[SOLVED] Notice: Undefined index: login in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel

rofl90 · January 26, 2008

Heres a bit of my code

<?php

session_start();

$host = "mysql10.streamline.net";

$user = "xxx";

$pass = "xxx";

$db = "prowebdes1";



$ms = mysql_connect($host, $user, $pass);

if(!$ms) { echo "Error connecting to database.\n"; }

mysql_select_db($db);



if($_GET['login'] == "login") {

$user1_post = addslashes($_POST["username_post"]);

$pass1_post = addslashes($_POST["password_post"]);

$pass1_post = md5($pass1_post);

if($user1_post == "" or $pass1_post == "") { echo "<b>You Did Not Enter A Password</b>"; exit; }

rofl90 · January 26, 2008

Couldn't edit:

Btw I don't see why its an error as I do define it has login ?

:S Could somebody explain =)

Thx

darkfreaks · January 26, 2008

try:

<?php

if (isset($_GET['login'])) {

$user1_post = addslashes($_POST["username_post"]);

$pass1_post = addslashes($_POST["password_post"]);

$pass1_post = md5($pass1_post);

}else { echo " error message";}

?>

rofl90 · January 26, 2008

error message

Notice: Undefined variable: user1_post in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel\index.php on line 37

Notice: Undefined variable: pass1_post in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel\index.php on line 39

Notice: Undefined variable: user1_post in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel\index.php on line 43

Notice: Undefined variable: pass1_post in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel\index.php on line 43

<?php

session_start();

$host = "mysql10.streamline.net";

$user = "prowebdes1";

$pass = "hello1";

$db = "prowebdes1";



$ms = mysql_connect($host, $user, $pass);

if(!$ms) { echo "Error connecting to database.\n"; }

mysql_select_db($db);




if (isset($_GET['login'])) {

$user1_post = addslashes($_POST["username_post"]);

$pass1_post = addslashes($_POST["password_post"]);

$pass1_post = md5($pass1_post);

}else { echo " error message";}




list($user) = mysql_fetch_array(mysql_query("SELECT `username` FROM `staff` WHERE username='$user1_post'"));

list($pass) = mysql_fetch_array(mysql_query("SELECT `password` FROM `staff` WHERE password='$pass1_post'"));



if($user1_post == "$user" and $pass1_post == "$pass") {

$sql = mysql_query("SELECT * FROM `staff` WHERE username='$user' AND password='$pass'");

if(mysql_num_rows($sql)!= 1) { exit; }

$result = mysql_fetch_array($sql);



$_SESSION['session_username'] = $result['username'];

$_SESSION['session_level'] = $result['level'];

$_SESSION['session_ip'] = $_SERVER['REMOTE_ADDR'];



echo "<meta http-equiv=\"refresh\" content=\"0;url=main.php\">";

        exit;

} else { echo "<b>Your Username And Password Did Not Match</b>"; }
?>



<body bgcolor="#F45000" bgproperties="fixed" style="background-image: url('habboback.gif')">







<p align="center"> 

</p>



<center>

<div align="center">

<table width="329" height="3" style="border-collapse: collapse" cellpadding="0" cellspacing="0" id="table2">

<tr>

			<td width="330" height="11" align="center">

                </td>

		</tr>

<tr>

			<td align="center" width="400" background="hk_middle.gif" height="342">

			<form action="<?php echo "$PHP_SELF"; ?>?login=login" method="POST">

                  <font size="1"><br>

				 <img border="0" src="enterHH%20copy.gif" width="105" height="106"><br>

 </font><table border="0" id="table3" width="252" height="87">

<tr>

	<td>

	<p align="center"><b><font size="1" face="Verdana">Username:</font></b></td>

	<td><?

echo "<select size='1' name='username_post'>

<option selected>Choose Your Name</option>";

include('dbConfig.php');

$result = mysql_query("SELECT * FROM `staff`");

while($worked = mysql_fetch_array($result)) {

$username = $worked["username"];

echo "<option value=$username>$username</option>";

}

mysql_close(); ?>

</select></td>

	<td height="77" rowspan="4"> </td>

	</tr>

<tr>

	<td>

	<p align="center"><font size="1" face="Verdana"><b>Password:</b></font></td>

	<td>

	<p align="center"><font color="#FFFFFF" size="1" face="Verdana"> 

	<input type="password" name="password_post" size="26"></font></td>

</tr>

<tr>

	<td width="62"></td>

	<td width="172">

	 <input type='image' name='myclicker' src='hk_button.gif'></td>

	</tr>

	<tr>

	<td valign="top" colspan="2">

	<p align="center"></td>

	</tr>

</table>

<p align="center"><font face="Verdana" size="1" color="#FFFFFF">Warning Your IP Address is 
<?php
$ipa = getenv("REMOTE_ADDR");
echo "$ipa";
?>
Authorised FlyTropica staff only, we will do everything in our power to track down any 

unauthorised people. Abuse of this tool is strictly against the terms and 

conditions of service.</font></p>

</form></td>

</tr>

</table>



</div>













<p align="center"> </p>

rofl90 · January 26, 2008

Thats rather strange it is defined...:

$user1_post = addslashes($_POST["username_post"]);

$pass1_post = addslashes($_POST["password_post"]);

its defined riiight there.

awpti · January 26, 2008

Turn off error reporting.

You don't NEED to fix those since they aren't, technically, errors. Just notices that it was undefined before.

To truly fix it: - See my comments in the code.


<?php

// This is why you are getting the error. You are using the variables even if they aren't defined.
// Your conditional logic is wrong (and this isn't even part of it - which it should be)
list($user) = mysql_fetch_array(mysql_query("SELECT `username` FROM `staff` WHERE username='$user1_post'"));

list($pass) = mysql_fetch_array(mysql_query("SELECT `password` FROM `staff` WHERE password='$pass1_post'"));

to 'fix' this without modifying the logic (please don't do it this way)

<?php
$user1_post = '';
$pass1_post = '';

/// rest of code here.

darkfreaks · January 26, 2008

turning off error report is not a solution its just a fix.

try :

<?php

session_start();

$host = "mysql10.streamline.net";

$user = "prowebdes1";

$pass = "hello1";

$db = "prowebdes1";



$ms = mysql_connect($host, $user, $pass);

if(!$ms) { echo "Error connecting to database.\n"; }

mysql_select_db($db);




if (isset($_GET['login'])) {

$user1_post = addslashes($_GET["username_post"]);


$pass1_post = addslashes($_GET["password_post"]);

$pass1_post = md5($pass1_post);

}else { echo " error message";}




list($user) = mysql_fetch_array(mysql_query("SELECT `username` FROM `staff` WHERE username='$user1_post'"));

list($pass) = mysql_fetch_array(mysql_query("SELECT `password` FROM `staff` WHERE password='$pass1_post'"));



if($user1_post == "$user" and $pass1_post == "$pass") {

$sql = mysql_query("SELECT * FROM `staff` WHERE username='$user' AND password='$pass'");

if(mysql_num_rows($sql)!= 1) { exit; }

$result = mysql_fetch_array($sql);



$_SESSION['session_username'] = $result['username'];

$_SESSION['session_level'] = $result['level'];

$_SESSION['session_ip'] = $_SERVER['REMOTE_ADDR'];



echo "<meta http-equiv=\"refresh\" content=\"0;url=main.php\">";

        exit;

} else { echo "<b>Your Username And Password Did Not Match</b>"; }
?>

awpti · January 26, 2008

Actually, turning off 'error' reporting is a solution.

NOTICES are not FATAL. Misnomer to refer to notices as errors

This is just yapping at bad coding practices.

awpti · January 26, 2008

to further clarify my previous post;

if (isset($_GET['login'])) { //If this evaluates to false..

$user1_post = addslashes($_GET["username_post"]); // <--this isn't defined
$pass1_post = addslashes($_GET["password_post"]); // <--this isn't defined
$pass1_post = md5($pass1_post); // <-- obviously, not defined.

}

rofl90 · January 26, 2008

error message

Notice: Undefined variable: user1_post in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel\index.php on line 38

Notice: Undefined variable: pass1_post in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel\index.php on line 40

Notice: Undefined variable: user1_post in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel\index.php on line 44

Notice: Undefined variable: pass1_post in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel\index.php on line 44

now ;/

<?php

session_start();

$host = "mysql10.streamline.net";

$user = "x";

$pass = "x;

$db = "prowebdes1";



$ms = mysql_connect($host, $user, $pass);

if(!$ms) { echo "Error connecting to database.\n"; }

mysql_select_db($db);




if (isset($_GET['login'])) {

$user1_post = addslashes($_GET["username_post"]);


$pass1_post = addslashes($_GET["password_post"]);

$pass1_post = md5($pass1_post);

}else { echo " error message";}




list($user) = mysql_fetch_array(mysql_query("SELECT `username` FROM `staff` WHERE username='$user1_post'"));

list($pass) = mysql_fetch_array(mysql_query("SELECT `password` FROM `staff` WHERE password='$pass1_post'"));



if($user1_post == "$user" and $pass1_post == "$pass") {

$sql = mysql_query("SELECT * FROM `staff` WHERE username='$user' AND password='$pass'");

if(mysql_num_rows($sql)!= 1) { exit; }

$result = mysql_fetch_array($sql);



$_SESSION['session_username'] = $result['username'];

$_SESSION['session_level'] = $result['level'];

$_SESSION['session_ip'] = $_SERVER['REMOTE_ADDR'];



echo "<meta http-equiv=\"refresh\" content=\"0;url=main.php\">";

        exit;

} else { echo "<b>Your Username And Password Did Not Match</b>"; }
?>



<body bgcolor="#F45000" bgproperties="fixed" style="background-image: url('habboback.gif')">







<p align="center"> 

</p>



<center>

<div align="center">

<table width="329" height="3" style="border-collapse: collapse" cellpadding="0" cellspacing="0" id="table2">

<tr>

			<td width="330" height="11" align="center">

                </td>

		</tr>

<tr>

			<td align="center" width="400" background="hk_middle.gif" height="342">

			<form action="<?php echo "$PHP_SELF"; ?>?login=login" method="POST">

                  <font size="1"><br>

				 <img border="0" src="enterHH%20copy.gif" width="105" height="106"><br>

 </font><table border="0" id="table3" width="252" height="87">

<tr>

	<td>

	<p align="center"><b><font size="1" face="Verdana">Username:</font></b></td>

	<td><?

echo "<select size='1' name='username_post'>

<option selected>Choose Your Name</option>";

include('dbConfig.php');

$result = mysql_query("SELECT * FROM `staff`");

while($worked = mysql_fetch_array($result)) {

$username = $worked["username"];

echo "<option value=$username>$username</option>";

}

mysql_close(); ?>

</select></td>

	<td height="77" rowspan="4"> </td>

	</tr>

<tr>

	<td>

	<p align="center"><font size="1" face="Verdana"><b>Password:</b></font></td>

	<td>

	<p align="center"><font color="#FFFFFF" size="1" face="Verdana"> 

	<input type="password" name="password_post" size="26"></font></td>

</tr>

<tr>

	<td width="62"></td>

	<td width="172">

	 <input type='image' name='myclicker' src='hk_button.gif'></td>

	</tr>

	<tr>

	<td valign="top" colspan="2">

	<p align="center"></td>

	</tr>

</table>

<p align="center"><font face="Verdana" size="1" color="#FFFFFF">Warning Your IP Address is 
<?php
$ipa = getenv("REMOTE_ADDR");
echo "$ipa";
?>
Authorised FlyTropica staff only, we will do everything in our power to track down any 

unauthorised people. Abuse of this tool is strictly against the terms and 

conditions of service.</font></p>

</form></td>

</tr>

</table>



</div>













<p align="center"> </p>

awpti · January 26, 2008

Don't use the code given to you by darkfreaks. He didn't fix anything.

Your logic leaves those variables undefined if $_POST['login']

I've already spoon-fed you the fix. Use it

rofl90 · January 26, 2008

ok but i've just ended up with 'error message' being shown as in the 'else' ;/ but it doesn't even load are you saying that its in the wrong position? could you explain where it should be please. i dont really understand :S

sasa · January 26, 2008

can we see form part of script

rofl90 · January 26, 2008

scroll down the code its in ther

rofl90 · January 26, 2008

but ftr

<form action="<?php echo "$PHP_SELF"; ?>?login=login" method="POST">

                  <font size="1"><br>

				 <img border="0" src="enterHH%20copy.gif" width="105" height="106"><br>

 </font><table border="0" id="table3" width="252" height="87">

<tr>

	<td>

	<p align="center"><b><font size="1" face="Verdana">Username:</font></b></td>

	<td><?

echo "<select size='1' name='username_post'>

<option selected>Choose Your Name</option>";

include('dbConfig.php');

$result = mysql_query("SELECT * FROM `staff`");

while($worked = mysql_fetch_array($result)) {

$username = $worked["username"];

echo "<option value=$username>$username</option>";

}

mysql_close(); ?>

</select></td>

	<td height="77" rowspan="4"> </td>

	</tr>

<tr>

	<td>

	<p align="center"><font size="1" face="Verdana"><b>Password:</b></font></td>

	<td>

	<p align="center"><font color="#FFFFFF" size="1" face="Verdana"> 

	<input type="password" name="password_post" size="26"></font></td>

</tr>

<tr>

	<td width="62"></td>

	<td width="172">

	 <input type='image' name='myclicker' src='hk_button.gif'></td>

	</tr>

	<tr>

	<td valign="top" colspan="2">

	<p align="center"></td>

	</tr>

</table>

<p align="center"><font face="Verdana" size="1" color="#FFFFFF">Warning Your IP Address is 
<?php
$ipa = getenv("REMOTE_ADDR");
echo "$ipa";
?>
Authorised FlyTropica staff only, we will do everything in our power to track down any 

unauthorised people. Abuse of this tool is strictly against the terms and 

conditions of service.</font></p>

</form></td>

</tr>

</table>



</div>

rofl90 · January 26, 2008

hmm why is it evaluating to false ;S

sasa · January 26, 2008

wher you submit your form

rofl90 · January 26, 2008

On the same page.

rofl90 · January 28, 2008

bump!

trq · January 28, 2008

The problem is simple. You are trying to use variables which aren't defined. before using any variables, check to see if they exist. eg;

<?php

  if (isset($_POST['foo'])) {
    // it is safe to use $_POST['foo'] within here.
  }

?>

This should be done for all user submitted variables.

rofl90 · January 28, 2008

but i am :S

if (isset($_GET['login'])) {

$user1_post = addslashes($_POST["username_post"]);

$pass1_post = addslashes($_POST["password_post"]);

$pass1_post = md5($pass1_post);

}else { echo " error message";}

?>

trq · January 28, 2008

No your not. Your checking to see if $_GET['login'] exists, then going ahead and attempting to use $_POST["username_post"] and $_POST["password_post"].

rofl90 · January 28, 2008

so i should have

if (isset($_GET['LOGIN'])) {

instead of $_POST?

trq · January 28, 2008

I don't know, didn't look at your code. All I'm saying is you need to check the variables you want to use exist before using them.

rofl90 · January 28, 2008

Ah ok.

Sign In

[SOLVED] Notice: Undefined index: login in e:\domains\m\myhabs.co.uk\user\htdocs\v2\panel

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information