differences in servers?

[clausowitz]

Hi All,

 

I created a website which runs perfectly on one server but now I transferred the website to another server I get all kinds of errors like,

Undefined variables and so on. How is this possible. I thought it was all in the code.

 

Marco

[Adam]

Different servers run different versions of PHP with different configurations. Bwetween these certain new functions, errors, etc. Are introduced, deprecated, etc. In your case the previous server will have had the error reporting at a level where "NOTICE" errors (at least) are not reported. These are your undefined index/variable type errors like you're getting now. While these aren't fatal errors, they should be fixed as opposed to just hiding them.

 

The problem is simple, you try to access a variable or index that doesn't exist. By checking with empty or isset (situation dictating which to use) you can ensure you don't get them. For example:

 

if ($var == 'foo') {

 

If $foo has not been defined before this condition, then you will get an undefined variable notice. This code would not:

 

if (isset($var) && $var == 'foo') {

 

An alternative is to give the variable a default value within your logic, so you know as the developer that it will always exist.

 

Anyway it should be easy enough to fix your errors, and once you have, add these few calls within your code to set-up the errors correctly (for a production website):

 

error_reporting(E_ERROR | E_WARNING | E_PARSE);
ini_set('display_errors', 0);

 

This will hide all errors from users, but the still report more serious run-time errors to the log, for if you ever need to check what error was reported. On a development server you want to display all errors, so would go with a set-up more like this:

 

error_reporting(-1);
ini_set('display_errors', 1);

 

That will report all errors and display them in the page.

[clausowitz]

These errors are easy to fix with $var = ''; but what about this one:

Uninitialized string offset: 1 on $logOptions_id = '';

 

$logOptions_id = '';

if (isset($_SESSION['idx'])) {

$decryptedID = base64_decode($_SESSION['idx']);

$id_array = explode("p3h9xfn8sq03hs2234", $decryptedID);

$logOptions_id = $logOptions_id[1];

 

Marco

[Adam]

In PHP you can access a string like an array, but you're returned the character at that position instead.

 

$logOptions_id = $logOptions_id[1];

This statement is trying to get the second character (indexes start from 0) in the string, which doesn't exist. I can't really say what should happen in that case as I didn't write the code, but you can prevent the error by first checking it exists with isset.

[clausowitz]

it's all going wrong with the login scripts. after I pass the login.php page this code checks on every page if I am really logged in.

 

in the login page these are set

// Create session var for their raw id
				$id = $row["id"];   
				$_SESSION['id'] = $id;
				// Create the idx session var
				$_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id");
                    // Create session var for their username
				$username = $row["username"];
				$_SESSION['username'] = $username;
				// Create session var for their email
				$useremail = $row["email"];
				$_SESSION['useremail'] = $useremail;
				// Create session var for their password
				$userpass = $row["password"];
				$_SESSION['userpass'] = $userpass;
				// GET USER IP ADDRESS
		        $ipaddress = getenv('REMOTE_ADDR');

 

 

<?php
if (!isset($_SESSION['idx'])) {session_start();
}
// Start Session First Thing
// Force script errors and warnings to show on page in case php.ini file is set to not display them
error_reporting(E_ALL);
ini_set('display_errors', '1');
//-----------------------------------------------------------------------------------------------------------------------------------
include_once "connect_to_mysql.php"; // Connect to the database
$dyn_www = $_SERVER['HTTP_HOST']; // Dynamic www.domainName available now to you in all of your scripts that include this file
$logOptions_id = '';
//------ CHECK IF THE USER IS LOGGED IN OR NOT AND GIVE APPROPRIATE OUTPUT -------
$logOptions = ''; // Initialize the logOptions variable that gets printed to the page
// If the session variable and cookie variable are not set this code runs
if (!isset($_SESSION['idx'])) { 
  if (!isset($_COOKIE['idCookie'])) {
     $logOptions = '<a href="http://' . $dyn_www . '/register.php">Register Account</a>
    |    
 <a href="http://' . $dyn_www . '/login.php">Log In</a>';
   }
}
// If session ID is set for logged in user without cookies remember me feature set
if (isset($_SESSION['idx'])) { 
$decryptedID = base64_decode($_SESSION['idx']);
$id_array = explode("p3h9xfn8sq03hs2234", $decryptedID);
$logOptions_id = $logOptions_id[1];
    $logOptions_username = $_SESSION['username'];
    $logOptions_username = substr('' . $logOptions_username . '', 0, 15); // cut user name down in length if too long

// Check if this user has any new PMs and construct which envelope to show
$sql_pm_check = mysql_query("SELECT id FROM private_messages WHERE to_id='$logOptions_id' AND opened='0' LIMIT 1");
$num_new_pm = mysql_num_rows($sql_pm_check);
if ($num_new_pm > 0) {
	$PM_envelope = '<a href="pm_inbox.php"><img src="/images/pm2.gif" width="18" height="11" alt="PM" border="0"/></a><span style="position: absolute; left: 880px; top: 15px; font-weight:bolder; background-color:red; color:#FFFFFF;"> '.$num_new_pm.' </span>';
} else {
	$PM_envelope = '<a href="/pm_inbox.php"><img src="/images/pm1.gif" width="18" height="11" alt="PM" border="0"/></a>
';
}

$send = '<a href="/pm_sentbox.php"><img src="/images/sm.gif" width="18" height="11" alt="Send Messages" border="0"/></a>';

    // Ready the output for this logged in user
$logOptions = $PM_envelope . '   '. $send . '   |  <a href="http://' . $dyn_www . '/index.php/">Home</a>
 | 
<a href="http://' . $dyn_www . '/profile.php?id=' . $logOptions_id . '">Profile</a>
 | 
<a href="http://' . $dyn_www . '/edit_profile.php">My Account</a>
 | 
<a href="http://' . $dyn_www . '/logout.php">Log Out</a>
';

} else if (isset($_COOKIE['idCookie'])) {// If id cookie is set, but no session ID is set yet, we set it below and update stuff 

$decryptedID = base64_decode($_COOKIE['idCookie']);
$id_array = explode("nm2c0c4y3dn3727553", $decryptedID);
$userID = $id_array[1]; 
$userPass = $_COOKIE['passCookie'];
// Get their user first name to set into session var
    $sql_uname = mysql_query("SELECT username, email FROM myMembers WHERE id='$userID' AND password='$userPass' LIMIT 1");
$numRows = mysql_num_rows($sql_uname);
if ($numRows == 0) {
	// Kill their cookies and send them back to homepage if they have cookie set but are not a member any longer
	setcookie("idCookie", '', time()-42000, '/');
    setcookie("passCookie", '', time()-42000, '/');
	header("location: index.php"); // << makes the script send them to any page we set
	exit();
}
    while($row = mysql_fetch_array($sql_uname)){ 
    $username = $row["username"];
	$useremail = $row["email"];
}

    $_SESSION['id'] = $userID; // now add the value we need to the session variable
$_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$userID");
    $_SESSION['username'] = $username;
$_SESSION['useremail'] = $useremail;
$_SESSION['userpass'] = $userPass;

    $logOptions_id = $userID;
    $logOptions_uname = $username;
$logOptions_uname = substr('' . $logOptions_uname . '', 0, 15); 
    ///////////          Update Last Login Date Field       /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    mysql_query("UPDATE myMembers SET last_log_date=now(), logged='1' WHERE id='$logOptions_id'"); 
    // Ready the output for this logged in user
    // Check if this user has any new PMs and construct which envelope to show
$sql_pm_check = mysql_query("SELECT id FROM private_messages WHERE to_id='$logOptions_id' AND opened='0' LIMIT 1");
$num_new_pm = mysql_num_rows($sql_pm_check);
if ($num_new_pm > 0) {
	$PM_envelope = '<a href="pm_inbox.php"><img src="images/pm2.gif" width="18" height="11" alt="PM" border="0"/></a>';
} else {
	$PM_envelope = '<a href="pm_inbox.php"><img src="images/pm1.gif" width="18" height="11" alt="PM" border="0"/></a>';
}
// Ready the output for this logged in user
$logOptions = $PM_envelope . '   '. $send . '   |  <a href="http://' . $dyn_www . '/index.php/">Home</a>	 | 
<a href="http://' . $dyn_www . '/profile.php?id=' . $logOptions_id . '">Profile</a>
  | 
<a href="http://' . $dyn_www . '/edit_profile.php">My Account</a>
  | 
<a href="http://' . $dyn_www . '/logout.php">Log Out</a>';
}
?>

 

 

[Pikachu2000]

A couple things that jump out right away . . .

 

This is a pointless conditional. You attempt to check if a session var is set before starting the session, so it will always return TRUE and start the session anyhow.

if( isset($_SESSION['idx']) ) {
     session_start();
}

 

You've initialized $logOptions_id as an empty string with this: $logOptions_id = ''; so of course there's a warning when you try to access it with $logOptions_id = $logOptions_id[1]; because there's nothing there. Then there's a query that uses the same empty variable, so that's most likely returning an empty results set.

[clausowitz]

Pickachu,

 

This is the code I use

if(!isset($_SESSION['idx']) ) {
     session_start();
}

 

If NOT is set.

 

On my initial server I didn't have this: $logOptions_id = '';

but because on the new server I got this error message I thought I put it in.

But it is not working of course.

 

 

[Pikachu2000]

I mistyped and left the ! out, but it doesn't change what I said. Think about it for a second. That's the first line in the code and there is no call to session_start() before that. If the session isn't started, then there is no $_SESSION['idx'] variable to begin with, so the conditional will return TRUE every time.

[clausowitz]

you are right, however this code is not the first on the website.

First there is the login.php which sets a session. And then whenever I open a page like index.php there is the followin code:

 

 <?php
// Start_session, check if user is logged in or not, and connect to the database all in one included file
include_once("scripts/checkuserlog.php");

/////////////////////Member log in double check  //////////////////////////////////
if (!isset($_SESSION['idx'])) { 
    $msgToUser = '<br /><br /><font color="#FF0000">Only site members can do that</font><p><a href="register.php">Join Here</a></p>';
    include_once 'msgToUser.php'; 
    exit(); 
} else if ($logOptions_id != $_SESSION['id']) {
echo $logOptions_id;
echo $_SESSION['id'];
$msgToUser = '<br /><br /><font color="#FF0000">Only site members can do that</font><p><a href="register.php">Join Here</a></p>';
    include_once 'msgToUser.php'; 
    exit(); 
}

 

So it is actually checking if we came through login.php

[clausowitz]

solved one problem, was a code mix up:

<?php if (isset($_SESSION['idx'])) { 
$decryptedID = base64_decode($_SESSION['idx']);
$id_array = explode("p3h9xfn8sq03hs2234", $decryptedID);
$logOptions_id = $id_array[1];
    $logOptions_username = $_SESSION['username'];
    $logOptions_username = substr('' . $logOptions_username . '', 0, 15);

 

However the $logOptions_id and $_SESSION['id'] are still not the same.

Both created in login.php from the user id in the database.

<?php $id = $row["id"];   
$_SESSION['id'] = $id;
// Create the idx session var
$_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id")

 

any thoughts?