Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Why do I keep gettin "unidentified index

Posted on 2004-09-15
Medium Priority
Last Modified: 2008-03-17
I know its a dumb question, but it is pissing me off. Why do I keep getting an unidenfied index error when I check a variable like if (!$HTTP_SESSION_VARS['username']){ process $_POST variables since they arent logged in; }. Of course its an unidentified index, thats what Im checking for.  I cant seem to surpress it with @, any ideas?

part 2. I have a login page, which sends the user to a home page, from there they can click on other pages.  The first time they click on a 3rd page, and then use back to go to home, it makes them hit refresh. After that, no problems.  I assume this has to to with the session variables, but I use session_start() on all my pages, and I cant figure out why this is happening.
Question by:zixp
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3

Expert Comment

ID: 12065811
use if (isset($HTTP_SESSION_VARS['username']))

Expert Comment

ID: 12065870
you probably have login.html -> submit to home.php
now somebody goes to third.php, and then uses the back key, and now the browser resubmits the form data, like before
do this
login.html -> submit to login.php (if login ok) redirect to home.php
now the browser will  not resubmit to home.php

Author Comment

ID: 12065888
I would have to use if (isset($HTTP_SESSON_VARS['username'])==false). I have already tried this with the same results.
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 27

Assisted Solution

Diablo84 earned 1000 total points
ID: 12065889
As said above only you should be using $_SESSION['username'] as opposed to $HTTP_SESSION_VARS['username'], i presume you are using a recent version of php as you are referencing the post array using $_POST.

With regards to your part 2 problem, im not 100% clear what you mean, it sounds like it coul be related to the use of sessions and forms in IE 6 in which case add the following after session_start();

header("Cache-control: private");

Failing that its probably a code flow problem, make sure you make adjustments to session and local variables as well as processing before you display any output otherwise you will end up with the old data being displayed before it has been updated.
LVL 27

Expert Comment

ID: 12065903
and you would want

if (!isset($HTTP_SESSON_VARS['username']))

! used for "not" so if not isset

Expert Comment

ID: 12066003
if your code looks like this
 if (!isset($HTTP_SESSON_VARS['username'])){echo $_POST['something'];}
and you keep getting the same error, probably $_POST['something'] doesn't exist

Author Comment

ID: 12066300
GeG, what you said about resubmitting to home sounds about right, but my problem is that I had it set up the way you said, and it would loose the session variables.  Then I had it send the session id in the url, but I wanted to try today to get rid of that for security reasons.

Diablo84, the header("Cache-control: private"); fixed the second part, thanks a lot. If you dont mind explaining why it is that fixed it I would love to hear it.
As far as $HTTP_SESSION_VARS vs. $_SESSION is concerned, I have never had anyone give me a good reason to use the second instead of the first.  The is the way I learned (and happens to be backwards compatable).  I reffered to $_POST as shorthand, but all my variables are in full in the script.

GeG, my code is
if ( !isset($HTTP_SESSION_VARS['username'])){
      //get vars from $_POST
      if ((!$HTTP_POST_VARS['username']) || (!$HTTP_POST_VARS['pass'])){ echo "you  must log in"; exit;}
      $username = $HTTP_POST_VARS['username'];
      $pass = $HTTP_POST_VARS['pass'];

      //convert to $_SESSION
      $HTTP_SESSION_VARS['username'] = $username;
      $HTTP_SESSION_VARS['canary'] = 'set in home';
      $HTTP_SESSION_VARS['encryptpass'] = crypt(...encrypt the password....);

      //clean up variables for security
and I keep getting the unidentified index on if ((!$HTTP_POST_VARS.... This happens when I go to the page without logging in, so its not that big a deal, but I dont like errors making my variables public.
LVL 27

Expert Comment

ID: 12066388
>> If you dont mind explaining why it is that fixed it I would love to hear it.

Its simply a bug local to IE6 in this very instance, basically setting the cache control to private prevents the browser making a fresh call for the data and so stops the page has expired error. This was first brought up here as far as im aware: http://www.phpfreaks.com/print.php?cmd=tutorial&tut_id=41 Scroll down a little way and you will find the relevant part.

With regards to $HTTP_SESSION_VARS vs. $_SESSION, theres no reason at the moment why you can't use the older method (unless they deprecate it at some point which is likely) except to say that $_SESSION (in the words of the manual) is preferred, as of PHP 4.1.0.
LVL 27

Accepted Solution

Diablo84 earned 1000 total points
ID: 12066828
Incidently i am assuming you are getting the undefined index errors before submitting the form, the quickest fix for this is changing this line:

if ( !isset($HTTP_SESSION_VARS['username'])){


if ( !isset($HTTP_SESSION_VARS['username']) && isset($_POST)){

then the code will only be run provided the session var username is not set and the post array is set (the form has been submitted).

Also as notices are not a big issue (though its alwyas best to fix them where possible) you can just reduce the level of error checking to hide the notices from public view.

If you have access to your php.ini file and set your error reporting to hide notices (or a variation of the available options), eg:

error_reporting = E_ALL & ~E_NOTICE

If you do not have access to your php.ini file and you are using apache you can create a .htaccess file in the root of your site and add the following line:

php_value error_reporting E_ALL & ~E_NOTICE

and failing that if you just want to apply the setting for the one page you can add the following to the top of your script:

ini_set("error_reporting"," E_ALL & ~E_NOTICE");

Author Comment

ID: 12067183
Thanks. I tried running it only if $_POST is set, but it seems that the error comes from that very line. I know I dont *need to fix it, so the ini_set() function will work fine. Thank you
And thank you too diablo84, Ill split points

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to implement server side field validation and display customized error messages to the client.
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question