Declare a variable if the variable is empty

I had this problem (Notice: Undefined index: username )
because the user didn't  enter the password.
Can we write the script like this

if username is empty then set the username =none

php5atozAsked:
Who is Participating?
 
ldbkuttyConnect With a Mentor Commented:
Like this :

$username = ( isset($_POST["username"]) ) ? mysql_real_escape_string($_POST["username"]) : "";

//connect to server and select database
$connection = @mysql_connect("localhost","xxxx","xxxx") or die(mysql_error());

$db = @mysql_select_db($db_name,$connection)or die(mysql_error());

//build and issue the query
$sql ="SELECT * FROM $table_name WHERE username = '$username' AND Password = password('" . mysql_real_escape_string($_POST['password']) . "')";


Note that you have to validate such that if username/password is empty, ask the user to enter them.
0
 
BatalfCommented:
if(!isset($username))$username="";

0
 
ldbkuttyCommented:
$username = ( isset($username) ) ? $username : "";
0
2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

 
ldbkuttyCommented:
$username = ( isset($_POST["username"]) ) ? $_POST["username"] : "";
0
 
php5atozAuthor Commented:
I think I need to little more detail here.
So what should I do to make it not display the message
(Notice: Undefined index: username )

That why I believe If we
Can we write the script like this

if username is empty then set the username =abc

<?

//setup names of database and table to use
$db_name ="xxxx";
$table_name ="xxxx";

$username = ( isset($_POST["username"]) ) ? $_POST["username"] : "none";

//connect to server and select database
$connection = @mysql_connect("localhost","xxxx","xxxx") or die(mysql_error());

$db = @mysql_select_db($db_name,$connection)or die(mysql_error());

//build and issue the query
$sql ="SELECT * FROM $table_name WHERE username = '$_POST[username]' AND Password = password('$_POST[password]')";
$result = @mysql_query($sql,$connection) or die(mysql_error());

//get the number of rows in the result set
$num = mysql_num_rows($result);

//print a message or redirect elsewhere,based on result
if ($num != 0) {
      $msg ="<P>Congratulations,you're authorized!</p>";
} else {

echo "<h1>Login to Secret Area</h1>";
echo "<form method=\"post\" action=\"do_authuser_ch15.php\">";
echo "<font color=\"#FF0000\"><strong>Reenter your username and password correctly.";
echo "<br>Remember, passwords are case-sensitive.</strong></font>";
echo " <br><strong>Username:</strong><br>\n";
echo "      <input maxLength=\"25\" size=\"25\" name=\"username\">\n";
echo "      <br><strong>Password:</strong><br>\n";
echo "      <input type=\"password\" maxLength=\"25\" size=\"25\" value name=\"password\">\n";
echo "      <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" value=\"Sign In\" name=\"signinbt\">\n";
echo "</form>";
      exit;
}
?>
<HTML>
<HEAD>
<TITLE>Secret Area</TITLE>
</HEAD>
<BODY>
<? echo "$msg"; ?>
</BODY>
</HTML>
0
 
php5atozAuthor Commented:
uh why the use mysql_real_escape_string on username
BUT use the  password('" . mysql_real_escape_string($_POST['password']) . "')";
0
All Courses

From novice to tech pro — start learning today.