sleepnot Posted April 16, 2012 Share Posted April 16, 2012 it says. Notice: Undefined index: logged in C:\wamp\www\WAR\luga\index.php on line 10 Notice: Undefined index: userlogin in C:\wamp\www\WAR\luga\index.php on line 54 Notice: Undefined index: password in C:\wamp\www\WAR\luga\index.php on line 54 wrong pawssword or username, please try againplease enter your login information to proceed with our site <html> <head> <title>login page</title> </head> <body bgcolor="white" style="color:black"> <form action="index.php" method=get> <h1 align="center" style="color:black" >Welcome to this simple application</h1> <?php session_start(); if( $_SESSION["logging"]&& $_SESSION["logged"]) { print_secure_content(); } else { if(!$_SESSION["logging"]) { $_SESSION["logging"]=true; loginform(); } else if($_SESSION["logging"]) { $number_of_rows=checkpass(); if($number_of_rows==1) { $_SESSION[user]=$_GET[userlogin]; $_SESSION[logged]=true; print"<h1>you have loged in successfully</h1>"; print_secure_content(); } else{ echo "wrong pawssword or username, please try again"; loginform(); } } } function loginform() { echo "please enter your login information to proceed with our site"; echo ("<table border='2'><tr><td>username</td><td><input type='text' name='userlogin' size'20'></td></tr><tr><td>password</td><td><input type='password' name='password' size'20'></td></tr></table>"); echo "<input type='submit' >"; echo "<h3><a href='registerform.php'>register now!</a></h3>"; } function checkpass() { $servername="localhost"; $username="root"; $conn= mysql_connect($servername,$username)or die(mysql_error()); mysql_select_db("uploads",$conn); $sql="select * from users where name='$_GET[userlogin]' and password='$_GET[password]'"; $result=mysql_query($sql,$conn) or die(mysql_error()); return mysql_num_rows($result); } function print_secure_content() { echo("<b><h1>hi mr.$_SESSION[user]</h1>"); echo "<br><h2>only a logged in user can see this</h2><br><a href='logout.php'>Logout</a><br>"; } ?> </form> </body> </html> Link to comment https://forums.phpfreaks.com/topic/261021-help-unidentified-index/ Share on other sites More sharing options...
creata.physics Posted April 16, 2012 Share Posted April 16, 2012 Those are just notice errors, they don't really mean anything other than your variables you're checking currently aren't set. I would however recommend you change your form method to post and all your $_GET to $_POST. That way the username and password won't be set to the url and you can avoid getting hacked. I don't see that you have mysql_escape_string anywhere so anybody can log in as an admin on your site as long as they know the username. Link to comment https://forums.phpfreaks.com/topic/261021-help-unidentified-index/#findComment-1337775 Share on other sites More sharing options...
AyKay47 Posted April 16, 2012 Share Posted April 16, 2012 The notices indicate that the form has not been submitted yet and therefore the $_GET data does not exist most likely. You should be checking for the indices existence first by using isset. if(isset($_GET['userlogin'])) { //true block } Never use $_GET when passing sensitive data. Link to comment https://forums.phpfreaks.com/topic/261021-help-unidentified-index/#findComment-1337779 Share on other sites More sharing options...
Maq Posted April 16, 2012 Share Posted April 16, 2012 sleepnot, In the future, place OR tags around your code. Link to comment https://forums.phpfreaks.com/topic/261021-help-unidentified-index/#findComment-1337924 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.