form & get vars

Jason Gerfen <jason.gerfen@xxxxxxxxxxxx> · Fri, 03 Feb 2006 10:54:27 -0700

I am having a problem and I am not sure how to resolve it.  I have a 
simple drop down list form which contains colors and a menu which 
contains links.

I have two get vars as URL parameters:
ex. http://www.web.com/index.php?id=default&theme=red

here is the HTML form:
<table width="100%" border="0" cellspacing="0"><form action="<?PHP echo 
$_SERVER['PHP_SELF']; ?>?id=<?PHP echo $arr['name']; ?>&theme=<?PHP echo 
$_GET['theme']; ?>" method="get" name="template">
<tr>
 <td width="5%" align="left"><select name="theme">
  <option name="blue" value="blue">blue</option>
  <option name="green" value="green">green</option>
  <option name="red" value="red">red</option>
  <option name="yellow" value="yellow">yellow</option>
  </select></td>
 <td width="10%" align="left"><input type="submit" value="change 
scheme"></td>
</tr></form>
</table>

Here is the function that gives me the page id:
function show_args( $id ) {
global $defined;
	if( empty( $id ) ) {
	 $conn = db( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] );
 $sql = @mysql_query( "SELECT * FROM pages WHERE name = 'default'" )or die( "<img src=\"images/error.jpg\">&nbsp;&nbsp;<font face=\"arial\"><b>Error with SQL statement, details follow:</b><br><br>Error Number: " .  @mysql_errno( $conn ) . "<br>Error Message: " . @mysql_error( $conn ) . "<br>Email Administrator: <a href=\"mailto:$defined[mail]\";>$defined[mail]</a></font>" );
	 if( @mysql_num_rows( $sql ) != 0 ) {
		 while( $array = @mysql_fetch_array( $sql ) ) {
			 list( $page['id'], $page['name'], $page['title'], $page['description'], $page['content'] ) = $array;
			}
		} else {
		 $page['id'] = "default";
			$page['name'] = "default";
			$page['title'] = "default home page";
			$page['description'] = "default home page";
			$page['content'] = "<img src=\"images/error.jpg\">&nbsp;&nbsp;<b><blink>Error: </blink></b>It looks as if you have not defined anything in the database, please do so.<br><b>Code: </b>001";
		}
	} else {
	 if( chk_string( $id ) == 0 ) {
		 $conn = db( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] );
  $sql = @mysql_query( "SELECT * FROM pages WHERE name = \"$id\"" )or die( "<img src=\"images/error.jpg\">&nbsp;&nbsp;<font face=\"arial\"><b>Error with SQL statement, details follow:</b><br><br>Error Number: " .  @mysql_errno( $conn ) . "<br>Error Message: " . @mysql_error( $conn ) . "<br>Email Administrator: <a href=\"mailto:$defined[mail]\";>$defined[mail]</a></font>" );
	  if( @mysql_num_rows( $sql ) != 0 ) {
		  while( $array = @mysql_fetch_array( $sql ) ) {
			  list( $page['id'], $page['name'], $page['title'], $page['description'], $page['content'] ) = $array;
			 }
		 } else {
		  $page['id'] = "default";
			$page['name'] = "default";
	 		$page['title'] = "default home page";
		 	$page['description'] = "default home page";
			 $page['content'] = "<img src=\"images/error.jpg\">&nbsp;&nbsp;<b><blink>Error: </blink></b>It looks as if you have not defined anything in the database, please do so.<br><b>Code: </b>002";
		 }
		} else {
		 $conn = db( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] );
  $sql = @mysql_query( "SELECT * FROM pages WHERE name = 'default'" )or die( "<img src=\"images/error.jpg\">&nbsp;&nbsp;<font face=\"arial\"><b>Error with SQL statement, details follow:</b><br><br>Error Number: " .  @mysql_errno( $conn ) . "<br>Error Message: " . @mysql_error( $conn ) . "<br>Email Administrator: <a href=\"mailto:$defined[mail]\";>$defined[mail]</a></font>" );
	  if( @mysql_num_rows( $sql ) != 0 ) {
		  while( $array = @mysql_fetch_array( $sql ) ) {
			  list( $page['id'], $page['name'], $page['title'], $page['description'], $page['content'] ) = $array;
			 }
		 } else {
		  $page['id'] = "default";
			$page['name'] = "default";
	 		$page['title'] = "default home page";
		 	$page['description'] = "default home page";
			 $page['content'] = "<img src=\"images/error.jpg\">&nbsp;&nbsp;<b><blink>Error: </blink></b>What exactly are you trying to do?  It seems you have either attempted a XSS, SQL Injection of Buffer Overflow to gain illegal access to my site.  Your computer information has been recorded because I do not condone the actions you are taking on my livelihood.";
		 }
		}
	}
	@mysql_close( $conn );
	return $page;
}

And the function which returns my menu:
function get_menu( $theme ) {
global $defined;
$conn = db( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] );
$sql = @mysql_query( "SELECT name FROM pages" )or die( "<img src=\"images/error.jpg\">&nbsp;&nbsp;<font face=\"arial\"><b>Error with SQL statement, details follow:</b><br><br>Error Number: " .  @mysql_errno( $conn ) . "<br>Error Message: " . @mysql_error( $conn ) . "<br>Email Administrator: <a href=\"mailto:$defined[mail]\";>$defined[mail]</a></font>" );
if( @mysql_num_rows( $sql ) != 0 ) {
	 while( $array = @mysql_fetch_array( $sql ) ) {
	  list( $name ) = $array;
			$menu .= "<a href=\"$_SERVER[PHP_SELF]?id=$name&theme=$theme\">$name</a><br>";
	 }
	} else {
	 $menu = "<img src=\"images/error.jpg\">&nbsp;&nbsp;<b><blink>Error: </blink></b>You currently do not have any pages defined in the database.";
	}
@mysql_close( $conn );
	return $menu;
}

basically I am having a problem of when I visit a link from the menu*then try to change the template color it goes to a default error message because the ?id=$_GET['id'] is failing on the form action portion.  Any help is appreciated.
--
Jason Gerfen

"the life you live ignoring who, ignoring who you're giving money to.
and you, you support the corrupt industries and companies who dont think to care.
guilty...guilty...guilty by ignorance.
no feeling... no substance... killing... you're killing through your ignorance."
~ Snapcase

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php