Problem in a php if condition

Question

I have a small problem. I access the site thru foro.php?id=74&mode=add or foro.php?id=74&mode=edit it works fine.. But when I add a colon, semicolon (; or :) to foro.php?id=74&mode=add it goes to the edit option

foro.php?id=74&mode=add;
foro.php?id=74&mode=add:
foro.php?id=74&mode=add’

Below is my code

<?php 
$numb=mysql_real_escape_string($_GET['id']);

  if ($_GET['mode']=='add') {

    $sql1="select * from cello where number='".mysql_real_escape_string($numb)."' LIMIT 1";
    $result1=mysql_query($sql1) or die(mysql_error());
    while ($row=mysql_fetch_array($result1)) {

        $name=$row['name'];
        echo $name;
    }
  }


elseif ($_GET['mode']='edit') {

$sql="select * from cello account_number='".mysql_real_escape_string($numb)."' limit 1";
$result=mysql_query($sql) or die(mysql_error());

    while ($row=mysql_fetch_array($result)) {

 $acnumb=$row['number'];
$name=$row['name'];
$address=$row['address'];

echo $acnumb;
echo $name;
echo $address;

     }
     }
 else {echo "error!!";}
     ?>

Any way how to prevent it?

Answer 1

You have used the assignment operator = instead of the equality operator ==.

Try changing this:

elseif ($_GET['mode']='edit') {

to this:

elseif ($_GET['mode']=='edit') {

Answer 2

The problem is that in the following lines, in the if statement, you are not comparing, but assigning a value to the mode element in the GET array:

...
elseif ($_GET['mode']='edit') {

$sql="select * from cello account_number='".mysql_real_escape_string($numb)."' limit 1";
$result=mysql_query($sql) or die(mysql_error());
...

That operation returns true, the first comparison is false, and that is why it goes in the edit section.