?
Solved

Why do I keep gettin "unidentified index

Posted on 2004-09-15
10
Medium Priority
?
273 Views
Last Modified: 2008-03-17
I know its a dumb question, but it is pissing me off. Why do I keep getting an unidenfied index error when I check a variable like if (!$HTTP_SESSION_VARS['username']){ process $_POST variables since they arent logged in; }. Of course its an unidentified index, thats what Im checking for.  I cant seem to surpress it with @, any ideas?

part 2. I have a login page, which sends the user to a home page, from there they can click on other pages.  The first time they click on a 3rd page, and then use back to go to home, it makes them hit refresh. After that, no problems.  I assume this has to to with the session variables, but I use session_start() on all my pages, and I cant figure out why this is happening.
0
Comment
Question by:zixp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
10 Comments
 
LVL 9

Expert Comment

by:_GeG_
ID: 12065811
use if (isset($HTTP_SESSION_VARS['username']))
0
 
LVL 9

Expert Comment

by:_GeG_
ID: 12065870
you probably have login.html -> submit to home.php
now somebody goes to third.php, and then uses the back key, and now the browser resubmits the form data, like before
do this
login.html -> submit to login.php (if login ok) redirect to home.php
now the browser will  not resubmit to home.php
0
 

Author Comment

by:zixp
ID: 12065888
I would have to use if (isset($HTTP_SESSON_VARS['username'])==false). I have already tried this with the same results.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 27

Assisted Solution

by:Diablo84
Diablo84 earned 1000 total points
ID: 12065889
As said above only you should be using $_SESSION['username'] as opposed to $HTTP_SESSION_VARS['username'], i presume you are using a recent version of php as you are referencing the post array using $_POST.

With regards to your part 2 problem, im not 100% clear what you mean, it sounds like it coul be related to the use of sessions and forms in IE 6 in which case add the following after session_start();

header("Cache-control: private");

Failing that its probably a code flow problem, make sure you make adjustments to session and local variables as well as processing before you display any output otherwise you will end up with the old data being displayed before it has been updated.
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12065903
and you would want

if (!isset($HTTP_SESSON_VARS['username']))

! used for "not" so if not isset
0
 
LVL 9

Expert Comment

by:_GeG_
ID: 12066003
if your code looks like this
 if (!isset($HTTP_SESSON_VARS['username'])){echo $_POST['something'];}
and you keep getting the same error, probably $_POST['something'] doesn't exist
0
 

Author Comment

by:zixp
ID: 12066300
GeG, what you said about resubmitting to home sounds about right, but my problem is that I had it set up the way you said, and it would loose the session variables.  Then I had it send the session id in the url, but I wanted to try today to get rid of that for security reasons.

Diablo84, the header("Cache-control: private"); fixed the second part, thanks a lot. If you dont mind explaining why it is that fixed it I would love to hear it.
As far as $HTTP_SESSION_VARS vs. $_SESSION is concerned, I have never had anyone give me a good reason to use the second instead of the first.  The is the way I learned (and happens to be backwards compatable).  I reffered to $_POST as shorthand, but all my variables are in full in the script.

GeG, my code is
if ( !isset($HTTP_SESSION_VARS['username'])){
      
      //get vars from $_POST
      if ((!$HTTP_POST_VARS['username']) || (!$HTTP_POST_VARS['pass'])){ echo "you  must log in"; exit;}
      
      $username = $HTTP_POST_VARS['username'];
      $pass = $HTTP_POST_VARS['pass'];

      //convert to $_SESSION
      $HTTP_SESSION_VARS['username'] = $username;
      $HTTP_SESSION_VARS['canary'] = 'set in home';
      $HTTP_SESSION_VARS['encryptpass'] = crypt(...encrypt the password....);

      //clean up variables for security
      unset($HTTP_POST_VARS['username']);
      unset($HTTP_POST_VARS['pass']);
      unset($pass);
}
and I keep getting the unidentified index on if ((!$HTTP_POST_VARS.... This happens when I go to the page without logging in, so its not that big a deal, but I dont like errors making my variables public.
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12066388
>> If you dont mind explaining why it is that fixed it I would love to hear it.

Its simply a bug local to IE6 in this very instance, basically setting the cache control to private prevents the browser making a fresh call for the data and so stops the page has expired error. This was first brought up here as far as im aware: http://www.phpfreaks.com/print.php?cmd=tutorial&tut_id=41 Scroll down a little way and you will find the relevant part.

With regards to $HTTP_SESSION_VARS vs. $_SESSION, theres no reason at the moment why you can't use the older method (unless they deprecate it at some point which is likely) except to say that $_SESSION (in the words of the manual) is preferred, as of PHP 4.1.0.
0
 
LVL 27

Accepted Solution

by:
Diablo84 earned 1000 total points
ID: 12066828
Incidently i am assuming you are getting the undefined index errors before submitting the form, the quickest fix for this is changing this line:

if ( !isset($HTTP_SESSION_VARS['username'])){

to

if ( !isset($HTTP_SESSION_VARS['username']) && isset($_POST)){

then the code will only be run provided the session var username is not set and the post array is set (the form has been submitted).

Also as notices are not a big issue (though its alwyas best to fix them where possible) you can just reduce the level of error checking to hide the notices from public view.

If you have access to your php.ini file and set your error reporting to hide notices (or a variation of the available options), eg:

error_reporting = E_ALL & ~E_NOTICE

If you do not have access to your php.ini file and you are using apache you can create a .htaccess file in the root of your site and add the following line:

php_value error_reporting E_ALL & ~E_NOTICE

and failing that if you just want to apply the setting for the one page you can add the following to the top of your script:

ini_set("error_reporting"," E_ALL & ~E_NOTICE");
0
 

Author Comment

by:zixp
ID: 12067183
Thanks. I tried running it only if $_POST is set, but it seems that the error comes from that very line. I know I dont *need to fix it, so the ini_set() function will work fine. Thank you
And thank you too diablo84, Ill split points
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question