Run a different function if the first condition is not met

Question

I should preface this with "I am kind of new to web development." So here it is..

I am working on a page that shows all the results in the database along with who posted the data if a user is an admin ,otherwise, it will show only data that the user has posted without the "who posted the data" row, if the user is not an admin.

To check if the user is an admin or not I have the following code:

$drepturi = $conn->query("SELECT * 
                            FROM rights 
                            WHERE ID = '$loggedinuser'")
                ->fetch_object()
                ->drepturi;

This looks at a separate database table where I have 2 rows, one with the loggedinuser's name and one stating whether they are an "admin" or "user".

I then have and IF statement followed by an else depending on whether $drepturi (the user rights) are = admin/user:

if (($drepturi) == ("admin")) {
    $query = "SELECT * FROM formular ORDER BY $order $sort ";
    $result = mysqli_query($conn, $query);
}elseif (($drepturi) == ("user")) {
    $query = "SELECT * 
                FROM formular 
                WHERE agent ='$loggedinuser' 
                ORDER BY $order $sort ";
    $result = mysqli_query($conn, $query);
} ;

I then show the data in a table that I want to sort differently depending on if the user accessing the data is a "user" or "admin".

The problem I am having is my function won't change depending on the condition.

This is the script i wrote for the function:

if (($drepturi) = ("admin")) {
    function myFunction() {

        var input, filter, table, tr, td, i, txtValue;
        input = document.getElementById('myInput');
        filter = input.value.toUpperCase();
        table = document.getElementById('myTable');
        tr = table.getElementsByTagName('tr');


        for (i = 0; i < tr.length; i++) {
            td = tr[i].getElementsByTagName('td')[3];
            if (td) {
                txtValue = td.textContent || td.innerText;
                if (txtValue.toUpperCase().indexOf(filter) > -1) {
                    tr[i].style.display = '';
                } else {
                    tr[i].style.display = 'none';
                }
            }
        }
    }
}else{
    function myFunction() {

        var input, filter, table, tr, td, i, txtValue;
        input = document.getElementById('myInput');
        filter = input.value.toUpperCase();
        table = document.getElementById('myTable');
        tr = table.getElementsByTagName('tr');


        for (i = 0; i < tr.length; i++) {
            td = tr[i].getElementsByTagName('td')[2];
            if (td) {
                txtValue = td.textContent || td.innerText;
                if (txtValue.toUpperCase().indexOf(filter) > -1) {
                    tr[i].style.display = '';
                } else {
                    tr[i].style.display = 'none';
                }
            }
        }
    }
}

For some reason the filter only works as if $drepturi is = "admin" even if the user logged in is a normal "user".

EDIT: I will post the entire page in case anyone sees something I do not:


<?php
  include_once'header.php';
  include_once'includes/dbh.inc.php';



  if (isset($_SESSION["useruid"])){
        echo "<h1 class='welcomemsg'>Rapoarte pentru: " . $_SESSION["useruid"] . "</h1>";
      
      }
?>





<?php 

      if(isset($_GET['order'])){
        $order = $_GET['order'];
      }
      else {
        $order = 'client';
      }

      if(isset($_GET['sort'])){
        $sort = $_GET['sort'];
      }
      else {
        $sort = 'ASC';
      }
      

      $drepturi = $conn->query("SELECT * FROM rights WHERE ID = '$loggedinuser'")->fetch_object()->drepturi;


if (($drepturi) == ("admin")) {
      $query = "SELECT * FROM formular ORDER BY $order $sort ";
      $result = mysqli_query($conn, $query);
}else {
      $query = "SELECT * FROM formular WHERE agent ='$loggedinuser' ORDER BY $order $sort ";
      $result = mysqli_query($conn, $query);
      
}


if($result = mysqli_query($conn, $query)){
    if(mysqli_num_rows($result) > 0){
$sort == 'DESC' ? $sort = 'ASC' : $sort = 'DESC';

        echo "<input type='text' id='myInput' onkeyup='myFunction()'  placeholder='Search for names..'>";
        echo "<br><table id='myTable' class='table table-responsive-sm table-hover table-dark'>";
        echo "<tbody>";
            echo "<tr>";
                echo "<th><a href='?order=id&&sort=$sort'>ID</a></th>";
                if(($drepturi) == ("admin")){
                echo "<th><a href='?order=id&&sort=$sort'>Agent</a></th>";
                echo "<th><a href='?order=dataZilei&&sort=$sort'>Data</a></th>";
                echo "<th><a href='?order=client&&sort=$sort'>Client</a></th>";
                echo "<th><a href='?order=persoanaIntalnita&&sort=$sort'>Persoana Intalnita</a></th>";
                echo "<th>Tema Principala</a></th>";
                echo "<th><a href='?order=durata&&sort=$sort'>Durata</a></th>";
                echo "<th>Mostre Noi</th>";
                echo "<th>Aspecte Pro</th>";
                echo "<th>Aspecte Contra</th>";
                echo "</tr>";
                } else{
                echo "<th><a href='?order=dataZilei&&sort=$sort'>Data</a></th>";
                echo "<th><a href='?order=client&&sort=$sort'>Client</a></th>";
                echo "<th><a href='?order=persoanaIntalnita&&sort=$sort'>Persoana Intalnita</a></th>";
                echo "<th>Tema Principala</a></th>";
                echo "<th><a href='?order=durata&&sort=$sort'>Durata</a></th>";
                echo "<th>Mostre Noi</th>";
                echo "<th>Aspecte Pro</th>";
                echo "<th>Aspecte Contra</th>";
                echo "</tr>";}
        while($row = mysqli_fetch_array($result)){
            echo "<tr>";
                echo "<td><a class='idFormular' href='raport.php?id=".$row["id"]."'>". $row["id"]. "</a></td>";
                if(($drepturi) == ("admin")){
                echo "<td>" . $row["agent"]. "</td>";
                echo "<td>" . $row["dataZilei"]. "</td>";
                echo "<td>" . $row["client"]. "</td>";
                echo "<td>" .$row["persoanaIntalnita"]. "</td>";
                echo "<td>" . $row["temaPrincipala"]. "</td>";
                echo "<td>" . $row["durata"]. "</td>";
                echo "<td>" . $row["mostreNoi"]. "</td>";
                echo "<td>" . $row["aspectePro"]. "</td>";
                echo "<td>" . $row["aspecteContra"]. "</td>";
            echo "</tr>";
                }else{
                echo "<td>" . $row["dataZilei"]. "</td>";
                echo "<td>" . $row["client"]. "</td>";
                echo "<td>" .$row["persoanaIntalnita"]. "</td>";
                echo "<td>" . $row["temaPrincipala"]. "</td>";
                echo "<td>" . $row["durata"]. "</td>";
                echo "<td>" . $row["mostreNoi"]. "</td>";
                echo "<td>" . $row["aspectePro"]. "</td>";
                echo "<td>" . $row["aspecteContra"]. "</td>";
            echo "</tr>";
        }
        }
        echo "</tbody>";
        echo "</table>";
        echo "<br>";
        // Free result set
        mysqli_free_result($result);
    } else{
        echo "0 rezultate pentru userul logat";
    }
} else{
    echo "Unable to establish database connection!" . mysqli_error($conn);
};

echo "<h1>$drepturi<h1>";


?>

<script>
if (($drepturi) == ("admin")) {
        function myFunction() {

            var input, filter, table, tr, td, i, txtValue;
            input = document.getElementById('myInput');
            filter = input.value.toUpperCase();
            table = document.getElementById('myTable');
            tr = table.getElementsByTagName('tr');


            for (i = 0; i < tr.length; i++) {
                td = tr[i].getElementsByTagName('td')[3];
                if (td) {
                    txtValue = td.textContent || td.innerText;
                    if (txtValue.toUpperCase().indexOf(filter) > -1) {
                        tr[i].style.display = '';
                    } else {
                        tr[i].style.display = 'none';
                    }
                }
            }
        }
    }else{
        function myFunction() {

            var input, filter, table, tr, td, i, txtValue;
            input = document.getElementById('myInput');
            filter = input.value.toUpperCase();
            table = document.getElementById('myTable');
            tr = table.getElementsByTagName('tr');


            for (i = 0; i < tr.length; i++) {
                td = tr[i].getElementsByTagName('td')[1];
                if (td) {
                    txtValue = td.textContent || td.innerText;
                    if (txtValue.toUpperCase().indexOf(filter) > -1) {
                        tr[i].style.display = '';
                    } else {
                        tr[i].style.display = 'none';
                    }
                }
            }
        }

    }</script>


<?php

  include_once'footer.php';

?>

Is there any difference between to the two functions other that the 2 or 3. — Jason K, Dec 18 '20 at 17:49
no, no difference, i simply want it to filter by a different row depending on if they are a user or admin — Cristian Agopian, Dec 18 '20 at 17:49
I would pass that as an parm to the function. cut your code if half. — Jason K, Dec 18 '20 at 17:51
**Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) — Dharman, Dec 18 '20 at 17:51
I have no idea how to do that, i am quite new to functions :P — Cristian Agopian, Dec 18 '20 at 17:54
you define myFunction but where to you call or execute the function? — DCR, Dec 18 '20 at 17:55
echo ""; I call it in the input field before i show the table. — Cristian Agopian, Dec 18 '20 at 17:57
the whole table is too big and i felt like showing the rest of the code is redundant, if it isn't , let me know and i will update the post. — Cristian Agopian, Dec 18 '20 at 17:58
i should also add, if it was not clear from the post, the function after the if works, but it doesn't work after the Else, so if a user is just "user", it will still filter as if they were "admin" — Cristian Agopian, Dec 18 '20 at 17:59
I have just seen that using "==" instead of just 1 "=" in the formula gives me an error that says $drepturi is undefined and the formula does not work anymore. — Cristian Agopian, Dec 18 '20 at 18:10
i might be wrong as its been a while since i used php but in the script section you have written if (($drepturi) == ("admin")) however $drepturi is a php variable and should not be available in javascript...using it inside the php tags would resolve it — akhalid7, Dec 19 '20 at 18:39

score 0 · Answer 1 · answered Jan 05 '21 at 10:21

0

The answer, as str7 has said, is that you cannot use php variables in javascript.

answered Jan 05 '21 at 10:21

Cristian Agopian

1
2

Run a different function if the first condition is not met

1 Answers1