Upgraded to PHP 5.3 - new "undeclared variable" error

[abitlikehomer]

Hi guys

 

My web hosts have just upgraded to PHP 5.3 and although my code was working - it's now coming up with the following error message:

Notice: Undefined variable: _xml in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/addNews.php on line 43

 

Warning: Cannot modify header information - headers already sent by (output started at /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/addNews.php:43) in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/addNews.php on line 73

 

I've looked at it but as I am still only a new coder, i'm not sure what I need to do to make it work. Any help would be appreciated. My code is below:

 

<?php
include "connection.php"
?>
<?php 

// (2) gather all details from form
$newTitle= $_POST['txtTitle'];
$newDay = substr($_POST['txtDate'],0,2);
$newMonth = substr($_POST['txtDate'],3,2);
$newYear = substr($_POST['txtDate'],6,4);
$newContent = $_POST['txtContent'];
$newLink = "<a href=http://www.2asmooth.com/Kingfisher_Trust/showNews.php?"."NewsID=0>Link</a>";

// (3) Create an INSERT query of the form  
$query = "INSERT INTO News (Title, Date, Content, Link) VALUES ('$newTitle', '$newYear''$newMonth''$newDay', '$newContent', '$newLink')"; 

// (4) Run query through connection
$result1 = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); 
$autoID = mysql_insert_id($connection);

// (5) Create an UPDATE query of the form to include the new link 
$yourlink = "http://www.2asmooth.com/Kingfisher_Trust/showNews.php?NewsID=".$autoID;
$query2 = "UPDATE News SET Link ='$yourlink' WHERE Title ='$newTitle' AND Content ='$newContent'";

// (6) Run the query on the news table through the connection
$result2 = mysql_query($query2) or die ("Error in query: $query2. ".mysql_error()); 

?>
<?php
	// set server access variables 
	include ("connection.php");

	// create query 
	$query = "SELECT * FROM News ORDER BY NewsID DESC"; 

	// execute query 
	$result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); 

		// see if any rows were returned 
		if (mysql_num_rows($result) > 0) { 
			// yes 
		   //Top of xml file
			$_xml .= '<?xml version="1.0"?>';
			$_xml .= '<rss version="2.0">';
			$_xml .='<channel>';
				$_xml .='<title>'.'Kingfisher Trust'.'</title>'; 
				$_xml .='<description>'.'The latest news about the charity'.'</description>'; 
				$_xml .='<link>'.'http://www.2asmooth.com/Kingfisher_Trust/news/updatedNewsFeed.xml'.'</link>'; 
					while($row = mysql_fetch_array($result)) { 
						$_xml .='<item>'; 
							$_xml .='<title>'.$row['Title'].'</title>';
							$_xml .='<description>'.$row['Date'].'</description>';
							$_xml .='<link>'.$row['Link'].'</link>'; 
						$_xml .='</item>'; 	
					} 
			$_xml .='</channel>';
			$_xml .='</rss>';

			//Output the xml string
			//print $_xml; 

			// Could also write to a file at this point	
			file_put_contents("news/updatedNewsFeed.xml", $_xml);
			// Need to give 'somedir' write permissions

		} 
		else {  // no 
			// print status message 
			echo "No rows found!"; 
		} 		

// (7) print message with ID of inserted record    
header("Location: newsReceipt.php?"."NewsID=".$autoID);   

// ( close connection 
    mysql_close($connection);     
?>

 

Thanks guys! Oh and as I'm cheeky, wondering if any of you would be able to help me with another topic I have currently posted and need help about - http://www.phpfreaks.com/forums/index.php/topic,281025.msg1331462.html#msg1331462

[BahBah]

Try changing:

 

$_xml .= '<?xml version="1.0"?>';

 

for

 

$_xml = '<?xml version="1.0"?>';

[premiso]

You have to declare the $xml variable before you append to it, so to prevent this error:

 

         $xml = ""; // declare variable.
         // see if any rows were returned 
         if (mysql_num_rows($result) > 0) { 
            // yes 
            //Top of xml file
            $_xml .= '<?xml version="1.0"?>';

 

Simply declare the $xml variable before you append to it

 

EDIT:

Eh I feel retarded, BahBah had it right, I just explained what was going on. I would use his suggestion as it would make more sense, but the same principals apply.

[abitlikehomer]

Thanks guys - its working now. I knew I had to declare it I just didn't know how to with PHP  lol

 

My bloody rss feed isn't working now - can you point me in the right direction?

 

error messages:

Warning: simplexml_load_file() [function.simplexml-load-file]: news/updatedNewsFeed.xml:1: parser error : StartTag: invalid element name in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 38

 

Warning: simplexml_load_file() [function.simplexml-load-file]: </rss> in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 38

 

Warning: simplexml_load_file() [function.simplexml-load-file]: ^ in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 38

 

Warning: simplexml_load_file() [function.simplexml-load-file]: news/updatedNewsFeed.xml:1: parser error : Extra content at the end of the document in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 38

 

Warning: simplexml_load_file() [function.simplexml-load-file]: </rss> in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 38

 

Warning: simplexml_load_file() [function.simplexml-load-file]: ^ in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 38

 

Notice: Trying to get property of non-object in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 39

 

Notice: Trying to get property of non-object in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 39

 

Warning: Invalid argument supplied for foreach() in /customers/2asmooth.com/2asmooth.com/httpd.www/Kingfisher_Trust/index.php on line 39

 

Code:

<!--
Design by 2A Smooth Ltd
http://www.2asmooth.com
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator" content="HTML Tidy for Linux (vers 1 September 2005), see www.w3.org" />
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>The Kingfisher Trust</title>
<meta name="keywords" content="Homeless, People, Bridlington, Kingfisher, Trust" />
<meta name="description" content="The Kingfisher Trust - Helping the Homeless" />
<link href="default.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<!--Header Start-->
<div id="header">
<div id="menu">
	<ul>
            <li class="active"><a href="index.php" title="">Homepage</a></li>
            <li><a href="news.php" title="">News</a></li>
            <li><a href="about_us.php" title="">About Us</a></li>
            <li><a href="login.php" title="">Login</a></li>
            <li><a href="contact us.php" title="">Contact Us</a></li>
        </ul>
</div>
</div>
<!--Header End-->
<!--Content Start-->
<div id="content">
<div id="sidebarleft">
    	<div id="linksleft" class="boxed">
        	<div class="title">
            	<h2>Latest News</h2>
            </div>
			<?php 
                $rssdoc = simplexml_load_file('news/updatedNewsFeed.xml');
                	foreach ($rssdoc->channel->item as $item) {      
                          print "<b>". $item->title."</b><br>"; 
                          print $item->description."<br>"; 
                          print "<a href =".$item->link.">News Story</a><br>"; 
                          print "<br />" ; 
                   } 
                ?> 
        </div>
    </div>
    <div id="main">
    	<div class="post">
        	<h2 class="title"><span>Helping the Homeless in Bridlington</span></h2>
        	<div class="intro"><img src="images/logo.jpg" alt="" width="120" height="120" class="left" />
            	<p>The Kingfisher Trust is a registered charity which helps the people who are homeless in Bridlington.</p>
                <p>It regularly holds <a href="soupKitchens.htm">soup kitchens</a> 3 times a week. All fund raising that goes on helps to provide socks, pillows and sleeping bags 
                for those unfortunate enough to have to sleep on the streets.</p>
    		</div>
    	</div>
    </div>
<div id="sidebarright">
    	<div id="linksright" class="boxed">
            <div class="title">
            <h2>Useful Links</h2>
            </div>
                <ul>
                    <li><a href="http://www.shelter.org.uk">Shelter</a><br />
                    The UK's biggest homeless charity</li>
                    <li><a href="http://www.eastriding.gov.uk/az/az_details_new?az_selected=599">Homeless form</a><br />
                    Complete this form for help and assistance from East Riding Council</li>
                    <li><a href="http://homelessuk.org/">HomelessUK</a></li>
                </ul>
            <div id="sponsorlogo"><!--<img src="images/United logo.jpg" alt="united coop logo" />-->
            </div>
    	</div>
    </div>
</div>
<!--Content End-->
<!--Footer Start-->
<div id="footer">
    <p id="legal">Copyright © 2009 Kingfisher Trust. All Rights Reserved. Designed by <a href="http://www.2asmooth.com/">2A Smooth Ltd</a>.</p>
    <p><a href="http://validator.w3.org/check?uri=referer"><img src= "http://www.w3.org/Icons/valid-xhtml10" alt="Valid XHTML 1.0 Strict" height="31" width="88" /></a></p>
</div>
<!--Footer End-->
<div style="font-size: 0.8em; text-align: center; margin-top: 1.0em; margin-bottom: 1.0em;"><a href="http://www.2asmooth.com/">2A Smooth Ltd</a>
</div>
</body>
</html>

 

Sorry for nagging - it really is helping me though Could you point me in the right direction of some good tutorials to try and understand the changes to php 5.3. At the moment it is going over my head.

 

Any luck with the AJAX problem as well - can you tell me where I am going wrong? Thanks

[BahBah]

Can you repost the updated code that generates the RSS document please ?

 

BTW you really need to look into escaping your variables before doing anything with a database. As you're using MySQL look into mysql_real_escape_string on the PHP site.

[abitlikehomer]

Can you repost the updated code that generates the RSS document please ?

 

BTW you really need to look into escaping your variables before doing anything with a database. As you're using MySQL look into mysql_real_escape_string on the PHP site.

 

Yes it's:

<?php
include "connection.php"
?>
<?php 

// (2) gather all details from form
$newTitle= $_POST['txtTitle'];
$newDay = substr($_POST['txtDate'],0,2);
$newMonth = substr($_POST['txtDate'],3,2);
$newYear = substr($_POST['txtDate'],6,4);
$newContent = $_POST['txtContent'];
$newLink = "<a href=http://www.2asmooth.com/Kingfisher_Trust/showNews.php?"."NewsID=0>Link</a>";

// (3) Create an INSERT query of the form  
$query = "INSERT INTO News (Title, Date, Content, Link) VALUES ('$newTitle', '$newYear''$newMonth''$newDay', '$newContent', '$newLink')"; 

// (4) Run query through connection
$result1 = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); 
$autoID = mysql_insert_id($connection);

// (5) Create an UPDATE query of the form to include the new link 
$yourlink = "http://www.2asmooth.com/Kingfisher_Trust/showNews.php?NewsID=".$autoID;
$query2 = "UPDATE News SET Link ='$yourlink' WHERE Title ='$newTitle' AND Content ='$newContent'";

// (6) Run the query on the news table through the connection
$result2 = mysql_query($query2) or die ("Error in query: $query2. ".mysql_error()); 

?>
<?php
	// set server access variables 
	include ("connection.php");

	// create query 
	$query = "SELECT * FROM News ORDER BY NewsID DESC"; 

	// execute query 
	$result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); 

		// see if any rows were returned 
		if (mysql_num_rows($result) > 0) { 
			// yes 
		   //Top of xml file
		   $_xml = "";
			$_xml = '<?xml version="1.0"?>';
			$_xml = '<rss version="2.0">';
			$_xml = '<channel>';
				$_xml = '<title>'.'Kingfisher Trust'.'</title>'; 
				$_xml = '<description>'.'The latest news about the charity'.'</description>'; 
				$_xml = '<link>'.'http://www.2asmooth.com/Kingfisher_Trust/news/updatedNewsFeed.xml'.'</link>'; 
					while($row = mysql_fetch_array($result)) { 
						$_xml = '<item>'; 
							$_xml = '<title>'.$row['Title'].'</title>';
							$_xml = '<description>'.$row['Date'].'</description>';
							$_xml = '<link>'.$row['Link'].'</link>'; 
						$_xml = '</item>'; 	
					} 
			$_xml = '</channel>';
			$_xml = '</rss>';

			//Output the xml string
			//print $_xml; 

			// Could also write to a file at this point	
			file_put_contents("news/updatedNewsFeed.xml", $_xml);
			// Need to give 'somedir' write permissions

		} 
		else {  // no 
			// print status message 
			echo "No rows found!"; 
		} 		

// (7) print message with ID of inserted record    
header("Location: newsReceipt.php?"."NewsID=".$autoID);   

// ( close connection 
    mysql_close($connection);     
?>

 

I know what the problem is, it's no longer creating the file correctly for the RSS feed. All that is getting saved into the RSS file is:

</rss>

and that's it.

 

It would have been so much easier if I hadn't been upgraded to PHP 5.3 or learnt how to code better lol.

 

 

[BahBah]

Replace

 

            $_xml = '<?xml version="1.0"?>';
            $_xml = '<rss version="2.0">';
            $_xml = '<channel>';
               $_xml = '<title>'.'Kingfisher Trust'.'</title>';
               $_xml = '<description>'.'The latest news about the charity'.'</description>';
               $_xml = '<link>'.'http://www.2asmooth.com/Kingfisher_Trust/news/updatedNewsFeed.xml'.'</link>';
                  while($row = mysql_fetch_array($result)) {
                     $_xml = '<item>';
                        $_xml = '<title>'.$row['Title'].'</title>';
                        $_xml = '<description>'.$row['Date'].'</description>';
                        $_xml = '<link>'.$row['Link'].'</link>';
                     $_xml = '</item>';    
                  }
            $_xml = '</channel>';
            $_xml = '</rss>';

 

with

 

            $_xml = '<?xml version="1.0"?>';
            $_xml .= '<rss version="2.0">';
            $_xml .= '<channel>';
               $_xml .= '<title>'.'Kingfisher Trust'.'</title>';
               $_xml .= '<description>'.'The latest news about the charity'.'</description>';
               $_xml .= '<link>'.'http://www.2asmooth.com/Kingfisher_Trust/news/updatedNewsFeed.xml'.'</link>';
                  while($row = mysql_fetch_array($result)) {
                     $_xml .= '<item>';
                        $_xml .= '<title>'.$row['Title'].'</title>';
                        $_xml .= '<description>'.$row['Date'].'</description>';
                        $_xml .= '<link>'.$row['Link'].'</link>';
                     $_xml .= '</item>';    
                  }
            $_xml .= '</channel>';
            $_xml .= '</rss>';

 

.=

 

Appends 2 strings together.

 

$a = 'hello';
$b = 'there';
$c = $a . ' ' . $b;
echo $c;
// returns "hello there"

 

You had removed the append from most of the subsequent lines starting with $_xml.

 

If you are appending to the same variable many times you only set the variable = to something once.

 

Subsequent appendages should be

 

$_xml .= 'whatever';

 

 

Wrong =

 

$a = 'hello';
$a = 'there'; // overwriting your original assignment of $a = 'hello';
echo $a;
// returns "there"

 

Correct =

 

$a = 'hello';
$a .= 'there';
echo $a;
// returns "hellothere"

[abitlikehomer]

It works Bahbah - thank you very much and for the explanation.

 

Cheers for pointing out the SQL Injection vulnerability as well

 

Don't suppose you know anything about AJAX do you

[BahBah]

Explanation above. Posted the solution, and editted an explanation afterwards.

 

As I mentioned in a previous post, please look into validating and escaping user input before launching this live as your script is open to SQL injection attacks.