Board index   FAQ   Search  
Register  Login
Board index php forum :: php coding PHP coding => General

switch problem...i think

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

switch problem...i think

Postby Virtuoso » Wed Jul 23, 2003 4:17 pm

Why does the switch keep going into the default stage?


URL is:
...edit.php?action=guest_delete&id=10

Code: Select all
<?php
include('variables.php');
if ($_COOKIE[le_username] == '')
{
   die('You do not have permission to edit this post');
}
$connection = mysql_connect($host,$dbuser,$dbpassword);
$db = mysql_select_db($database);
$query_posts = "SELECT * FROM posts WHERE id='$_GET[id]'";
$result_posts = mysql_query($query_posts);
$row_posts = mysql_fetch_array($result_posts);
$query_visitor = "SELECT * FROM members WHERE username='$_COOKIE[le_username]'";
$result_visitor = mysql_query($query_visitor);
$row_visitor = mysql_fetch_array($result_visitor);
echo $_GET[action];
echo $_GET[id];
switch (@$_GET[action])
{
   case "guest_delete":
      if ($row_visitor[position] != 'administrator')
      {
         die('You do not have permission to edit this post');
      }
      $query_drop_post = "DELETE posts WHERE id='$_GET[id]'";
      $result_drop_post = mysql_query($query_drop_post);
      BREAK;
   case "member_delete":
      if ($row_posts[name] != $_COOKIE[le_username] && $row_visitor[position] != 'administrator')
      {
         die('You do not have permission to edit this post');
      }
      $query_member = "SELECT * FROM members WHERE username='$row_posts[name]'";
      $result_member = mysql_query($query_member);
      $row_member = mysql_fetch_array($result_member);
      $updated_post = $row_member[posts]-1;
      $query_post_update = "UPDATE members SET posts='$updated_post' WHERE username='$row_post[name]'";      
      $result_post_update = mysql_query($query_post_update);      
      $query_drop_post = "DELETE posts WHERE id='$_GET[id]'";
      $result_drop_post = mysql_query($query_drop_post);
      BREAK;
   default:
      die('error');
}
header ("Location: index.php");
User avatar
Virtuoso
php-forum Active User
php-forum Active User
 
Posts: 268
Joined: Mon Jul 21, 2003 7:05 am

Re: switch problem...i think

Postby swirlee » Wed Jul 23, 2003 5:12 pm

Virtuoso wrote:Why does the switch keep going into the default stage?


I'm not entirely sure, but I do notice several problems with your script.

First of all, you seem to be calling all of your associative arrays like $array[key]. Though this may work, it is deprecated functionality and, well, wrong. Associative array keys must be specified as strings, e.g. $array['key'].

In other words, where you have $_COOKIE[le_username], $_GET[action], and $row_posts[name], you should have $_COOKIE['le_username'], $_GET['action'], and $row_posts['name']. This is only true for associative indexes (numeric indexes like $array[0] do not require quotes) and if you have a string in a variable you don't need the quotes (e.g. $array[$string], not $array["$string"]). Refer to the section called "Array do's and don'ts" on this page for more information.

Next problem: header ("Location: index.php"); First of all, it seems as though in every case you're echoing something before you send this header. This is not allowed by the HTTP spec -- headers must be sent before any other output. See the header() documentation for more information (look for the paragraph that starts with "Remember that header() must be called before any actual output is sent...").

Lastly, and this is just a small thing, putting @ (the error-control operator) in front of $_GET['action'] is useless, because there's absolutely no case in which returning the value of $_GET['action'] could generate an error. So, using @$_GET['action'] won't hurt anything, but it also won't ever do anything useful.
User avatar
swirlee
Moderator
Moderator
 
Posts: 2272
Joined: Sat Jul 05, 2003 1:18 pm
Location: A bunk in the back

Postby Virtuoso » Wed Jul 23, 2003 5:49 pm

if i have to do have ',
how do I do this
Code: Select all
$query_drop_post = "DELETE posts WHERE id='$_GET[id]'";

do i do this?
Code: Select all
$query_drop_post = "DELETE posts WHERE id='$_GET['id']'";
im not sure cause the i might have too many 's
or do I do:
Code: Select all
$query_drop_post = "DELETE posts WHERE id='$_GET["id"]'";

or should I just rename the variable?
Last edited by Virtuoso on Wed Jul 23, 2003 6:54 pm, edited 1 time in total.
User avatar
Virtuoso
php-forum Active User
php-forum Active User
 
Posts: 268
Joined: Mon Jul 21, 2003 7:05 am

Postby Virtuoso » Wed Jul 23, 2003 6:42 pm

oh yeah, the edit, which is similar to the delete works fine though.

URL:
...edit.php?action=member_edit&id=8

Code: Select all
<?php
$title = 'Post Site Index';
include('header.php');
if ($_COOKIE[le_username] == '')
{
   die('You do not have permission to edit this post');
}
$connection = mysql_connect($host,$dbuser,$dbpassword);
$db = mysql_select_db($database);
$query_posts = "SELECT * FROM posts WHERE id='$_GET[id]'";
$result_posts = mysql_query($query_posts);
$row_posts = mysql_fetch_array($result_posts);
$query_visitor = "SELECT * FROM members WHERE username='$_COOKIE[le_username]'";
$result_visitor = mysql_query($query_visitor);
$row_visitor = mysql_fetch_array($result_visitor);
?>
<form method="post" action="edit_query.php">
<?php
switch (@$_GET[action])
{
   case "guest_edit":
      if ($row_visitor[position] != 'administrator')
      {
         die('You do not have permission to edit this postoo');
      }
      echo '<textarea name="message" rows="5" cols="40">'.$row_posts[message].'</textarea>';
      echo '<input type="hidden" name="id" value="'.$_GET[id].'">';
      BREAK;
   case "member_edit":
      if ($row_posts[name] != $_COOKIE[le_username] && $row_visitor[position] != 'administrator')
      {

         die('You do not have permission to edit this post');
      }
      echo '<textarea name="message" rows="5" cols="40">'.$row_posts[message].'</textarea>';
      echo '<input type="hidden" name="id" value="'.$_GET[id].'">';
      BREAK;
   default:
      die('Error');
}
echo '<input type="submit" value="submit">';
?>
</form>
<?php
include('footer.php');
?>


----------------------------------------------------


Next problem: header ("Location: index.php"); First of all, it seems as though in every case you're echoing something before you send this header. This is not allowed by the HTTP spec -- headers must be sent before any other output. See the header() documentation for more information (look for the paragraph that starts with "Remember that header() must be called before any actual output is sent...").


the echos were put in just to see if I had a value for them, but i didn't. not sure if that is an important information
User avatar
Virtuoso
php-forum Active User
php-forum Active User
 
Posts: 268
Joined: Mon Jul 21, 2003 7:05 am

Postby swirlee » Wed Jul 23, 2003 7:15 pm

Virtuoso wrote:if i have to do have ',
how do I do this
Code: Select all
$query_drop_post = "DELETE posts WHERE id='$_GET[id]'";

do i do this?
Code: Select all
$query_drop_post = "DELETE posts WHERE id='$_GET['id']'";
im not sure cause the i might have too many 's
or do I do:
Code: Select all
$query_drop_post = "DELETE posts WHERE id='$_GET["id"]'";

or should I just rename the variable?


The documentation, as usual, has the answer. See the Strings section, and skip down to the "Variable parsing" section.

Basically you have two options:

a) you can use curly braces.

Code: Select all
$query_drop_post = "DELETE posts WHERE id = '{$_GET['id']}'";


b) as is the case with all strings, you can use string concatenation

Code: Select all
$query_drop_post = "DELETE posts WHERE id = '" . $_GET['id'] . "'";


I wholeheartedly recommend, to every beginning PHP writer, using string concatenation in every situation that they wish to insert a PHP expression into a string. It requires PHP to do less processing, and it also makes your code significantly more readable (because in a syntax-highlighting editor you can tell at a glance what's part of the string and what's a PHP expression being inserted into the string).

I'm still rather stumped by your switch() problem, though.
User avatar
swirlee
Moderator
Moderator
 
Posts: 2272
Joined: Sat Jul 05, 2003 1:18 pm
Location: A bunk in the back

Postby liquedus » Thu Jul 24, 2003 5:13 pm

it would probably be a good idea that if you have 2 conditions inside an if to seperate them

if ($row_posts[name] != $_COOKIE[le_username] && $row_visitor[position] != 'administrator')

to

if (($row_posts[name] != $_COOKIE[le_username]) && ($row_visitor[position] != 'administrator'))

ciao baby :!:
liquedus
php-forum Active User
php-forum Active User
 
Posts: 266
Joined: Tue Apr 08, 2003 5:18 am
Location: Ottawa, Canada


Return to PHP coding => General

Who is online

Users browsing this forum: Bing [Bot] and 1 guest

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.