PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
doforumda
Forum Newbie
Posts: 16 Joined: Thu Dec 25, 2008 1:07 am
Post
by doforumda » Wed Oct 07, 2009 3:20 am
hi my html page is here
Code: Select all
<html>
<head>
<title>Untitled Document</title>
</head>
<body>
<form method="post" action="feedback.php">
<label>Name:
<input name="user" type="text" maxlength="40" size="40">
</label>
<p>
<label>Email:
<input type="text" name="email">
</label>
</p>
<p>
<label>Comments:
<textarea name="comments" cols="45" rows="5"></textarea>
</label>
</p>
<p>
<label>
<input type="submit" value="Submit">
</label>
</p>
</form>
</body>
</html>
and php code is here
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
if(!$user || !$email || !$comments)
{
echo "Fill in all fields.";
exit;
}
$user = addslashes($user);
$email = addslashes($email);
$comments = addslashes($comments);
$db = mysql_connect("localhost");
mysql_select_db("videoshop", $db);
$addfeedback = "insert into feedback
(name,email,comments)
values('".$user."','".$email."','".$comments."')";
$result = mysql_query($addfeedback) or die(mysql_error());
echo "Thank you your data is added.";
?>
</body>
</html>
the problem i am facing is when i fill all the textfields in html page and submit it then on php side it says
"Notice: Undefined variable: user in D:\wamp\www\feedback\feedback.php on line 10
Fill in all fields."
how can this problem be fixed?
dejvos
Forum Contributor
Posts: 122 Joined: Tue Mar 10, 2009 8:40 am
Post
by dejvos » Wed Oct 07, 2009 4:24 am
You have to initialize $user before you'll use it in some statement.
You have a condition before initializing of $user
- condition - line 10,
- initialization of $user - line 16.
Bye
doforumda
Forum Newbie
Posts: 16 Joined: Thu Dec 25, 2008 1:07 am
Post
by doforumda » Wed Oct 07, 2009 5:05 am
i dont understand what is suser?
N1gel
Forum Commoner
Posts: 95 Joined: Sun Apr 30, 2006 12:01 pm
Post
by N1gel » Wed Oct 07, 2009 5:31 am
You need to set your variables to the data that has been posted before you can do your test to see if they contain data.
Try the following
Code: Select all
$user = mysql_real_escape_string($_POST['user']);
$email = mysql_real_escape_string($_POST['email']);
$comments = mysql_real_escape_string($_POST['comments']);
if(!isset($user) || !isset($email) || !isset($comments))
{
echo "Fill in all fields.";
exit;
}
$user = addslashes($user);
$email = addslashes($email);
$comments = addslashes($comments);
You also might want to read up on
mysql_real_escape_string to test the users input for malicious data.