Jump to content

undefined variable

mindapolis

By mindapolis
in PHP Coding Help

 Share

Recommended Posts

mindapolis Advanced Member

mindapolis

Posted
Posted

Hi, why is it giving me this error Notice: Undefined variable: year in /web/html/mediaservicesunlimited.com/contactUs.php on line 49 but I did define year on line 39

<?php
require_once('functions.php');
databaseConnection();
error_reporting(-1);
ini_set('display_errors', 1);

if ($_POST)
    {
    $error = array();

    if (empty($_POST['fname']))
        {
        $error['fname'] = "<span class='error'>Please enter your first name.</span>";
        }
    if (empty($_POST['lname']))
        {
        $error['lname'] = "<span class='error'>Please enter your last name.</span>";
        }

    if (!count($error))

        {        //Do something
        die("Do Something here");
        }
    
	if(isset($_POST['submit'])) {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$orgName = $_POST['orgName'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zipcode = $_POST['zipcode'];
$phone = $_POST['phone'];
$fax = $_POST['fax'];
$email = $_POST['email'];
$confirmEmail = $_POST['confirmEmail'];
$projectOptions = $_POST['projectOptions'];
$projectOverview = $_POST['projectOverview'];
$year = $_POST['year'];
$services=array('social media', 'web content management', 'marketing material creation', 'SEO', 'video editing' , 'web design');
	}
mysql_select_db("www_mediaservicesunlimited_com");
$sql="INSERT INTO clients (fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,projectOptions,projectOverview,year)
		VALUES  ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )"; 
}
///mysql_query($sql,$databaseConnection); 
///mysql_close($databaseConnection); 
 	if ($year !="2015") {
		print "Please enter the current year"; 
	}
 ?>
<!doctype html>
<html>
<head>
      <meta charset="utf-8">
      <style type="text/css">
		#contactForm label, #contactForm input {
			margin-bottom:20px;
		  }
      </style>
      <title>Untitled Document</title>
   </head>
   <body>
   	
    	<div id="contactForm">  
         <form action ="contactUs.php" method="post">
         <label>  
           <label for "fname"> First Name:</label>
                  <input id = "fname" type="text" name="fname" size="15" value ="<?php echo !empty($_POST['fname']) ? $_POST['fname'] : '';?>" >	<?php echo !empty($error['fname']) ? $error['fname'] : '';?>
			<label for "lname">Last Name:</label>
                   <input type="text" name="lname" size="20"><?php echo !empty($error['lname']) ? $error['lname'] : '';?>
			<label for="orgName">Organization's Name:</label>
			<input type="text" name="orgName" maxlength="50">
			</label><br />
			<label> <!--new row -->   
				<label for "address">Street Address: </label>
                  <input id = "address" type="text" name="address" size="15" maxlength="50">
				<label id="city">City: </label>
                  <input id = "city" type="text" name="city" size="10" maxlength="25">
                <label  for "state"> State:	</label>
                  <select id  = "state" name = "state"  value="">
                     <option value ="Please choose a state">
                        Please choose a state
                     </option>
                     <?php states($state); ?>
                  </select>
         		<label for "zipcode">Zipcode:</label>
                  <input id = "zipcode" type="number" name="zipcode" size="5" maxlength="5">
             </label><br />
		 	<label> <!--new row -->
              <label for "phone">  Phone Number:(including area code)  <br /> </label>
                  <input type="text" name="phone" size="10" maxlength="10">  
            <label for="fax">Fax Number: (including area code)
</label>    	
                  <input type="text" name="fax" size="10" maxlength="10">
			</label><br />
			<label> <!--new row-->
            	<label for="email">Email: </label> 
                  <input type="text" id = "email" name="email" />
				<label for="confirmEmail"> Confirm Email:</label>
                  <input type="text" id = "confirmEmail" name="ConfirmEmail" />
</label><br />
			<label> <!--new row -->
            <label for "projectChoices"> What would you like help with?  <br /></label>
             <table id="projectOptions">
                     <tr span=2>
                        <td><input type="checkbox" name="SocialMedia">Social Media </td>
                        <td><input type="checkbox" name="WebContentManagement">Web Content Management 	</td>
                     </tr>
                     <tr>
                        <td><input type="checkbox" name="MarketingMaterials">Marketing Material Creation  </td>
                        <td><input type="checkbox" name="SEO">SEO (Search Engine Optimization) 	</td>
                     </tr>
                     <tr>
                        <td><input type="checkbox" name="VideoEditing"> Video Editing  </td>
                        <td><input type="checkbox" name="WebDesign">Web Design  	</td>
                     </tr>
                  </table>
			<label for="projectOverview"> Overview about the project:</label><textarea rows="5" cols="10"></textarea>  <br />
 If you are not a robot, what year is it? <input type="text" name="year" size="4" maxlength="4"><br />
<input type="submit" name="submit" value="Contact Me!">
<input type="reset">
         </form>
		</div>
   </body>
</html>
Link to comment
Share on other sites
benanamen Prolific Member

benanamen

Posted
Posted (edited)

For starters, your if(post) and if(submit) is the same exact thing but you have separated them as though they are separate actions. Your $year !="2015" is outside of both of those, so it is undefined.

 

Why do you have $services array? It does absolutely nothing in the code you posted. You also have a random opening label tag.

 

And then, you create all those extra post variables but use the actual POST for the insert which wont work anyways as you have it written.

 

You are also vulnerable to SQL Injection. You NEVER EVER send user supplied data directly to the database. You are also using deprecated code. You need to use PDO with prepared statements.

 

The whole thing is pretty much junk and needs to be re-written from the ground up.

Edited by benanamen
Link to comment
Share on other sites
  • 2 weeks later...
mindapolis Advanced Member

mindapolis

Posted
  • Author
Posted (edited)

Ok, I think I'm getting closer, but I don't understand what to put in this section

VALUES (?,?,NOW(),?,?)');
$stmt -> bind_param('ssi',

that's from the code below

$stmt = $mysqli -> prepare('INSERT INTO clients fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,projectOptions,projectOverview,year); 
                            VALUES (?,?,NOW(),?,?)');
$stmt -> bind_param('ssi', 		VALUES  ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' ); 
$stmt -> execute();
$stmt -> close();

 

 

 

 

Edited by mindapolis
Link to comment
Share on other sites
Barand Prolific Member

Barand

Posted
Posted

Do you put question marks for every variable going into the database table

 

Yes, where did you get this from

 VALUES (?,?,NOW(),?,?)

when you need to put values into 14 columns?

 

And here, when you bind, you specify 14 variables but only define types ('ssi') for 3, none of which is an integer. And where, in the examples in the manual, did you see VALUES() in a bind statement syntax?

 

$stmt -> bind_param('ssi',         VALUES ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' );

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.