Error with function $ _GET

1

My question is the following, I have the page criareditarevento.php that updates information from a registration system, however I need to make the update message open inside the page main.php which is the page where it has the switch ($_GET['pag']) default.

PAGE CRIAREDITAREVENTO.PHP

    <?
session_start();
 include("config.php");
$ip = $_SERVER['REMOTE_ADDR'];
$sqlcontent = mysql_query("select * from usr_config");
$content = mysql_fetch_array($sqlcontent);
if(!isset($_SESSION[usr_name]) || empty($_SESSION[usr_name]) || !isset($_SESSION[usr_level]) || empty($_SESSION[usr_level]))
{
session_destroy();
session_unset();
die('
<div align="center">
 <font face="verdana" size="2" color="#000">Você precisa estar logado para visualizar essa página...</font>
</div>
');
}
include("func.php");

$update = clean($_GET[update]);
$getprof = mysql_query("select * from usr_users where username = '$_SESSION[usr_name]'");
$teste = mysql_query("select * from usr_users where username = '$_SESSION[usr_name]'");
$prof = mysql_fetch_array($getprof);
?>


<? if(!$update) { ?>
</font>
<form action="criareditarevento.php?update=update" method="post">
<font color="#FFFFFF">
<b><u><font size="1">Sua Conta</font></u></b><font size="1"><br />
<font color="#000000"><br />
Nome: <? echo("<b>$_SESSION[usr_name]</b>");?><br />
<br />
Email:<br />
</font></font></font><font color="#000000" size="1" face="Verdana">
<input class="subbutton" name="email" type="text" value="<? echo("$prof[email]");?>" size="40"?>
</font><font size="1" color="#000000"><br />
Site/Blog:<br />
</font><font color="#000000" size="1" face="Verdana">
<input class="subbutton" name="avator" type="text" value="<? echo("$prof[avator]");?>" size="50"?>
</font><font size="1" color="#000000"><br>
Hobbie:<br />
</font><font color="#000000" size="1" face="Verdana">
<input class="subbutton" name="hobbie" type="text" value="<? echo("$prof[hobbie]");?>" size="50"?>
</font><font size="1" color="#000000"><br />
<br />
<u><b>Trocar senha</b></u><br />
<em>Se não quiser trocar a Senha, Não 
preencha os Campos Abaixo</em><br />
<br />
Atual Senha:<br />
</font><font color="#000000" size="1" face="Verdana">
<input class="subbutton" name="oldpw" type="password" size="30" />
</font><font size="1" color="#000000">
<br />
Nova Senha:<br />
</font><font color="#000000" size="1" face="Verdana">
<input class="subbutton" name="new1" type="password" size="30" />
</font><font size="1" color="#000000">
<br />
Repetir Nova Senha:<br />
</font><font color="#000000" size="1" face="Verdana">
<input class="subbutton" name="new2" type="password" size="30" />
</font><font size="1" color="#000000">
<br />
<br />
</font><font color="#000000" size="1" face="Verdana">
<input class="subbutton" type="submit" value="Atualizar" />
</font>

</form>
<font size="1" color="#000000">
<? }

elseif($update==update)
{
$email = clean($_POST[email]);
$avator = clean($_POST[avator]);
$hobbie = clean($_POST[hobbie]);
$updateemail = mysql_query("update usr_users set email = '$email', avator = '$avator', hobbie = '$hobbie' where username = '$_SESSION[usr_name]'");
$oldpw = clean($_POST[oldpw]);
$new1 = clean($_POST[new1]);
$new2 = clean($_POST[new2]);
if($oldpw!="")
{
$checkpass = md5($oldpw);
$check2 = mysql_query("select * from usr_users where password = '$checkpass' and username = '$_SESSION[usr_name]'");
$check = mysql_num_rows($check2);
if($check==1)
{
if($new1==$new2)
{
$password = md5($new1);
$updatepass = mysql_query("update usr_users set password = '$password' where username = '$_SESSION[usr_name]'");
echo("Your password has been updated!<br />");
}
else echo("The two passwords do not match!");
}
else echo("The password you entered does not match your current password.");
}
echo("Your Preferences have been updated!");
} ?>
</font><font size="1" color="#FFFFFF">  </font>
</div></td>


PAGE MAIN.PHP:

<?php
     switch ($_GET['pag'])
      {
        case "criareditarevento": include("criareditarevento.php"); break;
        case "teste2": include("teste2.php"); break;
        case "desconectar": include("desconectar.php"); break;
                   default: include("principal.php"); break;

      }
?> 

I'm waiting for help: D

    
asked by anonymous 14.06.2014 / 01:32

2 answers

1

In the action of form, you are using the variable "update". On your switch, you check the variable "pag" and its value is update.

Change the form's action to:

creeditarevent.php? pag = createeditarevent

    
14.06.2014 / 21:36
1

I think the error is just this:

elseif($update==update)

Change to:

elseif($update == "update")

Another thing extremely important:

  • Do not use short tags = <? echo 'bla' ?> . Search the internet for a number of reasons.
  • Do not execute instructions directly in the bank through your view. NEVER!
  • Ident your code
  • See the security of your code, do not read these things
  • Try to use a lightweight and simpler framework in your projects, at least to understand how everything works and then if you want to "create yours" (I do not recommend ... it's much more feasible to use a framework and adapt it to your work, than reinventing the wheel).

I say this just to add more value to your (and you) code.

    
18.06.2014 / 18:25