIN " . PREFIX . "_document_fields AS d ON a.Id = d.document_id"; - $where_fields = "AND d.rubric_field_id = " . intval($request_order_by_nat); - $select_fields = ", d.field_value, d.rubric_field_id"; - $order_by = "ORDER BY d.field_value " . ($request_asc_desc === 'DESC' ? 'DESC' : 'ASC'); - } else { +if ($request_order_by_nat != 0) { + $sort_col = ($request->order_field_is_numeric == 1) ? 'd.field_number_value' : 'd.field_value'; + + $join_fields = "LEFT JOIN " . PREFIX . "_document_fields AS d ON a.Id = d.document_id"; + $where_fields = "AND d.rubric_field_id = " . intval($request_order_by_nat); + $select_fields = ", " . $sort_col . " AS sort_val"; + $order_by = "ORDER BY sort_val " . ($request_asc_desc === 'DESC' ? 'DESC' : 'ASC'); +} else { $join_fields = ""; $where_fields = ""; $select_fields = ""; diff --git a/inc/query_variants/safe_files/admin/templates/request/conditions.tpl b/inc/query_variants/safe_files/admin/templates/request/conditions.tpl index fcf5da3..c0af58a 100644 --- a/inc/query_variants/safe_files/admin/templates/request/conditions.tpl +++ b/inc/query_variants/safe_files/admin/templates/request/conditions.tpl @@ -47,7 +47,7 @@ - {foreach from=$fields_list item=field_group} diff --git a/inc/query_variants/safe_files/functions/func.parserequest.php b/inc/query_variants/safe_files/functions/func.parserequest.php index 7f1968e..a31b98c 100644 --- a/inc/query_variants/safe_files/functions/func.parserequest.php +++ b/inc/query_variants/safe_files/functions/func.parserequest.php @@ -134,21 +134,21 @@ function request_get_settings ($id) { global $AVE_DB; - // Получаем информацию о запросе + // Модифицированный запрос: джойним настройки поля, выбранного для сортировки $sql = " SELECT - #REQUEST SETTINGS = " . $id . " - * + r.*, + f.rubric_field_numeric AS order_field_is_numeric FROM - " . PREFIX . "_request + " . PREFIX . "_request AS r + LEFT JOIN + " . PREFIX . "_rubric_fields AS f ON f.Id = r.request_order_by_nat WHERE - " . (is_numeric($id) ? 'Id' : 'request_alias') . " = '" . $id . "' + " . (is_numeric($id) ? 'r.Id' : 'r.request_alias') . " = '" . $id . "' "; - // Выполняем запрос с учетом кеширования $reqest_settings = $AVE_DB->Query($sql, -1, 'rqs_' . $id, true, '.settings')->FetchRow(); - // Выходим, если нет запроса if (! is_object($reqest_settings)) return ''; else @@ -194,20 +194,22 @@ function request_get_condition_sql_string($id) } } - // Теперь мы можем безопасно запросить условия, используя гарантированный ID. +// Теперь мы тянем не только условия, но и тип поля из таблицы определений $sql_ak = $AVE_DB->Query( " SELECT - condition_field_id, - condition_value, - condition_compare, - condition_join - FROM " . PREFIX . "_request_conditions + c.condition_field_id, + c.condition_value, + c.condition_compare, + c.condition_join, + f.rubric_field_numeric -- Добавляем информацию о типе поля + FROM " . PREFIX . "_request_conditions AS c + LEFT JOIN " . PREFIX . "_rubric_fields AS f ON f.Id = c.condition_field_id WHERE - request_id = '" . $request_settings->Id . "' - AND condition_status = '1' + c.request_id = '" . $request_settings->Id . "' + AND c.condition_status = '1' ORDER BY - condition_position ASC; + c.condition_position ASC; ", -1, 'rqc_' . $request_settings->Id, @@ -229,7 +231,7 @@ function request_get_condition_sql_string($id) } } - while ($row_ak = $sql_ak->FetchRow()) +while ($row_ak = $sql_ak->FetchRow()) { $fid = $row_ak->condition_field_id; @@ -238,19 +240,40 @@ function request_get_condition_sql_string($id) if ($i) $from[] = "JOIN " . PREFIX . "_document_fields AS t$i ON t$i.document_id = t0.document_id"; $val = $row_ak->condition_value; + + // Проверяем флаг числа + $is_num = ($row_ak->rubric_field_numeric == 1); + + // Формируем имя колонки + $col = $is_num ? "t$i.field_number_value" : "t$i.field_value"; + + // ПОДГОТОВКА ЗНАЧЕНИЯ: + // Если число — строго (float) без кавычек. Если строка — экранируем и в кавычки. + if ($is_num) { + $val_sql = (float)str_replace(',', '.', $val); // Заменяем запятую на точку на всякий случай + } else { + $val_sql = "'" . $AVE_DB->Escape($val) . "'"; + } + + $val_esc = $AVE_DB->Escape($val); - switch ($row_ak->condition_compare) + // Убираем лишние пробелы из условия для корректного срабатывания switch + $compare = trim($row_ak->condition_compare); + + switch ($compare) { - case ' <': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value < '" . $AVE_DB->Escape($val) . "'"; break; - case ' >': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value > '" . $AVE_DB->Escape($val) . "'"; break; - case '<=': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value <= '" . $AVE_DB->Escape($val) . "'"; break; - case '>=': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value >= '" . $AVE_DB->Escape($val) . "'"; break; - case '==': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value = '" . $AVE_DB->Escape($val) . "'"; break; - case '!=': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value != '" . $AVE_DB->Escape($val) . "'"; break; - case '%%': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value LIKE '%" . $AVE_DB->Escape($val) . "%'"; break; - case '%': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value LIKE '" . $AVE_DB->Escape($val) . "%'"; break; - case '--': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value NOT LIKE '%" . $AVE_DB->Escape($val) . "%'"; break; - case '!-': $where[] = "t$i.rubric_field_id = " . $fid . " AND t$i.field_value NOT LIKE '" . $AVE_DB->Escape($val) . "%'"; break; + case '<': $where[] = "t$i.rubric_field_id = $fid AND $col < $val_sql"; break; + case '>': $where[] = "t$i.rubric_field_id = $fid AND $col > $val_sql"; break; + case '<=': $where[] = "t$i.rubric_field_id = $fid AND $col <= $val_sql"; break; + case '>=': $where[] = "t$i.rubric_field_id = $fid AND $col >= $val_sql"; break; + case '==': $where[] = "t$i.rubric_field_id = $fid AND $col = $val_sql"; break; + case '!=': $where[] = "t$i.rubric_field_id = $fid AND $col != $val_sql"; break; + + // LIKE всегда по текстовому полю + case '%%': $where[] = "t$i.rubric_field_id = $fid AND t$i.field_value LIKE '%$val_esc%'"; break; + case '%': $where[] = "t$i.rubric_field_id = $fid AND t$i.field_value LIKE '$val_esc%'"; break; + case '--': $where[] = "t$i.rubric_field_id = $fid AND t$i.field_value NOT LIKE '%$val_esc%'"; break; + case '!-': $where[] = "t$i.rubric_field_id = $fid AND t$i.field_value NOT LIKE '$val_esc%'"; break; } if ($i || $row_ak->condition_join == 'AND') ++$i; @@ -681,12 +704,14 @@ function request_parse($id) ? "GROUP BY a.Id" : ""; - if ($request_order_by_nat != 0) { - $join_fields = "LEFT JOIN " . PREFIX . "_document_fields AS d ON a.Id = d.document_id"; - $where_fields = "AND d.rubric_field_id = " . intval($request_order_by_nat); - $select_fields = ", d.field_value, d.rubric_field_id"; - $order_by = "ORDER BY d.field_value " . ($request_asc_desc === 'DESC' ? 'DESC' : 'ASC'); - } else { +if ($request_order_by_nat != 0) { + $sort_col = ($request->order_field_is_numeric == 1) ? 'd.field_number_value' : 'd.field_value'; + + $join_fields = "LEFT JOIN " . PREFIX . "_document_fields AS d ON a.Id = d.document_id"; + $where_fields = "AND d.rubric_field_id = " . intval($request_order_by_nat); + $select_fields = ", " . $sort_col . " AS sort_val"; + $order_by = "ORDER BY sort_val " . ($request_asc_desc === 'DESC' ? 'DESC' : 'ASC'); +} else { $join_fields = ""; $where_fields = ""; $select_fields = "";