[SOLVED] Undefined index

[stockton]

Not sure if I should post this here or in HTML, so if I have done wrong please forgive.

The following program gives the following error when run.

Undefined index: mnumber in D:\Program Files\Apache Software Foundation\Apache2.2\htdocs\DisplayMember\DisplayImage\OracleBlob.php on line 7

 

the program:-

<?php
$SGMDBUsername = "sgm";
$SGMDBPassword = "s7000";
$SGMDBName     = "s7s";
$conn=OCILogon($SGMDBUsername,$SGMDBPassword,$SGMDBName);

$MemberNumber = $_REQUEST['mnumber'];
$SQL2="SELECT MEM_SNAME, MEM_FNAME, MEM_TITLE, i.IMAGEDATA FROM MEMBERS, IMAGESTORE i WHERE MEM_FACE = i.id and MEM_NUMBER=$MemberNumber";
$stmt=OCIParse($conn,$SQL2);
OCIExecute($stmt);
$Count = 0;
while ($row=oci_fetch_array($stmt, OCI_ASSOC))
    {
    $Surname = $row['MEM_SNAME'];
    $FirstName = $row['MEM_FNAME'];
    $Title = $row['MEM_TITLE'];
    $Face = $row['IMAGEDATE'];
    ++$Count;
    }
if ($Count == 0) $FullName="Invalid member number!";
else
$FullName=$Title." ".$FirstName." ".$Surname;
$fr = fopen("image.jpg", 'w');
fputs($fr, $Face);
fclose($fr);
OCICommit($conn);
OCIFreeStatement($stmt);
OCILogoff($conn);
?>

<html>
<head>
<title>Display Member</title>
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="Mon, 22 Jul 2000 11:12:01 GMT">
<link rel="stylesheet" type="text/css" href="style/style.css">
</head>
<body>
<center>
<H1>Display Member Images.</H1>
<br/><br/>
</center>
<form name="dm" id="dm" method="post" action="<?php $_SESSION['PHP_SELF']?>">
<center>
<font color="white">
Member Number: <input type="text" name="mnumber" /><br/><br/>
Member Name: <?php echo $FullName ?></font>
<input type="submit" value="submit" />
<br/><br/>
<img src="image.jpg" border=0/>
</form>
</center>
</body>
</html>

and as I said before, I am not sure if my error is in the html or the php.

Please help.

[Anti-Moronic]

Whoa, escape that mnumber before using it in a query.

 

even this will do:

 

$MemberNumber = mysql_real_escape_string($_REQUEST['mnumber']);

 

The error is occurring likely because mnumber has not been passed through the $_REQUEST before the form has been submitted.

 

You can simply do this:

 

if(isset($_POST['mnumber'])){

$MemberNumber = mysql_real_escape_string($_REQUEST['mnumber']);

}

 

Hope that helps.

[flyhoney]

Yeah, you need to take into account the fact that $_REQUEST['mnumber'] may not be set.

 

$MemberNumber = (isset($_REQUEST['mnumber'])) ? $_REQUEST['mnumber'] : '';

[Anti-Moronic]

This is the kind of shorthand I like. Have to start using ternary operators more!

 

 

[Daniel0]

For the most part, the ternary operator decreases readability, which is a really important part of programming. Code is much harder to read than write, so if you write code that is too unreadable it'll eventually come back to haunt you.

[flyhoney]

For the most part, the ternary operator decreases readability, which is a really important part of programming. Code is much harder to read than write, so if you write code that is too unreadable it'll eventually come back to haunt you.

 

I agree that the ternary operator can decrease readability, but there are cases where it makes things much more readable.

 

<?php

// This is a great use of ternaries
$foo = ($bar) ? $bar : $baz;

// This is a horrible use of ternaries
$foo = ($bar) ? ($baz) ? $tete : $toto : $tata;

// PHP5.3 has added the shortcut ternary
// so instead of this:
$foo = ($_POST['foo']) ? $_POST['foo'] : 'default';

// you can do this:
$foo = $_POST['foo'] ?: 'default';