Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

PHP basic question

Posted on 2014-01-09
5
Medium Priority
?
348 Views
Last Modified: 2014-01-09
I am going through a code sample in my PHP book, and I'm getting an "undefined index at line 5" error when I run this PHP page. The PHP script begins with this:

<?php
    $category_id = $_GET['category_id'];
    if (!isset($category_id)) {
        $category_id = 1;
    }
.
.
?>

Line 5 is the very first line where $category_id is trying to obtain its value from the $_GET array.

The book intends this PHP page to be run as a standalone (as opposed to a click on a hyperlink from a prior page). The page itself will have three links that will set the value of $category_id and then call this same page, but since this is the first time I'm running it, and the $_GET array is empty, causing the error message. The page still runs okay though despite the error message.

My question is this. Is the author of the book just sloppy? The book does not forewarn me to expect this error at all. Or are the warning settings of my PHP set too high?
0
Comment
Question by:elepil
5 Comments
 
LVL 75

Assisted Solution

by:käµfm³d 👽
käµfm³d   👽 earned 800 total points
ID: 39770060
Your GET parameters come from the querystring of your URL. A querystring is anything that comes after the (first) question mark in a URL.

e.g.

https://secure.experts-exchange.com/askQuestion.jsp?taid=103

Open in new window


You can see a querystring of "taid=103" in the above example. Your PHP is expecting to see a parameter of "category_id" in the request:

e.g.

https://secure.experts-exchange.com/askQuestion.jsp?category_id=103

Open in new window


So, when you run your code on the server, the request that you submit via the browser needs to include this information...currently. You generally want to test for the existence of such values before you try to access them. You can accomplish this via the isset function:

<?php

    if (isset($_REQUEST['category_id'])) {
        $category_id = $_GET['category_id'];
        if (!isset($category_id)) {
            $category_id = 1;
        }
    .
    .
    
    }
?>

Open in new window

0
 

Author Comment

by:elepil
ID: 39770084
Kaufmed,

Thank you for your response. I did understand what was happening.

My question was whether my PHP settings warning levels might be set too high (if there is such a thing with PHP because there is such a thing in other platforms). I'm new to PHP, and I'm not sure if the author of my book is just sloppy without forewarning me this will happen, or if it's a PHP setting in my Apache server, which could explain why the author never said a word.

I normally wouldn't be asking this type of a question, but PHP is so permissive that I'm even surprised it would warn me of something like this.
0
 
LVL 35

Accepted Solution

by:
gr8gonzo earned 1200 total points
ID: 39770124
PHP does have various error reporting levels. On production systems, it's best not to display errors, but to log them to a file. I usually think it is best to log anything that is a warning or more severe, and this type of warning message is something that I would not ignore. It is most likely the result of an author writing up samples and making tweaks without testing everything.

In a real-world scenario, if I saw this error on the screen or in a log, I would correct it the way kaufmed suggested (check for the variable in the GET array before using it).

To be clear, PHP -is- permissive, and it shows in that it didn't prevent the code from running (it simply assumed that the value was blank). It simply threw a warning. Permissive is not always the same thing as lazy. PHP has plenty of warnings (not all of them very user-friendly).
0
 
LVL 58

Expert Comment

by:Gary
ID: 39770131
kaufmed is right in what he is telling you and I think you are right in that the author is being sloppy about his approach and seems to be assuming that you have error messages turned off.
Yes you can turn off all warnings like this which are not critical (critical errors would break the code) and your code will continue to execute but it is getting you into a bad routine whereby you are not doing any error checking or making sure an error would not occur
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39770175
I think that's bad code.  This is how I do it at the top of all my PHP pages that are receiving data from a page.  I do this to make sure a default value is set.  This can be important because checkboxes and radio buttons do not send a value if they are not checked.  By setting the value to '', it allows you to tell that there was no value sent without causing an error.  It doesn't have to be POST.  It can be GET or REQUEST depending on your needs.
if (!isset($_POST['toText'])) $toText = ''; else $toText = $_POST['toText'];

Open in new window

0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question