Undefined Index (I'd prefer it that it's FIXED)

[Brentatechnologies]

Hey,

 

I'm getting an undefined index in my final test and would like to know that this is fixed and I don't have to worry about any troubles..

 

here is what's going on

Notice: Undefined index: register in C:\wamp\www\unitedsticks\insert.php on line 6

Registered!

Return

Notice: Undefined index: class in C:\wamp\www\unitedsticks\insert.php on line 58

1 record added

 

Now...It Registers and does everything it's meant to, I just want the undefined index gone...here's my coding:

THIS IS insert.php

<?php
session_start();
mysql_connect("localhost", "root", ""); // Server connection
mysql_select_db("myfirstdatabase"); // Database selection
$page = $_POST['register']; // Setting the page value
$user = $_POST['username']; // Setting the user value
$pass = $_POST['password']; // Setting the pass value

if($page == 1)
{
    //This means that the page is the register form so the register form code goes here
    $query = mysql_query("select * FROM userdata WHERE username = '$user'"); // Queries the Database to check if the user already exists
    if(mysql_num_rows($query) !== 0) // Checks if there is any rows with that user
    {
        echo "THIS USER IS ALREADY TAKEN!"; // Stops there 
    }
    else
    {
        mysql_query("INSERT INTO userdata (username, password) VALUES('$user', '$pass')"); // Inserts into the database.
        echo "REGISTERED! <BR> <a href='index.php'>Go to the login page</a>"; //Link and text to go to the login

    }    
}
?>

<?php
if($page == 0)
{
    //This means that the page is the login form so the register form code goes here
    $query = mysql_query("SELECT username FROM userdata WHERE username = '$user'"); // Queries the Database to check if the user doesn't exist
    if(mysql_num_rows($query) == 0) // Checks if there is any rows with that user
    {
        echo "User doesn't exist"; // Stops there 
    }
    $query = mysql_query("SELECT username FROM userdata WHERE username = '$user' AND password = '$pass'");
    if(mysql_num_rows($query) !== 0) // Checks if there is any rows with that user and pass
    {

        echo "Registered!<BR> <a href='index.php'>Return</a>"; //Link and text to go to the login
        $_SESSION['LOGGEDIN'] = 1;
    }
    
}



?>
<?php
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("database", $con);

$sql="INSERT INTO register (username, password, class) VALUES ('$_POST[username]','$_POST[password]','$_POST[class]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";

mysql_close($con)
?>

 

 

 

And my other coding:

<html>
<body>
<center><p><p><!-- Main Table(You can define padding accordingly) -->
<table width="50%" border="0" cellspacing="0" cellpadding="5">

<td width="50%">

<!-- Table on left side -->
<table width="90%" height="100%" border="1" cel1pacing="0" cellpadding="0" BORDERCOLOR="#007FFF">
<body style="background-color:;">

<td><h3><center><h3  style="background: blue; color: white;">Create Account Here<br></font></center></h2><p>
<h4><p>Login Information</h4></p>
<form action="insert.php" method="post">
Username: <input type="text" name="username" /><br>
Password: <input type="password" name="password" />
<h3>Choose your Class</h2>
<table width="100%" border="1">
  <tr>
  
  

      <p>
        <label>
          <input type="radio" name="class" value="Clubber" id="SC" />
          Clubber</label>
	  
        <br />
        <label>
          <input type="radio" name="class" value="Pastamancer" id="PM" />
          Pastamancer</label>
        <br />
        <label>
          <input type="radio" name="class" value="" id="" /><br>
	  <center><input type="submit" /></center>
          </label>
        <br />
      </p></td>
  </tr>
</table>


</form>
</body>
</html>

 

Thanks for any help...

 

Brent.

[spiderwell]

it is saying that $_POST['register'] does not exist.

 

use isset($_POST['register']) to check if it exists, then pass it to a variable, the same occurs on class if none of the radio options are selected

 

this line:

$sql="INSERT INTO register (username, password, class) VALUES ('$_POST[username]','$_POST[password]','$_POST[class]')";

 

has a few errors, the biggest one is putting unsantized data into an sql statement, this is not advised, it allows the possiblity of sql injections, the other part is that your ' are missing from the $_POST:

 

$sql="INSERT INTO register (username, password, class) VALUES ('$_POST['username']','$_POST['password']','$_POST['class']')";  but you say it is working so maybe that bit isnt wrong? I am not 100% sure on that bit

 

 

[Brentatechnologies]

Thanks for your reply,

I added in to make sure I have everything working, so I gave a try of your code and it returns an error

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\wamp\www\unitedsticks\insert.php on line 58

 

I have never seen an error like that...mind explaining if you have the time

Regards

Brent.

[spiderwell]

if its the sql line then its probably the extra ' i put in, i did say i wasn't sure about that one. however the undefined index at that line for class is appearing for the reason mentioned previously

 

it would be better off being re written completely. I havent checked this code for syntax errors but it is probably ok:

 

$username = (isset($_POST['username'])) ? $_POST['username'] : false; // if its set, grab it otherwise false
$password= (isset($_POST['password'])) ? $_POST['password'] : false;
$class= (isset($_POST['class'])) ? $_POST['class'] : false;
if (!$username|| !$password || !$class ) // if any are false
{
//some code to prevent non entered fields perhaps
}
else
{
//some other code here perhaps to santize the data, maybe also use md5 or sha1 to not store password in text format
$sql="INSERT INTO register (username, password, class) VALUES ('$username','$password','$class')";
}