its working now.. thanks..fugix wrote:yeah you cant really get rid of it...it not an important error.. just ignore it
please help me..
Moderator: General Moderators
Re: please help me..
Re: please help me..
no problem
Re: please help me..
No. It's not the same. The first statement is precarious and can cause the notice you encountered. The second uses the isset construct which handles the undefined index gracefully and does not trigger the notice. Be aware, however, that the two statements are not necessarily interchangeable.lalamms wrote:the result is still the same..fugix wrote:this....if ($_POST ['post']) should be.....if(isset($_POST['post']))
Yes, you can prevent it. Ignoring errors, even insignificant ones, is sloppy programming. If you write code logically and correctly, there will be fewer errors and your program will be more predictable.fugix wrote:yeah you cant really get rid of it...it not an important error.. just ignore it
-
Since, apparently, there are not enough quality examples around, here is a more controlled way to write the script.
Code: Select all
<?php
header('Content-Type: text/html; charset=UTF-8');
// An error-free way to get an element from an array
function getRequest ($key, $array, $default=null) {
if (isset($array[$key])) {
return $array[$key];
}
return $default;
}
// Constants
define('DB_HOST', 'localhost');
define('DB_USER', 'root');
define('DB_PASS', '');
define('DB_NAME', 'project');
// Determines whether this is a development server named "localhost" or a production server
define('IS_LOCAL', getRequest('SERVER_NAME', $_SERVER, '') == 'localhost');
// Enables error display on development server, disables on production server
ini_set('display_errors', IS_LOCAL);
// It's a good practice to define default values
$hasInserted = false;
$errorMessage = '';
$postTitle = '';
$postBody = '';
// The string value of the submit button is cast to a boolean and
// that value determines whether the form was submitted
$formSubmitted = (bool) getRequest('post', $_POST, false);
if ($formSubmitted) {
// Just because 'post' exists doesn't mean 'title' and 'body' exist
$postTitle = getRequest('title', $_POST, '');
$postBody = getRequest('body', $_POST, '');
// The string lengths of the title and body inputs should each be at least 1 character
if (strlen($postTitle) < 1 || strlen($postBody) < 1) {
$errorMessage = 'Both title and body are required.';
} else {
if (! mysql_connect(DB_HOST, DB_USER, DB_PASS)) {
$errorMessage = 'Could not find database server';
} else {
if (! mysql_select_db(DB_NAME)) {
$errorMessage = 'Could not find database';
} else {
$query = sprintf(
"INSERT INTO news VALUES (NULL, '%s', '%s', '%s')",
mysql_real_escape_string($postTitle), // Escaping is important
mysql_real_escape_string($postBody), // to avoid SQL injection
date('Y-m-d') // A timestamp would be better
);
// mysql_query() returns a boolean for INSERT queries
$hasInserted = mysql_query($query);
if (! $hasInserted) {
if (IS_LOCAL) {
$errorMessage = mysql_error() . ' "' . $query . '"';
} else {
$errorMessage = 'Your article could not be saved.';
}
}
}
mysql_close();
}
}
}
// An alias to decrease typing burden ("Echo Special Chars")
function esc ($str) {
echo htmlspecialchars($str);
}
// The logic (above) is mostly separate from the presentation (below)
?>
<!DOCTYPE html>
<html>
<head>
<title>Post News</title>
</head>
<body>
<h1>Post News</h1>
<hr />
<?php if ($hasInserted): ?>
<p>Your article has been saved.</p>
<?php else: ?>
<form action="" method="post">
<p><label>Title:<br />
<input type="text" name="title" value="<?php esc($postTitle); ?>" /></label></p>
<p><label>Body:<br />
<textarea rows="6" cols="35" name="body"><?php esc($postBody); ?></textarea></label></p>
<p><input type="submit" name="post" value="Post this news" />
<span><?php esc($errorMessage); ?></span></p>
</form>
<?php endif; ?>
<hr />
</body>
</html>Re: please help me..
Guess I'm a sloppy programmer then