修改 搜尋 以數字帶入sql會產生錯誤

index.php

@@ -746,10 +746,7 @@ if (!isset($_SESSION['loggedin'])) {
 							<label id="header"></label>
 						</li>
 						<li class="right">
-							<div class="input-group input-search" style="table-layout: auto;"><input type="text" class="form-control" name="search" id="search" placeholder="Search..."><span class="input-group-btn"><button class="btn btn-default" id="btn-search"><i class="fa fa-search"></i></button></span></div>
-						</li>
-						<li class="right">
-							<a class="mb-xs mt-xs mr-xs modal-with-move-anim btn btn-default" href="#advancedSearch">進階搜尋</a>
+							<a class="mb-xs mt-xs mr-xs modal-with-move-anim btn btn-default" href="#advancedSearch"><i class="fa fa-search"></i> 進階搜尋</a>
 						</li>
 					</ul>
 				</header>

script/js/jstreeAJAX.js

@@ -533,38 +533,98 @@ $(document).ready(function () {
         }
     }
 
-    function show_filter(filter_base_data) {
-        show_notes = false;
-        $("#search-filter button").css("display", "none");
-        filter_base_data["category"].forEach(element => {
-            id = "f-c" + element;
-            $("#" + id).css("display", "inline-block");
-        });
-        filter_base_data["project"].forEach(element => {
-            id = "f-p" + element;
-            $("#" + id).css("display", "inline-block");
+    var search_output = {};
+    var search_word = ""
+    $("#advanced-search-button").on("click", function (e) {
+        show_progress_bar(true);
+        update_progress_bar();
+        
+        $.ajax({
+            url: "./script/php/get_search_list.php",
+            data: {
+                project_id: [''].concat(search_data["project"]),
+                type_id: [''].concat(search_data["type"]),
+                notes_name: [''].concat(search_data["notes"].filter(element => {return element !== undefined;})),
+                search: $("#search-word").val(),
+            },
+            type: "GET",
+            dataType: "json",
+            contentType: "application/json",
+            async: false
+        }).success(function (response) {
+            displayDetail(true);
+            search_output = response;
+            search_word = $("#search-word").val();
+            filter_base_data = search_data;
+        }).error(function(error) {
+            console.log(error);
         });
-        filter_base_data["type"].forEach(element => {
-            id = "f-t" + element;
-            $("#" + id).css("display", "inline-block");
-            if(element == "3"){
-                show_notes = true;
+        
+        setTimeout(() => {
+            draw_datatable(search_output);
+            e.preventDefault();
+            $.magnificPopup.close();
+
+            if($("#search-filter").css("display") != "none") {
+                $("#search-filter").slideUp(200);
+                $("#filter-slide").toggleClass("fa-sort-desc fa-sort-up");
             }
-        });
-        if(show_notes) {
-            $("#filter_notes").css("display", "block");
-            filter_base_data["notes"].forEach(element => {
-                $("#f-notes button").each(function() {
-                    if($(this).text() == element) {
-                        $(this).css("display", "inline-block");
-                    }
-                });
-            });
-        } else {
-            $("#filter_notes").css("display", "none");
+            $("#search-filter-panel-body .btn-default").toggleClass("btn-primary btn-default");
+            show_filter(filter_base_data);
+            show_progress_bar(false);
+        }, 0);
+    });
+
+    function draw_datatable(search_output) {
+        table.clear().draw();
+
+        for (i = 0; i < search_output.length; i++) {
+            table.row.add([
+                search_output[i]["SN"],
+                search_output[i]["original_name"],
+                search_output[i]["keyword"],
+                '1.0.0',
+                '',
+                search_output[i]["project_id"],
+                search_output[i]["project_name"],
+                search_output[i]["type_id"],
+                search_output[i]["category_name"],
+                search_output[i]["notes"],
+                search_output[i]["filename"],
+            ])
+            table.draw();
+
+            // progress_bar_value = (i/search_output.length)*100
+            // update_progress_bar();
         }
     }
 
+    function reset_filter_search_output(){
+        output_data = [];
+        click_option = get_filter_click("btn-primary");
+
+        $.ajax({
+            url: "./script/php/get_search_list.php",
+            data: {
+                project_id: [''].concat(click_option["project"]),
+                type_id: [''].concat(click_option["type"]),
+                notes_name: [''].concat(click_option["notes"]),
+                search: search_word
+            },
+            type: "GET",
+            dataType: "json",
+            contentType: "application/json",
+            async: false
+        }).success(function (response) {
+            displayDetail(true);
+            search_output = response;
+        }).error(function(error) {
+            console.log(error);
+        });
+
+        draw_datatable(search_output);
+    }
+
     function get_filter_click(click_class){
         click_id_list = {
             "category": [],
@@ -602,6 +662,38 @@ $(document).ready(function () {
         return click_id_list;
     }
 
+    function show_filter(filter_base_data) {
+        show_notes = false;
+        $("#search-filter button").css("display", "none");
+        filter_base_data["category"].forEach(element => {
+            id = "f-c" + element;
+            $("#" + id).css("display", "inline-block");
+        });
+        filter_base_data["project"].forEach(element => {
+            id = "f-p" + element;
+            $("#" + id).css("display", "inline-block");
+        });
+        filter_base_data["type"].forEach(element => {
+            id = "f-t" + element;
+            $("#" + id).css("display", "inline-block");
+            if(element == "3"){
+                show_notes = true;
+            }
+        });
+        if(show_notes) {
+            $("#filter_notes").css("display", "block");
+            filter_base_data["notes"].forEach(element => {
+                $("#f-notes button").each(function() {
+                    if($(this).text() == element) {
+                        $(this).css("display", "inline-block");
+                    }
+                });
+            });
+        } else {
+            $("#filter_notes").css("display", "none");
+        }
+    }
+
     var progress_bar_value = 0;
     function update_progress_bar() {
         var i=0;
@@ -630,98 +722,6 @@ $(document).ready(function () {
             // $("#progress-bars").parent().css("display", "none");
         }
     }
-    
-    function draw_datatable(search_output) {
-        table.clear().draw();
-
-        for (i = 0; i < search_output.length; i++) {
-            table.row.add([
-                search_output[i]["SN"],
-                search_output[i]["original_name"],
-                search_output[i]["keyword"],
-                '1.0.0',
-                '',
-                search_output[i]["project_id"],
-                search_output[i]["project_name"],
-                search_output[i]["type_id"],
-                search_output[i]["category_name"],
-                search_output[i]["notes"],
-                search_output[i]["filename"],
-            ])
-            table.draw();
-
-            // progress_bar_value = (i/search_output.length)*100
-            // update_progress_bar();
-        }
-    }
-
-    function reset_filter_search_output(){
-        output_data = [];
-        click_option = get_filter_click("btn-primary");
-
-        $.ajax({
-            url: "./script/php/get_search_list.php",
-            data: {
-                project_id: click_option["project"],
-                type_id: click_option["type"],
-                notes_name: [''].concat(click_option["notes"]),
-                search: search_word
-            },
-            type: "GET",
-            dataType: "json",
-            contentType: "application/json",
-            async: false
-        }).success(function (response) {
-            displayDetail(true);
-            search_output = response;
-        }).error(function(error) {
-            console.log(error);
-        });
-
-        draw_datatable(search_output);
-    }
-
-    var search_output = {};
-    var search_word = ""
-    $("#advanced-search-button").on("click", function (e) {
-        show_progress_bar(true);
-        update_progress_bar();
-        
-        $.ajax({
-            url: "./script/php/get_search_list.php",
-            data: {
-                project_id: search_data["project"],
-                type_id: search_data["type"],
-                notes_name: [''].concat(search_data["notes"].filter(element => {return element !== undefined;})),
-                search: $("#search-word").val(),
-            },
-            type: "GET",
-            dataType: "json",
-            contentType: "application/json",
-            async: false
-        }).success(function (response) {
-            displayDetail(true);
-            search_output = response;
-            search_word = $("#search-word").val();
-            filter_base_data = search_data;
-        }).error(function(error) {
-            console.log(error);
-        });
-        
-        setTimeout(() => {
-            draw_datatable(search_output);
-            e.preventDefault();
-            $.magnificPopup.close();
-
-            if($("#search-filter").css("display") != "none") {
-                $("#search-filter").slideUp(200);
-                $("#filter-slide").toggleClass("fa-sort-desc fa-sort-up");
-            }
-            $("#search-filter-panel-body .btn-default").toggleClass("btn-primary btn-default");
-            show_filter(filter_base_data);
-            show_progress_bar(false);
-        }, 0);
-    });
 
     $("#filter-slide").on("click", function (e) {
         if($("#search-filter").css("display") == "block"){
@@ -753,7 +753,20 @@ $(document).ready(function () {
             }
         });
         sub_project_list.forEach(element => {
-            $("#f-p" + element).toggleClass("btn-primary btn-default");
+            if($(this).hasClass("btn-primary")) {
+                if($("#f-p" + element).hasClass("btn-default")){
+                    $("#f-p" + element).toggleClass("btn-primary btn-default");
+                }
+            } else {
+                if($("#f-p" + element).hasClass("btn-primary")){
+                    $("#f-p" + element).toggleClass("btn-primary btn-default");
+                }
+            }
+
+            click_option = get_filter_click("btn-primary");
+            if(click_option["category"].length == 0) {
+                table.clear().draw();
+            }
         });
 
         reset_filter_search_output();

script/php/get_search_list.php

@@ -1,10 +1,9 @@
 <?php
 
 if (isset($_GET['project_id'])) {
-
     include("sql.php");
-    $project_id = implode(", ", $_GET['project_id']);
-    $type_id = implode(", ", $_GET['type_id']);
+    $project_id = implode("', '", $_GET['project_id']);
+    $type_id = implode("', '", $_GET['type_id']);
     $notes_name = implode("', '", $_GET['notes_name']);
     $search = $_GET['search'];
     $array = [];
@@ -15,11 +14,11 @@ if (isset($_GET['project_id'])) {
         die(print_r(sqlsrv_errors(), true));
     }
 
-    if(str_contains($type_id, '3')) {
+    if(in_array("3", $_GET['type_id'])) {
         $sql = "SELECT DISTINCT [Blueprint].[project_id],[SN],[original_name],[filename],[project_name],[type_id],[category_name],[notes],[keyword] FROM [21000X].[dbo].[Blueprint]
             INNER JOIN [Project_Table] ON [Blueprint].[project_id] = [Project_Table].[project_id] 
             INNER JOIN [Construction_Category] ON [Project_Table].[category_id] = [Construction_Category].[category_id]
-            WHERE [Blueprint].[project_id] IN ($project_id) AND [type_id] IN ($type_id) AND [notes] IN ('$notes_name') 
+            WHERE [Blueprint].[project_id] IN ('$project_id') AND [type_id] IN ('$type_id') AND [notes] IN ('$notes_name') 
             AND CONCAT(
                 [Blueprint].[project_id] ,' '
                 ,[SN] ,' '
@@ -32,7 +31,7 @@ if (isset($_GET['project_id'])) {
             SELECT DISTINCT [File_Table].[project_id],[SN],[original_name],[filename],[project_name],[type_id],[category_name],null,[keyword] FROM [21000X].[dbo].[File_Table]
             INNER JOIN [Project_Table] ON [File_Table].[project_id] = [Project_Table].[project_id]
             INNER JOIN [Construction_Category] ON [Project_Table].[category_id] = [Construction_Category].[category_id]
-            WHERE [File_Table].[project_id] IN ($project_id) AND [type_id] IN ($type_id)
+            WHERE [File_Table].[project_id] IN ('$project_id') AND [type_id] IN ('$type_id')
             AND CONCAT(
                 [File_Table].[project_id],' '
                 ,[SN],' '
@@ -43,7 +42,7 @@ if (isset($_GET['project_id'])) {
         $sql = "SELECT DISTINCT [File_Table].[project_id],[SN],[original_name],[filename],[project_name],[type_id],[category_name],null,[keyword] FROM [21000X].[dbo].[File_Table]
             INNER JOIN [Project_Table] ON [File_Table].[project_id] = [Project_Table].[project_id]
             INNER JOIN [Construction_Category] ON [Project_Table].[category_id] = [Construction_Category].[category_id]
-            WHERE [File_Table].[project_id] IN ($project_id) AND [type_id] IN ($type_id)
+            WHERE [File_Table].[project_id] IN ('$project_id') AND [type_id] IN ('$type_id')
             AND CONCAT(
                 [File_Table].[project_id],' '
                 ,[SN],' '