Page 1 of 1

Undefined variable: rowAccount

Posted: Wed May 20, 2009 8:22 am
by jmcc
Please help me to fix error.

Error

Notice: Undefined variable: rowAccount in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\login.php on line 22

Code

Code: Select all

<?php
require_once("connection.php"); // database connection
 
session_start();
 
// catch field data
 
$userid =    (isset($_POST['userid']));
$password =  (isset($_POST['password']));
$submitted = (isset($_POST['submitted']));
 
if ($userid && $password) {
//////////////////////////////////
$query       =sprintf("SELECT * FROM users where user_name = '$userid' and user_password = '$password'");
$result      =@mysql_query($query);
$rowAccount  =@mysql_fetch_array($result);
/////////////////////////////////
 
echo $rowAccount;
}
 
if ($rowAccount){
 
$_SESSION['id'] = $rowAccount['user_id'];
 
header("location:welcome.php");
exit;
 
}elseif($submitted){
 
echo "You dont exists on our record";
 
}
?>

Re: login always results in a false

Posted: Wed May 20, 2009 8:26 am
by Benjamin
Use

Code: Select all

tags when posting code in the forums.

Re: Undefined variable: rowAccount

Posted: Wed May 20, 2009 3:25 pm
by Darhazer
The $rowAccount variable is initialized in an if statement, but is used regardless the if.

So you have to rewrite your code in this way:

Code: Select all

<?php
require_once("connection.php"); // database connection
 
session_start();
$rowAccount = null;
// catch field data
 
$userid = (isset($_POST['userid']));
$password = (isset($_POST['password']));
$submitted = (isset($_POST['submitted']));
 
if ($userid && $password) {
//////////////////////////////////
$query   =sprintf("SELECT * FROM users where user_name = '%s' and user_password = '%s'", mysql_escape_string($userid), mysql_escape_string($password));
$result  =@mysql_query($query); // using @ is really bad style
$rowAccount =@mysql_fetch_array($result);// using @ is really bad style
/////////////////////////////////
 
echo $rowAccount;
}
 
if ($rowAccount){
 
$_SESSION['id'] = $rowAccount['user_id'];
 
header("location:welcome.php");
exit;
 
}elseif($submitted){
 
echo "You dont exists on our record";
 
}
?>