Jump to content

Probelm with undefined index id

aquilina

By aquilina
in PHP Coding Help

Recommended Posts

aquilina Member

aquilina

Posted
Posted

currently i faced an error with undefined index id at line 3 at class_student.php ... smth wrong with my $get_id = $_GET['id']; .. mind take a look thank..

 

class_student.php file

<?php include ('session.php'); ?>
<?php
$get_id = $_GET['id'];
include('header.php');
$user_query = mysql_query("select * from student where student_id='$session_id'") or die(mysql_error());
$user_row = mysql_fetch_array($user_query);
?>

<?php
$query_class = mysql_query("select * from class where class_id='$get_id'") or die(mysql_error());
$row_class = mysql_fetch_array($query_class);
$teacher_id = $row_class['teacher_id'];

$teacher_query=mysql_query("select *from teacher where teacher_id='$teacher_id'")or die(mysql_error());
$teacher_row=  mysql_fetch_array($teacher_query);
?>
<body>

    <?php include('navhead_student.php'); ?>

    <div class="container">
        <div class="row-fluid">
            <div class="span3">
                <div class="hero-unit-3">
                    <div class="alert-index alert-success">
                        <i class="icon-calendar icon-large"></i>
                        <?php
                        $Today = date('y:m:d');
                        $new = date('l, F d, Y', strtotime($Today));
                        echo $new;
                        ?>
                    </div>
                </div>
                <div class="hero-unit-1">
                    <ul class="nav  nav-pills nav-stacked">
                        <li class="nav-header">Links</li>
                        <li>
                            <a href="student_home.php"><i class="icon-home icon-large"></i> Home
                                <div class="pull-right">
                                    <i class="icon-double-angle-right icon-large"></i>
                                </div>  
                            </a>

                        </li>
                        <li class="active">
                            <a href="student_class.php"><i class="icon-group icon-large"></i> Class
                                <div class="pull-right">
                                    <i class="icon-double-angle-right icon-large"></i>
                                </div>  
                            </a></li>

                    </ul>
                </div>

            </div>
            <div class="span9">

                <a href="student_class.php" class="btn btn-success"><i class="icon-arrow-left"></i> Back</a>
                <br><br>
                <div class="alert">Class:<a href="" > <strong><?php echo $row_class['course_id']; ?></strong></a>
                             
                    Subject:<a href=""> <strong><?php echo $row_class['subject_id']; ?></strong></a>
                     
                    Teacher::<a href=""> <strong><?php echo $teacher_row['firstname']." ".$teacher_row['lastname']; ?></strong></a>
                </div>

                <div class="hero-unit-3">
                    <table cellpadding="0" cellspacing="0" border="0" class="table table-striped table-bordered" id="example">
                        <div class="alert alert-info">
                            <button type="button" class="close" data-dismiss="alert">×</button>
                            <strong><i class="icon-user icon-large"></i> Files</strong>
                        </div>
                        <thead>
                            <tr>

                                <th>File Name</th>
                                <th>Description</th>
                                <th>Date Uploaded</th>
                                <th>Action</th>
                            </tr>
                        </thead>
                        <tbody>
                            <?php
                            $query = mysql_query("select * from files where class_id = '$get_id'") or die(mysql_error());
                            while ($row = mysql_fetch_array($query)) {
                                $file_id = $row['file_id'];
                                ?>
                                <tr class="odd gradeX">

                                    <!-- script -->
                            <script type="text/javascript">
                                $(document).ready(function(){
                                                                    
                                    $('#d<?php echo $file_id; ?>').tooltip('show')
                                    $('#d<?php echo $file_id; ?>').tooltip('hide')
                                });
                            </script>
                            <!-- end script -->

                            <td><?php echo $row['fname'] ?></td>
                            <td><?php echo $row['fdesc']; ?></td> 
                            <td><?php echo $row['fdatein']; ?></td>
                            <td width="50">
                                <a href="<?php echo $row['floc']; ?>" rel="tooltip"  title="Download File" id="d<?php echo $file_id; ?>"  role="button"  data-toggle="modal" class="btn btn-info"><i class="icon-download-alt icon-large"></i></a>

                            </td>

                            </tr>
                        <?php } ?>
                        </tbody>
                    </table>
                    <!-- end slider -->
                </div>
            </div>

        </div>
        <?php include('footer.php'); ?>
    </div>
</div>
</div>
</body>
</html>
Link to comment
https://forums.phpfreaks.com/topic/288743-probelm-with-undefined-index-id/
Share on other sites
Jacques1 Prolific Member

Jacques1

Posted
Posted

You have no id parameter in the URL.

 

Besides that, your code is wide open to SQL injection attacks. Never drop user input directly into a query string. This can be used to steal or change critical data by manipulating the query.

 

Everything that goes into a query must be quoted and escaped:

mysql_query('
	SELECT
		-- something useful, not just "*"
	FROM
		class
	WHERE
		class_id = "' . mysql_real_escape_string($get_id) . '"
');

Besides that, the old MySQL extension is long obsolete and will be removed in one of the next versions. PHP 5.5 already emits tons of error messages when you use it. Didn't you see the big red warnings in the manual?

 

Nowadays, we use PDO.

aquilina Member

aquilina

Posted
  • Author
Posted

You have no id parameter in the URL.

 

Besides that, your code is wide open to SQL injection attacks. Never drop user input directly into a query string. This can be used to steal or change critical data by manipulating the query.

 

Everything that goes into a query must be quoted and escaped:

mysql_query('
	SELECT
		-- something useful, not just "*"
	FROM
		class
	WHERE
		class_id = "' . mysql_real_escape_string($get_id) . '"
');

Besides that, the old MySQL extension is long obsolete and will be removed in one of the next versions. PHP 5.5 already emits tons of error messages when you use it. Didn't you see the big red warnings in the manual?

 

Nowadays, we use PDO.

oh yeah there no such id parameter in my database.. its student_id actually but still have that index student_id error.. sorry i'm kind of lost here.. i mixed up everything since too much changing with php/mysql things. just put the injection attack aside 1st :x let me show the page that linked to the class_student.php.

 

student_class.php (link with class_student.php) not so sure the sql thing inside there going good or no.. by the way i run things code using dreamweaver..

<?php include ('session.php'); ?>
<?php
include('header.php');
$user_query = mysql_query("select * from student where student_id='$session_id'") or die(mysql_error());
$user_row = mysql_fetch_array($user_query);
?>
<body>

    <?php include('navhead_student.php'); ?>

    <div class="container">
        <div class="row-fluid">
            <div class="span3">
                <div class="hero-unit-3">
                    <div class="alert-index alert-success">
                        <i class="icon-calendar icon-large"></i>
                        <?php
                        $Today = date('y:m:d');
                        $new = date('l, F d, Y', strtotime($Today));
                        echo $new;
                        ?>
                    </div>
                </div>
                <div class="hero-unit-1">
                    <ul class="nav  nav-pills nav-stacked">
                        <li class="nav-header">Links</li>
                        <li>
                            <a href="student_home.php"><i class="icon-home icon-large"></i> Home
                                <div class="pull-right">
                                    <i class="icon-double-angle-right icon-large"></i>
                                </div>  
                            </a>

                        </li>
                        <li class="active">
                            <a href="student_class.php"><i class="icon-group icon-large"></i> Class
                                <div class="pull-right">
                                    <i class="icon-double-angle-right icon-large"></i>
                                </div>  
                            </a></li>

                    </ul>
                </div>

            </div>
            <div class="span9">

                <div class="hero-unit-3">
                    <table cellpadding="0" cellspacing="0" border="0" class="table table-striped table-bordered" id="example">
                        <div class="alert alert-info">
                            <button type="button" class="close" data-dismiss="alert">×</button>
                            <strong><i class="icon-user icon-large"></i> My Classes</strong>
                        </div>
                        <thead>
                            <tr>

                                <th>Class</th>
                                <th>Subject</th>
                                <th>Teacher</th>
                            </tr>
                        </thead>
                        <tbody>

                            <?php
                            $query = mysql_query("select * from sws where  student_id='$session_id'") or die(mysql_error());
                            while ($row = mysql_fetch_array($query)) {
                                $class_id = $row['class_id'];
                                $teacher_id = $row['teacher_id'];

                                $teacher_query = mysql_query("select * from teacher where teacher_id='$teacher_id'") or die(mysql_error());
                                $teacher_row = mysql_fetch_array($teacher_query);
                                ?>
                                <tr class="odd gradeX">


                                    <td><?php echo $row['cys']; ?></td>
                                    <td><a rel="tooltip"  title="View Class" id="v<?php echo $class_id; ?>"  href="class_student.php<?php echo '?id=' . $class_id; ?>" class="btn btn-info"> <i class="icon-file-alt icon-large"></i> <?php echo $row['subject_id']; ?></a></td> 
                                    <td><?php echo $teacher_row['firstname'] . " " . $teacher_row['lastname']; ?></td>   


                                </tr>
<?php } ?>
                        </tbody>
                    </table>
                    <!-- end slider -->
                </div>
            </div>

        </div>
<?php include('footer.php'); ?>
    </div>
</div>
</div>


</body>
</html>

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.