DEVHIDE
Login Or Sign up

Running PHP page on localhost shows "undefined index", but code works perfectly

3.2k Views Asked by At

Here is my PHP code, I guess the problem is with $_POST[...]?

PHP:

<?php
require('connect.php');
$name = $_POST['name'];
$comment = $_POST['comment'];
$submit = $_POST['submit'];
if($submit)
{
    if($name&&$comment)
    {
    $query=mysql_query("INSERT INTO comment (id,name,comment) VALUES ('','$name','$comment')");
    header("Location: success.php");
    }
    else
    {
        echo "Lūdzu aizpildi visus logus.";
    }
}
?>

The form of fields and textarea.

HTML:

<form action="help-add-comment.php" method="POST">
  <label>Jūsu vārds:  </label><br /><input type="text" name="name" size="25" value="<?php echo "$name" ?>" /><br /><br />
  <label>Ziņojums:  </label><br /><textarea name="comment" cols="25" rows="7"></textarea><br /><br />
  <input type="submit" class="button button-red" name="submit" value="Pievienot" /><br/>
</form>

This is my result: undefined index

php notice
Original Q&A
3

There are 3 best solutions below

4
On

You're trying to access non-existent fields in the $_POST array, the warning is correct. You should only process those fields when they're actually there, so when you're actually responding to a form postback, by checking the request method:

if($_SERVER['REQUEST_METHOD'] == 'POST')
{
  $name = $_POST['name'];
  $comment = $_POST['comment'];
  $submit = $_POST['submit'];
  // Handle rest of postback
}

Note that this still allows a malicious user to trigger the warnings, and thus gain knowledge of your application internals, by faking a request. You can fix this by retrieving the POST values safely:

function getPostValue($name, $default = null)
{
  return isset($_POST[$name]) ? $_POST[$name] : $default;
}
$name = getPostValue('name');

You can achieve the same effect by using the error suppression operator (@) but it's bad for performance and considered bad style for simple cases like this.

10
On

Check if your value are defined first, it works because this isnt an error, its just a warning.

Do like this :

<?php
if (!empty($_POST["name"]) && !empty($_POST["comment"]) && isset($_POST["submit"])) {
    require('connect.php');
    //Get Post value
    $name = $_POST['name'];
    $comment = $_POST['comment'];
    $submit = $_POST['submit'];
    //Execute query
    $query=mysql_query("INSERT INTO comment (id,name,comment) VALUES ('','$name','$comment')");
    header("Location: success.php");
}else{
    //one of the value is not set (undefined)
    echo "Ludzu aizpildi visus logus.";
}
?>

Learn more about if and if/else, isset() and empty()

PS:

Your code is vulnerable to SQL injection, and also mysql is now deprecated. You should use mysqli extensions or PDO. This is serious because you will get hacked very easily.

1
On

TRY THIS:

  <?php
    require('connect.php');
    $name = isset($_POST['name']) ? $_POST['name']: '' ;
    $comment = isset($_POST['comment']) ? $_POST['comment'] : '' ;;
    $submit = isset($_POST['submit']) ? $_POST['submit'] : '' ;;
    if($submit)
    {
        if($name&&$comment)
        {
        $query=mysql_query("INSERT INTO comment (id,name,comment) VALUES ('','$name','$comment')");
        header("Location: success.php");
        }
        else
        {
            echo "Lūdzu aizpildi visus logus.";
        }
    }
    ?>

Related Questions in PHP

Related Questions in NOTICE

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.