Solved

Why do I keep gettin "unidentified index

Posted on 2004-09-15
10
251 Views
Last Modified: 2008-03-17
I know its a dumb question, but it is pissing me off. Why do I keep getting an unidenfied index error when I check a variable like if (!$HTTP_SESSION_VARS['username']){ process $_POST variables since they arent logged in; }. Of course its an unidentified index, thats what Im checking for.  I cant seem to surpress it with @, any ideas?

part 2. I have a login page, which sends the user to a home page, from there they can click on other pages.  The first time they click on a 3rd page, and then use back to go to home, it makes them hit refresh. After that, no problems.  I assume this has to to with the session variables, but I use session_start() on all my pages, and I cant figure out why this is happening.
0
Comment
Question by:zixp
  • 4
  • 3
  • 3
10 Comments
 
LVL 9

Expert Comment

by:_GeG_
Comment Utility
use if (isset($HTTP_SESSION_VARS['username']))
0
 
LVL 9

Expert Comment

by:_GeG_
Comment Utility
you probably have login.html -> submit to home.php
now somebody goes to third.php, and then uses the back key, and now the browser resubmits the form data, like before
do this
login.html -> submit to login.php (if login ok) redirect to home.php
now the browser will  not resubmit to home.php
0
 

Author Comment

by:zixp
Comment Utility
I would have to use if (isset($HTTP_SESSON_VARS['username'])==false). I have already tried this with the same results.
0
 
LVL 27

Assisted Solution

by:Diablo84
Diablo84 earned 250 total points
Comment Utility
As said above only you should be using $_SESSION['username'] as opposed to $HTTP_SESSION_VARS['username'], i presume you are using a recent version of php as you are referencing the post array using $_POST.

With regards to your part 2 problem, im not 100% clear what you mean, it sounds like it coul be related to the use of sessions and forms in IE 6 in which case add the following after session_start();

header("Cache-control: private");

Failing that its probably a code flow problem, make sure you make adjustments to session and local variables as well as processing before you display any output otherwise you will end up with the old data being displayed before it has been updated.
0
 
LVL 27

Expert Comment

by:Diablo84
Comment Utility
and you would want

if (!isset($HTTP_SESSON_VARS['username']))

! used for "not" so if not isset
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 9

Expert Comment

by:_GeG_
Comment Utility
if your code looks like this
 if (!isset($HTTP_SESSON_VARS['username'])){echo $_POST['something'];}
and you keep getting the same error, probably $_POST['something'] doesn't exist
0
 

Author Comment

by:zixp
Comment Utility
GeG, what you said about resubmitting to home sounds about right, but my problem is that I had it set up the way you said, and it would loose the session variables.  Then I had it send the session id in the url, but I wanted to try today to get rid of that for security reasons.

Diablo84, the header("Cache-control: private"); fixed the second part, thanks a lot. If you dont mind explaining why it is that fixed it I would love to hear it.
As far as $HTTP_SESSION_VARS vs. $_SESSION is concerned, I have never had anyone give me a good reason to use the second instead of the first.  The is the way I learned (and happens to be backwards compatable).  I reffered to $_POST as shorthand, but all my variables are in full in the script.

GeG, my code is
if ( !isset($HTTP_SESSION_VARS['username'])){
      
      //get vars from $_POST
      if ((!$HTTP_POST_VARS['username']) || (!$HTTP_POST_VARS['pass'])){ echo "you  must log in"; exit;}
      
      $username = $HTTP_POST_VARS['username'];
      $pass = $HTTP_POST_VARS['pass'];

      //convert to $_SESSION
      $HTTP_SESSION_VARS['username'] = $username;
      $HTTP_SESSION_VARS['canary'] = 'set in home';
      $HTTP_SESSION_VARS['encryptpass'] = crypt(...encrypt the password....);

      //clean up variables for security
      unset($HTTP_POST_VARS['username']);
      unset($HTTP_POST_VARS['pass']);
      unset($pass);
}
and I keep getting the unidentified index on if ((!$HTTP_POST_VARS.... This happens when I go to the page without logging in, so its not that big a deal, but I dont like errors making my variables public.
0
 
LVL 27

Expert Comment

by:Diablo84
Comment Utility
>> If you dont mind explaining why it is that fixed it I would love to hear it.

Its simply a bug local to IE6 in this very instance, basically setting the cache control to private prevents the browser making a fresh call for the data and so stops the page has expired error. This was first brought up here as far as im aware: http://www.phpfreaks.com/print.php?cmd=tutorial&tut_id=41 Scroll down a little way and you will find the relevant part.

With regards to $HTTP_SESSION_VARS vs. $_SESSION, theres no reason at the moment why you can't use the older method (unless they deprecate it at some point which is likely) except to say that $_SESSION (in the words of the manual) is preferred, as of PHP 4.1.0.
0
 
LVL 27

Accepted Solution

by:
Diablo84 earned 250 total points
Comment Utility
Incidently i am assuming you are getting the undefined index errors before submitting the form, the quickest fix for this is changing this line:

if ( !isset($HTTP_SESSION_VARS['username'])){

to

if ( !isset($HTTP_SESSION_VARS['username']) && isset($_POST)){

then the code will only be run provided the session var username is not set and the post array is set (the form has been submitted).

Also as notices are not a big issue (though its alwyas best to fix them where possible) you can just reduce the level of error checking to hide the notices from public view.

If you have access to your php.ini file and set your error reporting to hide notices (or a variation of the available options), eg:

error_reporting = E_ALL & ~E_NOTICE

If you do not have access to your php.ini file and you are using apache you can create a .htaccess file in the root of your site and add the following line:

php_value error_reporting E_ALL & ~E_NOTICE

and failing that if you just want to apply the setting for the one page you can add the following to the top of your script:

ini_set("error_reporting"," E_ALL & ~E_NOTICE");
0
 

Author Comment

by:zixp
Comment Utility
Thanks. I tried running it only if $_POST is set, but it seems that the error comes from that very line. I know I dont *need to fix it, so the ini_set() function will work fine. Thank you
And thank you too diablo84, Ill split points
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Introduction HTML checkboxes provide the perfect way for a web developer to receive client input when the client's options might be none, one or many.  But the PHP code for processing the checkboxes can be confusing at first.  What if a checkbox is…
Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now