if ($_GET['m'] == NULL) { die("No mode given!"); } //echo "<br/>Mode: "; echo $_GET['m']; switch ($_GET['m']) { case 0: $dbresult = $dbConnect->getNames(); $xmlDoc->createWidgets(); $xmlDoc->addMysqlResult($dbresult, 'Widget'); break; case 1: if (!isset($_GET['name'])) { die("invalid parameter"); } $name = $_GET['name']; $dbresult = $dbConnect->addName($name, $userId); die("Added"); break; case 2: if (!isset($_GET['n']) || !isset($_GET['a']) || !isset($_GET['mo']) || !isset($_GET['id']) || !isset($_GET['h']) || !isset($_GET['c'])) { die("invalid parameter"); } $id = $_GET['id']; $name = $_GET['n']; $author = $_GET['a']; $mods = $_GET['mo']; $hidden = $_GET['h']; $category = $_GET['c']; $description = $san->sanitize($_POST['d']); //$_GET['d']; $dbresult = $dbConnect->updateName($id, $name, $author, $mods, $description, $userId, $hidden, $category);