1 files changed, 13 insertions, 18 deletions

diff --git a/bug/update.php b/bug/update.php
index f27cdd4..0ee6e26 100644
--- a/bug/update.php
+++ b/bug/update.php
@@ -1,35 +1,30 @@
 <?php
-require 'config.php';
+require '../config.php';
 require_once(TEMPLATES_PATH . "/header.php");
 require_once(TEMPLATES_PATH . "/panel.php");
 require_once(LIBRARY_PATH . "/functions.php");
 
-if(!isset($_GET['id']) || $_GET['id'] == "") {
-    echo "<div id='error'>No bug selected, redirecting to index...</div>";
-    header('Refresh: 2; URL=index.php');
-
-} else if(!isset($_SESSION['user_id']) || $_SESSION['user_id'] == "") {
-    echo "<div id='error'>Not logged in, redirecting to index...</div>";
-    header('Refresh: 2; URL=index.php');
-
-} else {
+if(session_set()) {
     $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
-
-    $query = $conn->prepare("UPDATE bugs SET title=:title, description=:description WHERE id=:id");
+    $query = $_POST['id'] == "" ?
+        $conn->prepare("INSERT INTO bugs (author, title, description) VALUES (:user_id, :title, :description)")
+      : $conn->prepare("UPDATE bugs SET title=:title, description=:description WHERE id=:bug_id");
+    if($_POST['id'] == "") {
+        $query->bindParam(':user_id', $_SESSION['user_id']);
+    } else {
+        $query->bindParam(':bug_id', $_POST['id']);
+    }
     $query->bindParam(':title', $_POST['title']);
     $query->bindParam(':description', $_POST['description']);
-    $query->bindParam(':id', $_GET['id']);
     
     if ($query->execute()) {
         echo "Data is updated\n";
     } else {
-        echo "User must have sent wrong inputs\n";
+        echo "Query failed\n";
     }
-
-    header("Refresh: 2; URL=view.php?id=$_GET[id]");
-
 }
 
-require_once(TEMPLATES_PATH . "/footer.php");
+header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]");
+footer: require_once(TEMPLATES_PATH . "/footer.php");
 ?>