'Undefined index' error in some PCs and not in others

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
serap
Forum Commoner
Posts: 31
Joined: Thu Jan 15, 2004 5:10 pm

'Undefined index' error in some PCs and not in others

Post by serap »

Everything works fine on my three PCs, also from other people which I have let them test (from different countries). But when my brother tests it Im get the following, this happens each time he makes an action that deals with the php code, db etc. We have checked that we have the exact same version of Explorer. Why is it happening due to firewalls or? Cookies are Enabled on his PC..? Im going nuts on this and cant debug it really cuz I have no error on my pc? There is nothing send to the browser either.


Notice: Undefined index: HTTP_REFERER in /customers/serapsungur.com/serapsungur.com/httpd.www/new_whynot/cart1.php on line 65

Warning: Cannot modify header information - headers already sent by (output started at /customers/serapsungur.com/serapsungur.com/httpd.www/new_whynot/cart1.php:65) in /customers/serapsungur.com/serapsungur.com/httpd.www/new_whynot/cart1.php on line 65


thanks,
Serap
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

$_SERVER['HTTP_REFERER'] isn't always set, for example if you go direct to a page without clicking a link, the referer won't be set.
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

Post code...most likely it requires register_globals On

If you want a quick fix, turn them on within his php.ini config file.

This issue is discussed further here.
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

is the script always on the same server, or do you mean you are testing the script running on these different machines? if so, are they all running the same version of PHP?

Mark
serap
Forum Commoner
Posts: 31
Joined: Thu Jan 15, 2004 5:10 pm

Post by serap »

The site is ALWAYS on the same server, the only difference is the PCs and browsers. So it can not be something with thw php.ini file or any other server related issues. Im new on php but this is what my logic tells me...And we start on the same page over the phone he gets the error I dont...??
User avatar
Wayne
Forum Contributor
Posts: 339
Joined: Wed Jun 05, 2002 10:59 am

Post by Wayne »

Does your brothers machine go through a proxy server or firewall to access the internet? These can be configured to remove http_referer headers in your http request!
serap
Forum Commoner
Posts: 31
Joined: Thu Jan 15, 2004 5:10 pm

Post by serap »

Yes I think so - they have a firewall setup by their service provider. The thing is that he can add new items (updating the DB) but with the error each time php is called. If that is problem how do you usually solve it with so many combinations out there?? And let them test bigger sites - you name it - to check their cookie settings that works fine.

Thanks,
Serap
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

can we see the code of cart1.php

Mark
serap
Forum Commoner
Posts: 31
Joined: Thu Jan 15, 2004 5:10 pm

Post by serap »

Here is the code (from the clasic Macromedia example) :
and line 65 is removeItem...

Code: Select all

<?php
include("db2.php");
error_reporting(E_ALL);
switch($action)
{
case "add_item":
	{
	AddItem($id, $qty, $color);
	break;
	}
case "update_item":
	{
	UpdateItem($_GET["id"], $_GET["qty"],$_GET["colorid"]);
	ShowCart();
	break;
	}
case "remove_item":
	{
	RemoveItem($_GET["id"], $_GET["color"]);
	ShowCart();
	break;
	}
default:
	{
	ShowCart();
	}
}

function AddItem($id, $qty, $color)
    {
	$cookieId = GetCartId();

	$result = mysql_query("select count(*) from cart where itemId=$id and color='$color' and cookieId='" . GetCartId() . "' ");

	$row=mysql_fetch_row($result);
	$check_result=$row[0];

	if ($check_result== 0)
	{

	@mysql_query("insert into cart(cookieId, itemId, qty, color)
					values('" . GetCartId() . "', $id, $qty, '$color' )");

	header("location: ".$_SERVER["HTTP_REFERER"]);

    }
    else
	{
	UpdateItem($id, $qty);
	header("location: ".$_SERVER["HTTP_REFERER"]);
	}
    }

function UpdateItem($itemId, $qty)
{
//echo "update item";
//echo $_SERVER['HTTP_REFERER'];
}


function RemoveItem($itemId, $color)
{

@mysql_query("delete from cart where itemId=$itemId and color='$color' and cookieId='" . GetCartId() . "' ");
header("location: ".$_SERVER["HTTP_REFERER"]);

}

function ShowCart()
{

//to be filled
}
}
?>
EDITED BY BECH100: ADDED PHP TAGS - PLEASE REMEMBER TO DO IT YOURSELF, EASIER TO READ
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

is the error always from line 65? This (from what i can see) occurs when an item is removed. What about when an item is added.

HTTP_REFERER is used in other places, do they generate the error too?

Mark
serap
Forum Commoner
Posts: 31
Joined: Thu Jan 15, 2004 5:10 pm

Post by serap »

Yes it does each time it hits the
header("location: ".$_SERVER["HTTP_REFERER"]); - but only from his machine!...it talks with the DB though...

Thanks for responses by the way...
User avatar
Wayne
Forum Contributor
Posts: 339
Joined: Wed Jun 05, 2002 10:59 am

Post by Wayne »

It sounds llike it is there firewall blocking the HTTP_REFERER header being passed to your server, if you dont put the line
error_reporting(E_ALL);
in, it should be ok, but if the is no HTTP_REFERER variable set you are not going to have anywhere for the header to redirect you to, you might want to check that it contains a value or default it to something!
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

found this
$_SERVER['HTTP_REFERER'] should not be used.. often times user behind a
proxy are configure not to submit http_referer

note.. rfc2616

15.1.3 Encoding Sensitive Information in URI's

Because the source of a link might be private information or might
reveal an otherwise private information source, it is strongly
recommended that the user be able to select whether or not the
Referer field is sent. For example, a browser client could have a
toggle switch for browsing openly/anonymously, which would
respectively enable/disable the sending of Referer and From
information.

Clients SHOULD NOT include a Referer header field in a (non-secure)
HTTP request if the referring page was transferred with a secure
protocol.

Authors of services which use the HTTP protocol SHOULD NOT use GET
based forms for the submission of sensitive data, because this will
cause this data to be encoded in the Request-URI. Many existing
servers, proxies, and user agents will log the request URI in some
place where it might be visible to third parties. Servers can use
POST-based form submission instead
you could store $url = $_SERVER['http_host'] . $_SERVER['request_uri'];
as an array in your session var... or you could use a cookie by
unserialize($cookie); push($cookie[0],$url); serialize($cookie); (or
something like that.. ) either way you will have an array of visited
urls.. much like the javascript history method..
serap
Forum Commoner
Posts: 31
Joined: Thu Jan 15, 2004 5:10 pm

Post by serap »

But I understand from your replies that the
$_SERVER["HTTP_REFERER"]
can not be trusted at all? then when making a site with PHP - this is my first site with PHP.

The problem is that when a user makes an add_item I have to get back to the caller site...so if I use (in caller site)
$url = $_SERVER['http_host'] . $_SERVER['request_uri'];
I will post $url..to cart1.php

and in cart1.php use:
header("location: "$url"]);

Do you guys never use $_SERVER["HTTP_REFERER"] then on your sites??
(how does all other sites handle it ex. amazon? )
And how can you protect you code then from firewall blockings?

thanks,
Serap
Post Reply