Solved

Undefined index line 30 php code

Posted on 2015-02-18
4
123 Views
Last Modified: 2015-02-23
<?php
    session_start() ;
    $link = mysqli_connect("", "", "","")
        or die("Could not connect : " . mysqli_error() );
    mysqli_select_db($link,"") or die("Could not select database");

#$printer_array = array("Oki 420 Ticket",
#        "Oki 420 Report",
#        "Dell 1700 Laser") ;

    if(!isset($_SESSION['storeKey'])) {
        ?>
<html xmlns="http://www.w3.org/1999/xhtml">
<body>
You have not selected a store. Please proceed to the following page to select a store.<br>
<A href="http:///menu.php">Select Here</a>
</body>
</html>
    <?php
    } else {
        $storeKey = $_SESSION['storeKey'] ;
#	print_r($_REQUEST) ;
#	print_r(array_keys($_REQUEST)) ;
#	if(($_SESSION['access'] <= 2) && ($_SESSION['locked'] != 'Y')) {
	     if(isset($_REQUEST['submit'])) {
		$entry = 1;
		for($i=1; $i <= 26; $i++) {
		    $hidden_key = "hidden-" . $i ;
		    $name_key = "full_name-" . $i  ;
		    if($_REQUEST[$name_key]	!= "" ||
			    (isset($_REQUEST[$hidden_key])))
				{
			$active_key = "active-" . $i ;
			if(isset($_REQUEST[$active_key])) {
			    $active = $_REQUEST[$active_key] ;
			} else {
			    $active = "N" ;
			}
			$name = $_REQUEST[$name_key];
			$user_name_key = "user_name-" . $i ;
			$user_name = $_REQUEST[$user_name_key];
			$password_key = "password-" . $i ;
			$password = $_REQUEST[$password_key];
			if(isset($_REQUEST[$hidden_key])) {
			    $hidden = $_REQUEST[$hidden_key] ;
			    print "Update"; 
			    $sql = "UPDATE store_users SET full_name='$name', 
				user_name='$user_name', 
				password='$password',
				active='$active'
				WHERE row_id='$hidden' ; " ;
			    $res = mysqli_query($link,$sql) or 
				die("UPDATE Failed($i) : " .  mysqli_error()) ;
			} else {
			    print "insert"; 
			    $sql = "INSERT INTO store_users (store_key, 
				full_name, user_name, password, active)
				VALUES ('$storeKey', '$name', '$user_name', 
				'$password', '$active');";
			    $res = mysqli_query($link,$sql) or 
				die("INSERT Failed($i) : " .  mysqli_error()) ;
			}
			$entry++;
		    }
		}
	    }
#	}
	$sql = "SELECT * FROM store_users WHERE store_key='$storeKey' ORDER BY full_name ;" ;
        $res = mysqli_query($link,$sql) or die("Query Failed(storeKey) : " .
            mysqli_error());
        for($i = 1; $i <= mysqli_num_rows($res); $i++) {
            $lines[$i] = mysqli_fetch_array($res);
#            print "line$i" ;
        }

	$page = "Staging Users" ;
	require 'header.php' ;
    ?>
<form id="form1" name="form1" method="post" action="">
</table>
  <div align="center"></div>
  <table width="750" height="27" border="0">
    <tr>
      <td width="303"><input type="submit" name="submit" value="Submit" /></td>
      <td width="335">&nbsp;</td>
      <td width="98"><label for="Submit"></label>
          <div align="left">
            <input name="cancel" type="button" onClick="document.location='menu.php'" value="Cancel" />
        </div></td>
    </tr>
  </table>
  <table width="719" height="227" border="1">
    <tr>
	<td colspan="4"><div align="center"><strong><span class="style3">Manage Store Backroom PC Users</span></strong></div></td>
    </tr>
    <tr>
      <td width="43"><strong>Active</strong></td>
      <td width="300"><strong>Full  Name </strong></td>
      <td width="188"><strong>User Name </strong></td>
      <td width="188"><strong>Password</strong></td>
    </tr>
    <?php
	for($i=1 ; $i <= 15; $i++) {
    ?>
    <tr>
      <td><?php if(isset($lines[$i])) {
                ?><input type="hidden" name="hidden-<?php print $i ; ?>" value="<?php
                print $lines[$i]['row_id'] ;
                ?>"><?php
            }
        ?>
	<input name="active-<?php print $i ; ?>" type="checkbox" value="Y" <?php
            if(isset($lines[$i]['active']) == "Y") {                                                   print "checked=\"checked\"";
            }
            ?>/></td>
      <td><input name="full_name-<?php print $i ; ?>" type="text" size="30" maxlength="30" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['full_name'] . "\"" ;
            }
            ?>/></td>
      <td><input name="user_name-<?php print $i ; ?>" type="text" size="15" maxlength="15" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['user_name'] . "\"" ;
            }
            ?>/></td>
      <td><input name="password-<?php print $i ; ?>" type="text" size="15" maxlength="15" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['password'] . "\"" ;
            }
            ?>/></td>
    </tr>
    <?php
	}
    ?>
  </table>
  <div align="center"></div>
  <table width="750" height="27" border="0">
    <tr>
      <td width="303"><input type="submit" name="submit" value="Submit" /></td>
      <td width="335">&nbsp;</td>
      <td width="98"><label for="Submit"></label>
          <div align="left">
            <input name="cancel" type="button" onClick="document.location='menu.php'" value="Cancel" />
        </div></td>
    </tr>
  </table>
  <p>&nbsp;</p>
</form>
</body>
</html>
<?php } ?>

Open in new window


Looking to fix the undefined index line 30 while converting from an old php to php5.6 and if there are other issues with this code
0
Comment
Question by:JDay2
  • 2
4 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40617666
$_REQUEST[$name_key] and the rest with variables for the index names ($_REQUEST[$hidden_key], $_REQUEST[$active_key])  are undefined in your code above.  They might defined in a form on a previous page.  I have never seen the indexes done with variables like that.  The common format would be like $_REQUEST['firstname'] where 'firstname' is the name of a form element on the previous page.
0
 
LVL 109

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 40617830
It looks like line 30 says this:

if($_REQUEST[$name_key]      != "" || (isset($_REQUEST[$hidden_key])))

Just above that we have these lines that would appear to define the indexes:

for($i=1; $i <= 26; $i++) {
 $hidden_key = "hidden-" . $i ;
 $name_key = "full_name-" . $i  ;

But given that there could be up to 26 indexes, and apparently some of them are not defined, I think the existing logic was written with the idea that undefined variables could be ignored.  A lot of older PHP code worked with that assumption.

My sense is that this code could probably benefit from refactoring with and eye to following the PHP-FIG standards, and with modern programming practices in mind.  $_REQUEST is a security hole that has no place in a deployed application.  It's smarter to use the POST request variables if you're expecting a POST-method request.  There are other things, too -- unescaped variables in query strings and stuff like that.  If it were my task, I would probably consider a do-over to bring this up to current standards.
0
 
LVL 43

Accepted Solution

by:
Chris Stanyon earned 250 total points
ID: 40617899
As a work around you could check the variable is set before checking it's value:

if( (isset($_REQUEST[$name_key]) && $_REQUEST[$name_key] != "") || isset($_REQUEST[$hidden_key]) )

Open in new window

0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40617922
I was wondering if the previous server was supporting 'register_globals' which now obselete.  http://php.net/manual/en/faq.using.php#faq.register-globals   That would explain why the code used to work.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
Does the idea of dealing with bits scare or confuse you? Does it seem like a waste of time in an age where we all have terabytes of storage? If so, you're missing out on one of the core tools in every professional programmer's toolbox. Learn how to …
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question