• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 348
  • Last Modified:

Undefined Variable Error

Got probably an easy one....
I have some php/html code that I am having a problem with.
Everything else in the code works though.

I am recieving an error of :Undefined variable:  submit in /var/www/html/demomilage/mileage.php on line 7

Code is as follows:

<html>
<head>
<title>Demo Mileage Statement</title>
</head>
<body>
<?php
if ($submit) {
  // process form
  $db = mysql_connect("localhost", "root", "park249");
  mysql_select_db("demomilage",$db);
  $query = "INSERT INTO milage VALUES ('$manager_name','$stock_number','$milage')";
  $results=mysql_query($query);
  echo "<b><font size=6>Thank you! Mileage Entered.</font></b><br><br><br>";
  echo "<br><br><br>";
} else{
  // display form
  ?>
<form method=POST action="<?php echo $PHP_SELF?>">
<p><font size="6"><b>Mileage Statement</b></font></p>
<table border="0" cellspacing="0" width="90%" id="AutoNumber1" cellpadding="0">
  <tr>
    <td width="22%"><b>Manager Name</b></td>
    <td width="78%"><SELECT size="1" name="manager_name">
  <?php
  $db = mysql_connect("localhost", "root", "park249");
  mysql_select_db("demomilage",$db) or die( "Unable to select database");
  $query=("select * from names order by manager_name");
  $result=mysql_query($query) or die ("Unable to Make the Query:" . mysql_error() );
  while($row=mysql_fetch_array($result)){
  echo "<OPTION VALUE=".$row['manager_name'].">".$row['manager_name']."</OPTION>";
  }
  ?>
  </SELECT></td>
  </tr>
  <tr>
    <td width="22%"><b>Stock Number</b></td>
        <td width="78%"><SELECT size="1" name="stock_number">
  <?php
  $db = mysql_connect("localhost", "root", "park249");
  mysql_select_db("demomilage",$db) or die( "Unable to select database");
  $query=("select * from names order by stock_number");
  $result=mysql_query($query) or die ("Unable to Make the Query:" . mysql_error() );
  while($row=mysql_fetch_array($result)){
  echo "<OPTION VALUE=".$row['stock_number'].">".$row['stock_number']."</OPTION>";  }
  ?>
  </SELECT></td>  </tr>
  <tr>
    <td width="22%"><b>Mileage</b></td>
    <td width="78%">
    <input name="milage" size="12"></td>
  </tr>
  </table>
    <p>
    <input type="Submit" name="submit" value="Submit Mileage Statement"> </p>
</form>
<?php
} // end if
?>
</body>
</html>
0
jkratzer
Asked:
jkratzer
  • 6
1 Solution
 
Diablo84Commented:
replace:

if ($submit) {

with:

if (isset($_POST['submit'])) {
0
 
Diablo84Commented:
you might also need to replace

<?php echo $PHP_SELF?>

with

<?php echo $_SERVER['PHP_SELF']; ?>
0
 
Diablo84Commented:
And another line, (if register globals are off)

$query = "INSERT INTO milage VALUES ('$manager_name','$stock_number','$milage')";

replace with:

$query = "INSERT INTO milage VALUES ('".$_POST['manager_name']."','".$_POST['stock_number']."','".$_POST['milage]'."')";
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
minichickenCommented:
At top of your page

use:
ini_set("register_globals", "1"); //to use $submit

use:
ini_set("register_globals", "0"); //to use $_POST['submit']

was that the question?
0
 
Diablo84Commented:
Use $_POST['submit'] regardless as shown above.

register_globals should ideally be turned off anyway in the php.ini file but using $_POST['submit'] will prevent someone accessng the page using domain.com/page.php?submit and simulating the button click even if they are on.
0
 
Diablo84Commented:
A nice example of which:


<?php
echo "\$_POST['submit'] = ".@$_POST['submit']."<br>\n";
echo "\$_GET['submit'] = ".@$_GET['submit']."<br>\n";
echo "\$submit = ".@$submit."<br>\n";
?>

<form method="post" action="a.php">
<input type="submit" name="submit" value="post_value">
</form>

<a href="<?php echo $_SERVER['PHP_SELF']; ?>?submit=get_value">Click Me</a>


With register globals on the POST and GET index will contain the corresponding values for the method used, (button clicked = POST array index, link clicked = GET array index) and $submit will contain the value for either depending on which was clicked. With register globals off the POST and GET arrays will be populated using the same trend but $submit will not contain a value for either ever unless you assign the global value to a local variable.

So with register globals on you could fake the post submit using the query string as shown above so basically you can trigger data to be processed without the form being posted, obviously a potential problem BUT if you code is written will (ie. referencing $_POST['submit'] instead of $submit) then this wont be a problem.
0
 
jkratzerAuthor Commented:
Thanks Diablo84....That is exactly what I needed.

0
 
Diablo84Commented:
No problem :)

|)iablo
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now