Undefined variable error

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
chrisshi
Forum Newbie
Posts: 5
Joined: Mon Jul 08, 2002 4:50 pm
Location: Austin, TX

Undefined variable error

Post by chrisshi »

Hi people, i'm runing PHP4 on IIS5 as a CGI script. When i run the following authentication code, i get the "Notice: Undefined variable: password in c:\inetpub\wwwroot\authmain.php on line 4" error

<?
session_start();

if ($password && $userid)
{
// if the user has just tried to log in

$db_conn = mysql_connect("localhost", "php", "php");
mysql_select_db("test", $db_conn);
$query = "select * from login "
."where Name='$userid' "
." and Passwd='$password'";
$result = mysql_query($query, $db_conn);
if (mysql_num_rows($result) >0 )
{
// if they are in the database register the user id
$valid_user = $userid;
session_register("valid_user");
}
}
?>
<html>
<body>
<h1>Home page</h1>
<?

if (session_is_registered("valid_user"))
{
echo "You are logged in as: $valid_user <br>";
echo "<a href=\"logout.php\">Log out</a><br>";
}
else
{
if (isset($userid))
{
// if they've tried and failed to log in
echo "Could not log you in";
}
else
{
// they have not tried to log in yet or have logged out
echo "You are not logged in.<br>";
}

// provide form to log in
echo "<form method=post action=\"authmain.php\">";
echo "<table>";
echo "<tr><td>Userid:</td>";
echo "<td><input type=text name=userid></td></tr>";
echo "<tr><td>Password:</td>";
echo "<td><input type=password name=password></td></tr>";
echo "<tr><td colspan=2 align=center>";
echo "<input type=submit value=\"Log in\"></td></tr>";
echo "</table></form>";
}
?>
</body>
</html>

I understand the page is processed for the firs time, $password is not initialized, but it never gave me such error on linux. Does anyone know how to get rid of this error?
thanks
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

This is not an error. It is a "Notice". On the other computer the php.ini file probably had turned off error reporting for Notice level commnets.

So to get rid of the error you can edit php.ini to turn off notice reporting, or you can initialize the variable.

To initialize the varaibles you would do something like
$password=$_POST["password"];

Not only will the above work regardless of the register_globals setting, its slightly more secure, and it will remove the notice statement.
chrisshi
Forum Newbie
Posts: 5
Joined: Mon Jul 08, 2002 4:50 pm
Location: Austin, TX

Post by chrisshi »

hi
i tried to initialize it, but since the variable password in the form has been processed in the first time of view the page, index password doesn't exist in &_POST[] yet. and i get the following notice:
Notice: Undefined index: password in c:\inetpub\wwwroot\authmain.php on line 5

would you tell me how to turn off the notice reporting option?
thanks
chrisshi
Forum Newbie
Posts: 5
Joined: Mon Jul 08, 2002 4:50 pm
Location: Austin, TX

Post by chrisshi »

hi
i didn't try to mess with php.ini but i solved the problem by initializing the variable this way:

if(isset($_POST["password"]))
$password = $_POST["password"];
else
$password = "";
thanks for your help Eric
User avatar
chiefmonkey
Forum Commoner
Posts: 25
Joined: Sat Apr 20, 2002 5:21 am
Location: Glasgow UK

Post by chiefmonkey »

chrisshi wrote:hi
i didn't try to mess with php.ini but i solved the problem by initializing the variable this way:

if(isset($_POST["password"]))
$password = $_POST["password"];
else
$password = "";
thanks for your help Eric
You could also use

Code: Select all

$password=""; 

 $password=$_POST&#1111;"password"];

George
StillGreen
Forum Newbie
Posts: 2
Joined: Mon Sep 30, 2002 11:02 pm
Location: Fargo

@

Post by StillGreen »

Am I missing something?
What is wrong with using the "@" warning suppression?
thus
if(@$password && @$whatever_var)

this seems a much simpler solution....
hope it helps
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Why suppress an error when you can easily prevent it?

Code: Select all

if(isset($password) && isset($whatever_var))
instead of

Code: Select all

if(@$password && @$whatever_var)
If you know there's going to be an error that you'll need to suppress then you might as well prevent the error properly.

Mac
User avatar
BDKR
DevNet Resident
Posts: 1207
Joined: Sat Jun 08, 2002 1:24 pm
Location: Florida
Contact:

Post by BDKR »

twigletmac wrote: Why suppress an error when you can easily prevent it?

Code: Select all

if(isset($password) &amp;&amp; isset($whatever_var))
instead of

Code: Select all

if(@$password &amp;&amp; @$whatever_var)
If you know there's going to be an error that you'll need to suppress then you might as well prevent the error properly.

Mac
I was wondering when someone was going to mention that. Uhh... you too StillGreen.

Also, why do

Code: Select all

if(isset($_POST&#1111;"password"]))
$password = $_POST&#1111;"password"];
else
$password = "";
this in the first place? All it does is double the number of vars that have the same value. This is also another operation that the script must preform on it's way completing the task at hand and represents an increased use of system resources.

Now if you have a good editor, just create a macro that automatically inserts &_POST, or $_GET instead of typing it all out. Then hack your [var] on the end of it.

Cheers,
BDKR
Post Reply