Jump to content

undefined index messages quick question

burge124

By burge124
in PHP Coding Help

 Share

Recommended Posts

burge124 Member

burge124

Posted
Posted

hi, this code keeps giving me

 

Notice: Undefined index: newpassword in C:\Program Files\EasyPHP 2.0b1\www\index.php on line 13

 

Notice: Undefined index: newemail in C:\Program Files\EasyPHP 2.0b1\www\index.php on line 17

ive tried playing round with it but cant fix the problem

 

// select administrator
$result = mysql_query("SELECT * FROM user WHERE UserName='admin'");

// update password
mysql_query("UPDATE user SET password = '$_REQUEST[newpassword]'
WHERE UserName = 'admin'");

// update email address
mysql_query("UPDATE user SET email = '$_REQUEST[newemail]'
WHERE UserName = 'admin'");

$user= mysql_fetch_array($result);
........

    <input type="text" name="newpassword" />

    <input type="text" name="newemail">

Link to comment
Share on other sites
burge124 Member

burge124

Posted
  • Author
Posted 
	<body contextmenu="return false;">
<body onpaste="return false";>

<?php
$con = mysql_connect("localhost","root","")
  or die('Could not connect: ' . mysql_error());
mysql_select_db("questiondb", $con);

// select administrator
$result = mysql_query("SELECT * FROM user WHERE UserName='admin'");

// update password
mysql_query("UPDATE user SET password = '$_REQUEST[newpassword]'
WHERE UserName = 'admin'");

// update email address
mysql_query("UPDATE user SET email = '$_REQUEST[newemail]'
WHERE UserName = 'admin'");

$user= mysql_fetch_array($result);



?>
<form method="post" action="mod_home.php">
  <lable>
  Current Username:</label> <?php echo $user['UserName']; ?><br>
  <lable>
  Current Password:</label> <?php echo $user['Password']; ?><br>
  <lable>
  <p>Current Email:
    </label> 
  <?php echo $user['Email']; ?></p>
  <p>
    <label>new password
    <input type="text" name="newpassword" />
    </label>
  </p>
  <p>
    <label>retype password
    <input type="text" name="newemail">
    </label>
  </p>
  <p>
    <label>new email
    <input type="text" name="newpassword2">
    </label>
  </p>
  <p>
    <label>
    <input name="submit" type="submit" class="subHeader" id="submit" value="Submit">
    </label>
    <label>
    <input type="reset" name="Reset" value="Reset">
    </label>
    <br>
  </p>
</form>

Link to comment
Share on other sites
drewbee Member

drewbee

Posted
Posted

A few things here

 

1) ALWAYS wrap mysql_real_escape_string around ANY variable that goes into your database. This will help protect you from SQL injection;

2) For good coding practicies, always place quotes within your associate arrays IE $_POST, $_REQUEST, $_GET and go like this> $_POST['myvar']

SO

SET password = '".mysql_real_escape_string($_REQUEST['newpassword'])."'

 

3) You are getting that message because you are trying to access variables that are being used without first being created; Depending on your error level this will show or not show. You can either tone down your error reporting level (not recomended), or always define your variables like so:

 

$_REQUEST['newpassword'] = isset($_REQUEST['newpassword']) ? $_REQUEST['newpassword'] : ''

 

This will set the variable $_REQUEST['newpassword'] to an empty string if it does not exist yet. Always place these at the top of the script so the variables can be properly initialized.

 

Good luck :)

Link to comment
Share on other sites
drewbee Member

drewbee

Posted
Posted

What do you mean irrelavant? It initalizes the variable if it is not yet set. Plane and simple; if its not set, set it. If it is use what the current value is. isset() returns true on a variable being set, and false if otherwise; php.net/isset

 

 

Put

$_REQUEST['newpassword'] = isset($_REQUEST['newpassword']) ? $_REQUEST['newpassword'] : ''

$_REQUEST['newemail'] = isset($_REQUEST['newemail']) ? $_REQUEST['newemail'] : ''

 

Above your current code.

Link to comment
Share on other sites
cooldude832 Advanced Member

cooldude832

Posted
Posted

I too love errors but undefined indexes is too high for php.  It was designed dirty, its not java.  You are allowed to work on unset vars

i.e

acceptable coding

<?php
if(!empty($_POST['var'])){
#If its not set this produces an error
}
?>

Overchecking

<?php
if(!isset($_POST['var']){
$_POST['var'] = '';
}
if(empty($_POST['var'])){
#No index error
}
?>

 

 

No point really

Link to comment
Share on other sites
drewbee Member

drewbee

Posted
Posted

Yeah; Its a matter of opinion really. I have always worked with code expecting a variable to be either this or that, not existing or not existing.

 

It seems very strange to me to use variables that haven't been set, especially with coldfusion in my blood as well :) Personally I think it makes things alot easier to follow too, but then again matter of opinion; I state To Each His Own before we start a brawl in this poor guys thread :D

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.