Imoddedu Posted April 8, 2011 Share Posted April 8, 2011 I get this error: Notice: Undefined index: userName in C:\Program Files (x86)\EasyPHP-5.3.3.1\www\SearchWiDe\contact.php on line 10Notice: Undefined index: userEmail in C:\Program Files (x86)\EasyPHP-5.3.3.1\www\SearchWiDe\contact.php on line 11Notice: Undefined index: userCat in C:\Program Files (x86)\EasyPHP-5.3.3.1\www\SearchWiDe\contact.php on line 12Notice: Undefined index: userText in C:\Program Files (x86)\EasyPHP-5.3.3.1\www\SearchWiDe\contact.php on line 13 A session is started in header.phpconfig.php contains the MySQL connection detailsI think it has something to do where I set my variables = to the $_POST ones. <?php include("header.php"); ?><?php include("config.php"); $conn = mysql_connect($dbhost,$dbuser,$dbpass)or die ('Error connecting to mysql');?><?php $error = 0; ?><?php $name = $_POST['userName']; $email = $_POST['userEmail']; $category = $_POST['userCat']; $text = $_POST['userText']; $ip = $_SERVER['REMOTE_ADDR'];if($_POST) { // Error Messages if($name == NULL) { $error = 1; } elseif($email == NULL) { $error = 2; } elseif($text == NULL) { $error = 3; }} else {$query = sprintf("INSERT INTO contact(name,email,category,text,ip) VALUES ('$name','$email','$category','$text','$ip');");mysql_query($query);$error = 99;}?><div style="margin-left: 300px;"><h2>Contact Form</h2><p>fdhfhdhsf</p><?php if ($error == 1) { echo "<div class='ui-widget'><div class='ui-state-error ui-corner-all' style='padding: 0 .7em;'> <p><span class='ui-icon ui-icon-alert' style='float: left; margin-right: .3em;'></span> <strong>Error:</strong> You didn't fill out the <b>name</b> field!</p></div></div>"; }elseif ($error == 2) { echo "<div class='ui-widget'><div class='ui-state-error ui-corner-all' style='padding: 0 .7em;'> <p><span class='ui-icon ui-icon-alert' style='float: left; margin-right: .3em;'></span> <strong>Error:</strong> You didn't fill out the <b>email</b> field!</p></div></div>"; }elseif ($error == 3) { echo "<div class='ui-widget'><div class='ui-state-error ui-corner-all' style='padding: 0 .7em;'> <p><span class='ui-icon ui-icon-alert' style='float: left; margin-right: .3em;'></span> <strong>Error:</strong> You didn't fill out the <b>type</b> field!</p></div></div>"; }elseif ($error == 99) {echo "<div class='ui-state-highlight ui-corner-all' style='margin-top: 20px; padding: 0 .7em;'> <p><span class='ui-icon ui-icon-info' style='float: left; margin-right: .3em;'></span> Thanks! You will recieve a confirmation and follow up email shortly.</p> </div>";}?> <form method="post" action="contact.php"><table><tr id="userName"><td><h4>Name:</h4></td><td><input type="text" name="userName" id="userNameField" size="31" style="background: #dbdbdb; border: 1px solid #474747" /></td></tr><tr id="userEmail"><td><h4>Email:</h4></td><td><input type="text" name="userEmail" id="userEmailField" size="31" style="background: #dbdbdb; border: 1px solid #474747" /></td></tr><tr id="userCat"><td><h4>Category:</h4></td><td><select name="userCat" id="userNameField" style="background: #dbdbdb; border: 1px solid #474747"><option>hfd</option><option>dfh</option><option>dhfd</option><option>dhfd</option></select></td></tr><tr id="userText"><td><h4>Type:</h4></td><td><textarea name="userText" id="userTextField" rows="7" cols="70" style="background: #dbdbdb; border: 1px solid #474747"></textarea></td></tr><tr id="userSubmit"><td></td><td><input type="submit" name="submit" value="Submit" style="background: #dbdbdb; border: 1px outset #d97c03; color: #000000;" /></td></tr></table></form></div><?php include("footer.php"); ?></div></body></html> Link to comment Share on other sites More sharing options...
justsomeguy Posted April 8, 2011 Share Posted April 8, 2011 You're trying to set the variables before the form has been submitted. You should check if those variables are set before trying to access them. You can use the isset function to check that. Link to comment Share on other sites More sharing options...
Imoddedu Posted April 8, 2011 Author Share Posted April 8, 2011 I tried something...but I'm afraid it didn't work. Do I have things in the wrong places? if(isset($_POST['userName']) && ($_POST['userEmail']) && ($_POST['userCat']) && ($_POST['userText'])) {if($_POST) { $name = $_POST['userName']; $email = $_POST['userEmail']; $category = $_POST['userCat']; $text = $_POST['userText']; $ip = $_SERVER['REMOTE_ADDR']; // Error Messages if($name == NULL) { $error = 1; } elseif($email == NULL) { $error = 2; } elseif($text == NULL) { $error = 3; }} else {$query = sprintf("INSERT INTO contact(name,email,category,text,ip) VALUES ('$name','$email','$category','$text','$ip');");mysql_query($query);$error = 99;}}else {} Link to comment Share on other sites More sharing options...
GerryH Posted April 8, 2011 Share Posted April 8, 2011 You want to use the isset() on all $_POST vars such as; if (isset($_POST['userName']) && isset($_POST['userEmail']) && isset($_POST['userCat']) && isset($_POST['userText'])) { ...do your stuff here} Link to comment Share on other sites More sharing options...
thescientist Posted April 8, 2011 Share Posted April 8, 2011 sort of, you've kind of got thing's a little mixed up if(isset($_POST['userName']) && ($_POST['userEmail']) && ($_POST['userCat']) && ($_POST['userText'])) { $name = $_POST['userName']; $email = $_POST['userEmail']; $category = $_POST['userCat']; $text = $_POST['userText']; $ip = $_SERVER['REMOTE_ADDR']; //connect to db first of course $query = sprintf("INSERT INTO contact(name,email,category,text,ip) VALUES ('$name','$email','$category','$text','$ip');"); mysql_query($query);} else { // Error Messages if($_POST['name'] == "") { $error = 1; }elseif($_POST['email'] == "") { $error = 2; }elseif($_POST['text'] == "") { $error = 3; };}; Link to comment Share on other sites More sharing options...
justsomeguy Posted April 8, 2011 Share Posted April 8, 2011 It's not really necessary to check if all 4 variables are set, if any one of them is set then the form was submitted. Link to comment Share on other sites More sharing options...
GerryH Posted April 8, 2011 Share Posted April 8, 2011 It's not really necessary to check if all 4 variables are set, if any one of them is set then the form was submitted.You are 100% correct, however I prefer to do that in case there are other post calls from other pages to this script with different vars. Link to comment Share on other sites More sharing options...
Imoddedu Posted April 8, 2011 Author Share Posted April 8, 2011 sort of, you've kind of got thing's a little mixed upif(isset($_POST['userName']) && ($_POST['userEmail']) && ($_POST['userCat']) && ($_POST['userText'])) { $name = $_POST['userName']; $email = $_POST['userEmail']; $category = $_POST['userCat']; $text = $_POST['userText']; $ip = $_SERVER['REMOTE_ADDR']; //connect to db first of course $query = sprintf("INSERT INTO contact(name,email,category,text,ip) VALUES ('$name','$email','$category','$text','$ip');"); mysql_query($query);} else { // Error Messages if($_POST['name'] == "") { $error = 1; }elseif($_POST['email'] == "") { $error = 2; }elseif($_POST['text'] == "") { $error = 3; };}; I tried using this (which is basically what you had). And received this error: Notice: Undefined variable: name in C:\Program Files (x86)\EasyPHP-5.3.3.1\www\SearchWiDe\contact.php on line 23I thought $name was already given a value? if(isset($_POST['userName']) && ($_POST['userEmail']) && ($_POST['userCat']) && ($_POST['userText'])) { $name = $_POST['userName']; $email = $_POST['userEmail']; $category = $_POST['userCat']; $text = $_POST['userText']; $ip = $_SERVER['REMOTE_ADDR']; // Insert into DB $query = sprintf("INSERT INTO contact(name,email,category,text,ip) VALUES ('$name','$email','$category','$text','$ip');"); mysql_query($query); $error = 99;} else { // Error Messages if($name == "") { $error = 1; } elseif($email == "") { $error = 2; } elseif($text == "") { $error = 3; };} Link to comment Share on other sites More sharing options...
justsomeguy Posted April 8, 2011 Share Posted April 8, 2011 It's only given a value in the if part, not the else part. You may want to start, before the if, by setting everything to an empty string first. Link to comment Share on other sites More sharing options...
eduard Posted April 8, 2011 Share Posted April 8, 2011 Do I have to learn this too in the future? Link to comment Share on other sites More sharing options...
Imoddedu Posted April 8, 2011 Author Share Posted April 8, 2011 It's only given a value in the if part, not the else part. You may want to start, before the if, by setting everything to an empty string first.I added $name = "";$email = "";$category = "";$text = ""; before the IF statement, but now it displays the $error = 1 message I have. Do I have to learn this too in the future?If you want your web pages to communicate with a server and do cool things, yes Link to comment Share on other sites More sharing options...
justsomeguy Posted April 8, 2011 Share Posted April 8, 2011 Your else is kind of in the wrong place. You should have all of those if statements checking for errors after you get the values and before you do the query. Start $error off at 0 also. After you get the values and validate, check if $error is 0 before you do the query, if it's not 0 then there was an error. Link to comment Share on other sites More sharing options...
Imoddedu Posted April 8, 2011 Author Share Posted April 8, 2011 Your else is kind of in the wrong place. You should have all of those if statements checking for errors after you get the values and before you do the query. Start $error off at 0 also. After you get the values and validate, check if $error is 0 before you do the query, if it's not 0 then there was an error.Alright, now I have this:When I fill in everything BUT the "Name" field, it gives me an error. Then when I don't fill in the email field, or text field, or anything it all, and I submit, it just basically refreshes the page. Even when I fill in everything and it gives me the "ok" no records show up in the MySQL database. Is there something wrong with the MySQL query now? <?php$error = 0;$name = "";$email = "";$category = "";$text = "";if(isset($_POST['userName']) && ($_POST['userEmail']) && ($_POST['userCat']) && ($_POST['userText'])) { $name = $_POST['userName']; $email = $_POST['userEmail']; $category = $_POST['userCat']; $text = $_POST['userText']; $ip = $_SERVER['REMOTE_ADDR']; // Error Messages if($name == "") { $error = 1; } elseif($email == "") { $error = 2; } elseif($text == "") { $error = 3; } if ($error == 0) { // Insert into DB $query = sprintf("INSERT INTO contact(name,email,category,text,ip) VALUES ('$name','$email','$category','$text','$ip')"); mysql_query($query); $error = 99;}} ?> Link to comment Share on other sites More sharing options...
justsomeguy Posted April 8, 2011 Share Posted April 8, 2011 First, if you want to check for everything being set you need to use isset every time, not just once: if(isset($_POST['userName']) && isset($_POST['userEmail']) && isset($_POST['userCat']) && isset($_POST['userText'])) { Also, make sure you're checking for errors with MySQL:mysql_query($query) or exit(mysql_error());You should also be using mysql_real_escape_string when you put those values into the query, right now if you have a single quote in any of your fields it will cause the query to fail.http://www.php.net/manual/en/function.mysq...cape-string.php Link to comment Share on other sites More sharing options...
birbal Posted April 9, 2011 Share Posted April 9, 2011 if(isset($_POST['userName'],$_POST['userEmail'],$_POST['userCat'],$_POST['userText'])) {} you can also do something like this. if you want to check all the variable is set or not. It will only return true if all of the variable is set. if atleast one among them is not being set. it will return false.more details here http://php.net/function.isset Link to comment Share on other sites More sharing options...
Imoddedu Posted April 9, 2011 Author Share Posted April 9, 2011 First, if you want to check for everything being set you need to use isset every time, not just once:if(isset($_POST['userName']) && isset($_POST['userEmail']) && isset($_POST['userCat']) && isset($_POST['userText'])) { Also, make sure you're checking for errors with MySQL:mysql_query($query) or exit(mysql_error());You should also be using mysql_real_escape_string when you put those values into the query, right now if you have a single quote in any of your fields it will cause the query to fail.http://www.php.net/manual/en/function.mysq...cape-string.php That exit(mysql_error()); really helps!$error = 0;$name = "";$email = "";$category = "";$text = "";if(isset($_POST['userName']) && isset($_POST['userEmail']) && isset($_POST['userCat']) && isset($_POST['userText'])) { $name = $_POST['userName']; $email = $_POST['userEmail']; $category = $_POST['userCat']; $text = $_POST['userText']; $ip = $_SERVER['REMOTE_ADDR']; /* $name = mysql_real_escape_string($name); $email = mysql_real_escape_string($email); $text = mysql_real_escape_string($text); */ // Error Messages if($name == "") { $error = 1; } elseif($email == "") { $error = 2; } elseif($text == "") { $error = 3; } if ($error == 0) { // Insert into DB $query = sprintf("INSERT INTO contact(name,email,category,text,ip) VALUES ('$name','$email','$category','$text','$ip')"); mysql_query($query) or exit(mysql_error()); $error = 99;}} ?> Did I use the mysql_real_escape_string right? Link to comment Share on other sites More sharing options...
Imoddedu Posted April 9, 2011 Author Share Posted April 9, 2011 New problem. Now that I think I got mysql_real_escape_string working, I tried to check to see if the email is valid. I keep recieving this error if I don't put in anything for the "email" field: Notice: Undefined offset: 1 in C:\Program Files (x86)\EasyPHP-5.3.3.1\www\SearchWiDe\contact.php on line 35 here is the code, reworked: <?php$error = 0;$name = "";$email = "";$category = "";$text = "";if(isset($_POST['userName']) && isset($_POST['userEmail']) && isset($_POST['userCat']) && isset($_POST['userText'])) { $name = $_POST['userName']; $email = $_POST['userEmail']; $category = $_POST['userCat']; $text = $_POST['userText']; $ip = $_SERVER['REMOTE_ADDR']; $name = mysql_real_escape_string($name); $email = mysql_real_escape_string($email); $text = mysql_real_escape_string($text); // Error Messages if ( filter_var($email, FILTER_VALIDATE_EMAIL) == TRUE) { $email = mysql_real_escape_string($email); } else { $error = 4; } // Filter and Split Email $splitemail = explode('@', $email); if(checkdnsrr("$splitemail[1]")) { $email = mysql_real_escape_string($email); } else { $error = 4; } if($name == "") { $error = 1; } elseif($email == "") { $error = 2; } elseif($text == "") { $error = 3; } if ($error == 0) { // Insert into DB $query = sprintf("INSERT INTO contact(name,email,category,text,ip) VALUES ('$name','$email','$category','$text','$ip')"); mysql_query($query) or exit(mysql_error()); $id = mysql_insert_id(); $result = mysql_query("SELECT * FROM users WHERE id = '$id'"); $to = $email; $subject = 'dffdhdsfhdf '; $message = "<p>sdfhfdhdsfhsf</p><p><a href='http://example.com/confirm.php?id=$result'>below</a></p>"; $headers = 'From: webmaster@example.com' . "\r\n" . 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; mail($to,$subject,$message,$headers); $error = 99;}} ?> Link to comment Share on other sites More sharing options...
justsomeguy Posted April 10, 2011 Share Posted April 10, 2011 You'll need to determine which if statement is causing the error and why the function you're using is returning false. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.