Solved

Undefined Variable Error

Posted on 2004-10-14
8
319 Views
Last Modified: 2013-12-03
Got probably an easy one....
I have some php/html code that I am having a problem with.
Everything else in the code works though.

I am recieving an error of :Undefined variable:  submit in /var/www/html/demomilage/mileage.php on line 7

Code is as follows:

<html>
<head>
<title>Demo Mileage Statement</title>
</head>
<body>
<?php
if ($submit) {
  // process form
  $db = mysql_connect("localhost", "root", "park249");
  mysql_select_db("demomilage",$db);
  $query = "INSERT INTO milage VALUES ('$manager_name','$stock_number','$milage')";
  $results=mysql_query($query);
  echo "<b><font size=6>Thank you! Mileage Entered.</font></b><br><br><br>";
  echo "<br><br><br>";
} else{
  // display form
  ?>
<form method=POST action="<?php echo $PHP_SELF?>">
<p><font size="6"><b>Mileage Statement</b></font></p>
<table border="0" cellspacing="0" width="90%" id="AutoNumber1" cellpadding="0">
  <tr>
    <td width="22%"><b>Manager Name</b></td>
    <td width="78%"><SELECT size="1" name="manager_name">
  <?php
  $db = mysql_connect("localhost", "root", "park249");
  mysql_select_db("demomilage",$db) or die( "Unable to select database");
  $query=("select * from names order by manager_name");
  $result=mysql_query($query) or die ("Unable to Make the Query:" . mysql_error() );
  while($row=mysql_fetch_array($result)){
  echo "<OPTION VALUE=".$row['manager_name'].">".$row['manager_name']."</OPTION>";
  }
  ?>
  </SELECT></td>
  </tr>
  <tr>
    <td width="22%"><b>Stock Number</b></td>
        <td width="78%"><SELECT size="1" name="stock_number">
  <?php
  $db = mysql_connect("localhost", "root", "park249");
  mysql_select_db("demomilage",$db) or die( "Unable to select database");
  $query=("select * from names order by stock_number");
  $result=mysql_query($query) or die ("Unable to Make the Query:" . mysql_error() );
  while($row=mysql_fetch_array($result)){
  echo "<OPTION VALUE=".$row['stock_number'].">".$row['stock_number']."</OPTION>";  }
  ?>
  </SELECT></td>  </tr>
  <tr>
    <td width="22%"><b>Mileage</b></td>
    <td width="78%">
    <input name="milage" size="12"></td>
  </tr>
  </table>
    <p>
    <input type="Submit" name="submit" value="Submit Mileage Statement"> </p>
</form>
<?php
} // end if
?>
</body>
</html>
0
Comment
Question by:jkratzer
  • 6
8 Comments
 
LVL 27

Accepted Solution

by:
Diablo84 earned 250 total points
ID: 12308444
replace:

if ($submit) {

with:

if (isset($_POST['submit'])) {
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12308450
you might also need to replace

<?php echo $PHP_SELF?>

with

<?php echo $_SERVER['PHP_SELF']; ?>
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12308468
And another line, (if register globals are off)

$query = "INSERT INTO milage VALUES ('$manager_name','$stock_number','$milage')";

replace with:

$query = "INSERT INTO milage VALUES ('".$_POST['manager_name']."','".$_POST['stock_number']."','".$_POST['milage]'."')";
0
 
LVL 12

Expert Comment

by:minichicken
ID: 12308687
At top of your page

use:
ini_set("register_globals", "1"); //to use $submit

use:
ini_set("register_globals", "0"); //to use $_POST['submit']

was that the question?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 27

Expert Comment

by:Diablo84
ID: 12308767
Use $_POST['submit'] regardless as shown above.

register_globals should ideally be turned off anyway in the php.ini file but using $_POST['submit'] will prevent someone accessng the page using domain.com/page.php?submit and simulating the button click even if they are on.
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12308894
A nice example of which:


<?php
echo "\$_POST['submit'] = ".@$_POST['submit']."<br>\n";
echo "\$_GET['submit'] = ".@$_GET['submit']."<br>\n";
echo "\$submit = ".@$submit."<br>\n";
?>

<form method="post" action="a.php">
<input type="submit" name="submit" value="post_value">
</form>

<a href="<?php echo $_SERVER['PHP_SELF']; ?>?submit=get_value">Click Me</a>


With register globals on the POST and GET index will contain the corresponding values for the method used, (button clicked = POST array index, link clicked = GET array index) and $submit will contain the value for either depending on which was clicked. With register globals off the POST and GET arrays will be populated using the same trend but $submit will not contain a value for either ever unless you assign the global value to a local variable.

So with register globals on you could fake the post submit using the query string as shown above so basically you can trigger data to be processed without the form being posted, obviously a potential problem BUT if you code is written will (ie. referencing $_POST['submit'] instead of $submit) then this wont be a problem.
0
 
LVL 6

Author Comment

by:jkratzer
ID: 12309739
Thanks Diablo84....That is exactly what I needed.

0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12309778
No problem :)

|)iablo
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now