PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
jmcc
Forum Newbie
Posts: 5 Joined: Wed May 20, 2009 5:47 am
Post
by jmcc » Wed May 20, 2009 8:22 am
Please help me to fix error.
Error
Notice: Undefined variable: rowAccount in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\login.php on line 22
Code
Code: Select all
<?php
require_once("connection.php"); // database connection
session_start();
// catch field data
$userid = (isset($_POST['userid']));
$password = (isset($_POST['password']));
$submitted = (isset($_POST['submitted']));
if ($userid && $password) {
//////////////////////////////////
$query =sprintf("SELECT * FROM users where user_name = '$userid' and user_password = '$password'");
$result =@mysql_query($query);
$rowAccount =@mysql_fetch_array($result);
/////////////////////////////////
echo $rowAccount;
}
if ($rowAccount){
$_SESSION['id'] = $rowAccount['user_id'];
header("location:welcome.php");
exit;
}elseif($submitted){
echo "You dont exists on our record";
}
?>
Last edited by
Benjamin on Wed May 20, 2009 4:00 pm, edited 6 times in total.
Reason: Fixed [code=php] tags.
Benjamin
Site Administrator
Posts: 6935 Joined: Sun May 19, 2002 10:24 pm
Post
by Benjamin » Wed May 20, 2009 8:26 am
Use
Code: Select all
tags when posting code in the forums.
Darhazer
DevNet Resident
Posts: 1011 Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria
Post
by Darhazer » Wed May 20, 2009 3:25 pm
The $rowAccount variable is initialized in an if statement, but is used regardless the if.
So you have to rewrite your code in this way:
Code: Select all
<?php
require_once("connection.php"); // database connection
session_start();
$rowAccount = null;
// catch field data
$userid = (isset($_POST['userid']));
$password = (isset($_POST['password']));
$submitted = (isset($_POST['submitted']));
if ($userid && $password) {
//////////////////////////////////
$query =sprintf("SELECT * FROM users where user_name = '%s' and user_password = '%s'", mysql_escape_string($userid), mysql_escape_string($password));
$result =@mysql_query($query); // using @ is really bad style
$rowAccount =@mysql_fetch_array($result);// using @ is really bad style
/////////////////////////////////
echo $rowAccount;
}
if ($rowAccount){
$_SESSION['id'] = $rowAccount['user_id'];
header("location:welcome.php");
exit;
}elseif($submitted){
echo "You dont exists on our record";
}
?>