Complete Noob here :p

Tanlith · December 12, 2010

Hi. I'm currently taking a class in PhP and I'm having issues getting my code to work. I "borrowed" part of the code from elsewhere (but I fully understand each line - which is really the point of learning) I'm hoping a second set of eyes might help on what's wrong:

I'm running Wamp Server v2.0 on my local PC to test the scripts... I'm sure I'm probably going to have more then just this error with the script, but it's hard to move forward when you're stuck spinning your wheels. Any help would be greatly appreciated... and any suggestions as to a better way to approach this would be welcome as well. I am here to learn after all

Here's the error I'm getting:

Notice: Undefined variable: fname in C:\Web Server\wamp\www\daystoxmas.php on line 8

Please return to the main page and enter your First Name.

Here's the HTML Code:

<!DOCTYPE html PUBLIC "-//W3C/DTD XHTML

1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/

xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"

xml:lang="en" lang="en">

<head>

content="text/html; charset=utf-8"/>

<title>Days to Christmas Form</title>

</head>

<body>

<div><p><h1>Days to Christmas Form</h1></p>

<p>- Programmed by: Michael Custance</p>

<p>First Name: </select><input type="text" name="fname" size="20" /></p>

<p>E-mail Address: <input type="text" name="email" size=20 /></p>

For Christmas gift ideas, click here!

</form>

</body>

</html>

And here's the PhP Form:

<HTML>

<HEAD>

<TITLE>daystoxmas.php</TITLE></HEAD>

<BODY>

<?php

if ($fname)

{

print ("Good ");

if (date("A") == "AM")

{

print ("morning, ");

}

elseif ( (date("H") >= 12 ) and (date("H") < 18) )

{

print ("afternoon, ");

}

else

{

print ("evening, ");

}

print ("$FirstName<P>");

$Christmas = mktime(0, 0, 0, 12, 25, date('Y'));

$today = mktime();

$seconds_to_christmas = $Christmas - $today;

$days_to_christmas = $seconds_to_christmas / 86400;

$days_to_christmas = floor($days_to_christmas);

$temp_remainder = $seconds_to_christmas - ($days_to_christmas * 86400);

$hours = floor($temp_remainder / 3600);

$temp_remainder = $temp_remainder - ($hours * 3600);

$minutes = round($temp_remainder / 60, 0);

echo '<p>There is ' . $days_to_christmas . ' days and ' .

$hours . ' hours and ' . $minutes .

' minutes until Christmas</p>';

}

else

{

print ("Please return to the main page and enter your First Name.");

}

?>

</BODY>

</HTML>

lAZLf · December 12, 2010

The variable "$fname" wasn't assigned to anything, but you use it in "if($fname) { . . . ". What's that line with "if($fname) { . . .

" supposed to do? Check if the form is filled out? If you took that part from a different php script, they probably assigned that variable like so "$fname = $_POST["fname"];" on its own line above the if statement.

In that one if statement I keep referring to, change "$fname" to "$_POST["fname"];

OOP · December 12, 2010

Hi there,

Just a little advice and i hope you don't mind. It is better to get user inputs from the Super global arrays ( $_GET, $POST, etc) instead of relaying on register global directive. The error that you are getting is a notice and is not an error.

anyway you can fixed simple by checking if the value of the $fname has been set or not.

<?php
   if (isset($fname))
     {

OOP · December 12, 2010

Okay....lAZLf was faster than me

Tanlith · December 12, 2010

WOW you guys are quick with the responses I might even get this done in time to hand it in within the deadline LOL -- (yeah I was trying to have it check to make sure the field did not hold a NULL value. - Srry I should have specified that )

OK I added the

<?php

if (isset($fname))

{

And it isn't giving a warning/error... but when I do enter a name in the form it still presents the "Please return to the main page and enter your First Name." message from the IF statement. And I get no further errors or messages. It appears to be either skipping the nested IF or the nested IF is so messed up it's ignoring it?

- Tanlith -

OOP · December 12, 2010

It looks like register_global is off so change the below statement

<?php
   if (isset($fname))
     {

to

<?php
   if (isset($_POST['fname']))
     {

Tanlith · December 12, 2010

Well we're getting closer

I Changed it as you outlined and got:

Good afternoon,

Notice: Undefined variable: FirstName in C:\Web Server\wamp\www\daystoxmas.php on line 22

There is 12 days and 8 hours and 21 minutes until Christmas

So now it's doing the Days to x-mas part but back to an Udefined variable warning.... by the way... could you explain what you meant by: "register_global is off" id that a server-side setting?

- Tanlith -

P.S. I should note here as well that it give the same message weather a name is entered in the form or not.

Anti-Moronic · December 12, 2010

Where is this material from if it is relying on register_globals? lol - throw it out. If your tutor has given you this, cancel the class. Find some new, modern, best practice source code to reference.

http://www.phpfreaks.com/forums/miscellaneous/good-programming-and-web-design-books/

http://www.w3schools.com/php/php_install.asp

Anti-Moronic · December 12, 2010

This line:

print ("$FirstName<P>");

You need to check your code and see if $FirstName has even been set.

echo $FirstName, if it doesn't exist you need to create it.

It seems you have a strange duplication or conflict. You have $fname and $FirstName - why? Should just be one variable.

$fname = $_POST['fname'];

$FirstName = $_POST['FirstName'];

That is what they would be if the script was relying on register_globals which as you said is a server side setting. It's depracated and if you're reading material which relies on anything which is depracated it is most definitely bad source code and outdated.

hope that helps! Get one of those books in the thread I posted. They'll get you on the right track.

OOP · December 12, 2010

You can find more information about register global in the below link

http://www.php.net/manual/en/security.globals.php

have fun

Tanlith · December 12, 2010

Unfortunately it's part of my course in Networking Technology... so I can't drop it

Once I get my degree I'm sure I'll be free to learn it the right way... believe me I've noticed a LOT of flaws in the education process, but without a degree you just can't get a decent paying job/career started

Thanks for the references though... the teacher wants us to use the methods from our text (Visual Quickstart Guide - PHP Third Edition - learn PHP the Quick Easy Way! by Larry Ullman )

Where is this material from if it is relying on register_globals? lol - throw it out. If your tutor has given you this, cancel the class. Find some new, modern, best practice source code to reference.

http://www.phpfreaks.com/forums/miscellaneous/good-programming-and-web-design-books/

http://www.w3schools.com/php/php_install.asp

Anti-Moronic · December 12, 2010

Unfortunately it's part of my course in Networking Technology... so I can't drop it

Once I get my degree I'm sure I'll be free to learn it the right way... believe me I've noticed a LOT of flaws in the education process, but without a degree you just can't get a decent paying job/career started

Thanks for the references though... the teacher wants us to use the methods from our text (Visual Quickstart Guide - PHP Third Edition - learn PHP the Quick Easy Way! by Larry Ullman )

Where is this material from if it is relying on register_globals? lol - throw it out. If your tutor has given you this, cancel the class. Find some new, modern, best practice source code to reference.

http://www.phpfreaks.com/forums/miscellaneous/good-programming-and-web-design-books/

http://www.w3schools.com/php/php_install.asp

Would they offer distinctions for doing it the right way? Do they even know the modern way? if this ref material uses register_globals I doubt very much they even think about security - sql injection and such. Maybe you could approach him and see about that distinction? lol

Doubt many other students will do the same thing.

Anti-Moronic · December 12, 2010

Sorry, one other thing. You need to approach your tutor and tell him it's not even a matter of this code "not being optimal or best practice" but that it is error ridden and will NOT work at all in latest versions of php or 90%+ server environments.

You go into a job interview with this crap in your head you're gonna be laughed out of there. Most important thing you can do during this pathetic course (or this part of it) - god knows what they're teaching about networking - is validate *everything* in your spare time.

It's shocking you have to pay for BAD information to get a job when the GOOD information is free Madness

/rant

Tanlith · December 12, 2010

*FACEPALM*

Yep... that is definitely part of the problem The HTML code was provided for us we had to write the PhP. And I went and changed the variable... I changed the HTML to match (we are allowed to make any changes we feel necessary)

I made the change you suggested

<?php

if ($fname = $_POST['fname'])

{

And it works fine now! Thanks so much for the help... and yeah I totally learned a few things!

Also your comment about the depreciation of what we're using made me look over my class's course outline and it seems we'll be dealing with MySQL and Security in the second half of this class (Next Semester) Hopefully they'll be bringing us up to date by then.

- Tanlith -

This line:

print ("$FirstName<P>");

You need to check your code and see if $FirstName has even been set.

echo $FirstName, if it doesn't exist you need to create it.

It seems you have a strange duplication or conflict. You have $fname and $FirstName - why? Should just be one variable.

$fname = $_POST['fname'];

$FirstName = $_POST['FirstName'];

That is what they would be if the script was relying on register_globals which as you said is a server side setting. It's depracated and if you're reading material which relies on anything which is depracated it is most definitely bad source code and outdated.

hope that helps! Get one of those books in the thread I posted. They'll get you on the right track.

Anti-Moronic · December 12, 2010

Glad you got it working. What you're doing in the if is called (assignment by condition) and isn't good practice at all. Can become hard to read your code when it becomes more complex.

Instead do this:

$fname = $_POST['fname'];

if($fname){

Also, when you do move onto mysql and security, make sure you have your own independent reference material to learn from to ensure you are not picking up any bad habits.

http://www.phpfreaks.com/forums/miscellaneous/good-programming-and-web-design-books/

Has some excellent books on php and mysql.

use this course as an introduction to php (and how to do it wrong). lol

Tanlith · December 12, 2010

LOL Agreed... PhP is new to me but I've been working in networking for 21 years (42 yr old trying to jumpstart his career again) - I used to do (most of) the Networking for Fords in Windsor Ont. - and yes... what they're teaching in class is pretty much useless in the field. Well... not useless so much as not feasible since most large companies will undoubtedly have some legacy machine(s) laying around serving a critical purpose and they can't decommission it till a solution to replace it is found.... Thanks again for the help! I still find it weird that I need to learn web design in order to design a network infrastructure but w/e. Even weirder that all my electives are completely unrelated to I.T. in any way... Sociology for example... I fail to see how the shopping habits of someone in Tibet will effect my ability to troubleshoot a node on your network

- tanlith -

Sorry, one other thing. You need to approach your tutor and tell him it's not even a matter of this code "not being optimal or best practice" but that it is error ridden and will NOT work at all in latest versions of php or 90%+ server environments.

You go into a job interview with this crap in your head you're gonna be laughed out of there. Most important thing you can do during this pathetic course (or this part of it) - god knows what they're teaching about networking - is validate *everything* in your spare time.

It's shocking you have to pay for BAD information to get a job when the GOOD information is free Madness

/rant

Anti-Moronic · December 12, 2010

LOL Agreed... PhP is new to me but I've been working in networking for 21 years (42 yr old trying to jumpstart his career again) - I used to do (most of) the Networking for Fords in Windsor Ont. - and yes... what they're teaching in class is pretty much useless in the field. Well... not useless so much as not feasible since most large companies will undoubtedly have some legacy machine(s) laying around serving a critical purpose and they can't decommission it till a solution to replace it is found.... Thanks again for the help! I still find it weird that I need to learn web design in order to design a network infrastructure but w/e. Even weirder that all my electives are completely unrelated to I.T. in any way... Sociology for example... I fail to see how the shopping habits of someone in Tibet will effect my ability to troubleshoot a node on your network

- tanlith -

Sorry, one other thing. You need to approach your tutor and tell him it's not even a matter of this code "not being optimal or best practice" but that it is error ridden and will NOT work at all in latest versions of php or 90%+ server environments.

You go into a job interview with this crap in your head you're gonna be laughed out of there. Most important thing you can do during this pathetic course (or this part of it) - god knows what they're teaching about networking - is validate *everything* in your spare time.

It's shocking you have to pay for BAD information to get a job when the GOOD information is free Madness

/rant

hahaha so true. I mean if you're already a very experienced network engineer I wouldn't worry about any of this. Seen senior network engineers earning $65k+ who likely don't EVER use php. You have far more important things to be thinking about.

The education system is wacky. I'm hoping in the future employers begin to discount courses from certain colleges and universities due to them being completely riddled with misinformation. I think the better universities must have bought rights to good information.

PFMaBiSmAd · December 12, 2010

...and Security in the second half of this class (Next Semester) Hopefully they'll be bringing us up to date by then.

Security is the first priority when writing any kind of code and it should be the first priority when teaching someone how to code. You are being told to follow the coding found in a specific book and that book is 8 years out of date and is teaching you to use something that will allow hackers to take over a web site.

Register_globals were turned off by default in php4.2 in April of the year 2002 (yes over 8 years a go) because it allows hackers to set your program and session variables by simply putting get parameters on the end of the URL when they visit your page. A lot of web sites have been taken over. Register_globals being on finally throws a depreciated error message in php5.3 and register_globals will be completely removed in the next major release of php. Any person developing php code or using php for teaching purposes should know this.

As has already been stated in this thread, the code you are being shown to follow won't work on a majority of servers today (it does not work on your development system) and in the near future it won't work at all.

Anti-Moronic · December 12, 2010

it allows hackers to set your program and session variables by simply putting get parameters on the end of the URL

Whaaaaattt? It allows you to edit $_SESSION variables too? What the hell were they thinking having this in there in the first place. hahahaha wow.

PFMaBiSmAd · December 12, 2010

When they were talking about putting in register_globals (yes they intentionally did this), red lights should have been flashing, flags should have been waving, bells should have been going off. Once the security problems with it were known, it should have been irrevocably turned off.

With RG on, any post/get/cookie/files/some-server variables create a program variable by the same name and any session variable with the same name as a program variable is back-populated with the value that the program variable was just set to.

And it is really too bad that we are still seeing code and new programmers being shown code that relies on register_globals at this point in the year 2010. It should have all disappeared/been updated long ago. People should not be wasting time on - "my code does not work because my program variables are not being set!"

Sign In

Complete Noob here :p

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information