Jump to content

Recommended Posts

it says.

Notice: Undefined index: logged in C:\wamp\www\WAR\luga\index.php on line 10

 

Notice: Undefined index: userlogin in C:\wamp\www\WAR\luga\index.php on line 54

 

Notice: Undefined index: password in C:\wamp\www\WAR\luga\index.php on line 54

wrong pawssword or username, please try againplease enter your login information to proceed with our site

 

<html>
<head>
<title>login page</title>
</head>
<body bgcolor="white" style="color:black">
<form action="index.php" method=get>
<h1 align="center" style="color:black" >Welcome to this simple application</h1>
<?php
session_start(); 
if( $_SESSION["logging"]&& $_SESSION["logged"])
{
     print_secure_content();
}
else {
    if(!$_SESSION["logging"])
    {
    $_SESSION["logging"]=true;
    loginform();
    }
       else if($_SESSION["logging"])
       {
         $number_of_rows=checkpass();
         if($number_of_rows==1)
            {	
         $_SESSION[user]=$_GET[userlogin];
         $_SESSION[logged]=true;
         print"<h1>you have loged in successfully</h1>";
         print_secure_content();
            }
            else{
               	echo "wrong pawssword or username, please try again";	
                loginform();
            }
        }
     }
     
function loginform()
{
echo "please enter your login information to proceed with our site";
echo ("<table border='2'><tr><td>username</td><td><input type='text' name='userlogin' size'20'></td></tr><tr><td>password</td><td><input type='password' name='password' size'20'></td></tr></table>");
echo "<input type='submit' >";
echo "<h3><a href='registerform.php'>register now!</a></h3>";
}

function checkpass()
{
$servername="localhost";
$username="root";

$conn=  mysql_connect($servername,$username)or die(mysql_error());

mysql_select_db("uploads",$conn);

$sql="select * from users where name='$_GET[userlogin]' and password='$_GET[password]'";
$result=mysql_query($sql,$conn) or die(mysql_error());
return  mysql_num_rows($result);
}

function print_secure_content()
{
echo("<b><h1>hi mr.$_SESSION[user]</h1>");
    echo "<br><h2>only a logged in user can see this</h2><br><a href='logout.php'>Logout</a><br>";	

}
?>

</form>
</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/261021-help-unidentified-index/
Share on other sites

Those are just notice errors, they don't really mean anything other than your variables you're checking currently aren't set.

 

I would however recommend you change your form method to post and all your $_GET to $_POST. That way the username and password won't be set to the url and you can avoid getting hacked.

 

I don't see that you have mysql_escape_string anywhere so anybody can log in as an admin on your site as long as they know the username.

The notices indicate that the form has not been submitted yet and therefore the $_GET data does not exist most likely.

You should be checking for the indices existence first by using isset.

 

if(isset($_GET['userlogin']))
{
  //true block
}

 

Never use $_GET when passing sensitive data.

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.