A
Anonymous
Guest
Why does the switch keep going into the default stage?
URL is:
...edit.php?action=guest_delete&id=10
URL is:
...edit.php?action=guest_delete&id=10
Code:
<?php
include('variables.php');
if ($_COOKIE[le_username] == '')
{
die('You do not have permission to edit this post');
}
$connection = mysql_connect($host,$dbuser,$dbpassword);
$db = mysql_select_db($database);
$query_posts = "SELECT * FROM posts WHERE id='$_GET[id]'";
$result_posts = mysql_query($query_posts);
$row_posts = mysql_fetch_array($result_posts);
$query_visitor = "SELECT * FROM members WHERE username='$_COOKIE[le_username]'";
$result_visitor = mysql_query($query_visitor);
$row_visitor = mysql_fetch_array($result_visitor);
echo $_GET[action];
echo $_GET[id];
switch (@$_GET[action])
{
case "guest_delete":
if ($row_visitor[position] != 'administrator')
{
die('You do not have permission to edit this post');
}
$query_drop_post = "DELETE posts WHERE id='$_GET[id]'";
$result_drop_post = mysql_query($query_drop_post);
BREAK;
case "member_delete":
if ($row_posts[name] != $_COOKIE[le_username] && $row_visitor[position] != 'administrator')
{
die('You do not have permission to edit this post');
}
$query_member = "SELECT * FROM members WHERE username='$row_posts[name]'";
$result_member = mysql_query($query_member);
$row_member = mysql_fetch_array($result_member);
$updated_post = $row_member[posts]-1;
$query_post_update = "UPDATE members SET posts='$updated_post' WHERE username='$row_post[name]'";
$result_post_update = mysql_query($query_post_update);
$query_drop_post = "DELETE posts WHERE id='$_GET[id]'";
$result_drop_post = mysql_query($query_drop_post);
BREAK;
default:
die('error');
}
header ("Location: index.php");