Solved

Undefined index line 30 php code

Posted on 2015-02-18
4
116 Views
Last Modified: 2015-02-23
<?php
    session_start() ;
    $link = mysqli_connect("", "", "","")
        or die("Could not connect : " . mysqli_error() );
    mysqli_select_db($link,"") or die("Could not select database");

#$printer_array = array("Oki 420 Ticket",
#        "Oki 420 Report",
#        "Dell 1700 Laser") ;

    if(!isset($_SESSION['storeKey'])) {
        ?>
<html xmlns="http://www.w3.org/1999/xhtml">
<body>
You have not selected a store. Please proceed to the following page to select a store.<br>
<A href="http:///menu.php">Select Here</a>
</body>
</html>
    <?php
    } else {
        $storeKey = $_SESSION['storeKey'] ;
#	print_r($_REQUEST) ;
#	print_r(array_keys($_REQUEST)) ;
#	if(($_SESSION['access'] <= 2) && ($_SESSION['locked'] != 'Y')) {
	     if(isset($_REQUEST['submit'])) {
		$entry = 1;
		for($i=1; $i <= 26; $i++) {
		    $hidden_key = "hidden-" . $i ;
		    $name_key = "full_name-" . $i  ;
		    if($_REQUEST[$name_key]	!= "" ||
			    (isset($_REQUEST[$hidden_key])))
				{
			$active_key = "active-" . $i ;
			if(isset($_REQUEST[$active_key])) {
			    $active = $_REQUEST[$active_key] ;
			} else {
			    $active = "N" ;
			}
			$name = $_REQUEST[$name_key];
			$user_name_key = "user_name-" . $i ;
			$user_name = $_REQUEST[$user_name_key];
			$password_key = "password-" . $i ;
			$password = $_REQUEST[$password_key];
			if(isset($_REQUEST[$hidden_key])) {
			    $hidden = $_REQUEST[$hidden_key] ;
			    print "Update"; 
			    $sql = "UPDATE store_users SET full_name='$name', 
				user_name='$user_name', 
				password='$password',
				active='$active'
				WHERE row_id='$hidden' ; " ;
			    $res = mysqli_query($link,$sql) or 
				die("UPDATE Failed($i) : " .  mysqli_error()) ;
			} else {
			    print "insert"; 
			    $sql = "INSERT INTO store_users (store_key, 
				full_name, user_name, password, active)
				VALUES ('$storeKey', '$name', '$user_name', 
				'$password', '$active');";
			    $res = mysqli_query($link,$sql) or 
				die("INSERT Failed($i) : " .  mysqli_error()) ;
			}
			$entry++;
		    }
		}
	    }
#	}
	$sql = "SELECT * FROM store_users WHERE store_key='$storeKey' ORDER BY full_name ;" ;
        $res = mysqli_query($link,$sql) or die("Query Failed(storeKey) : " .
            mysqli_error());
        for($i = 1; $i <= mysqli_num_rows($res); $i++) {
            $lines[$i] = mysqli_fetch_array($res);
#            print "line$i" ;
        }

	$page = "Staging Users" ;
	require 'header.php' ;
    ?>
<form id="form1" name="form1" method="post" action="">
</table>
  <div align="center"></div>
  <table width="750" height="27" border="0">
    <tr>
      <td width="303"><input type="submit" name="submit" value="Submit" /></td>
      <td width="335">&nbsp;</td>
      <td width="98"><label for="Submit"></label>
          <div align="left">
            <input name="cancel" type="button" onClick="document.location='menu.php'" value="Cancel" />
        </div></td>
    </tr>
  </table>
  <table width="719" height="227" border="1">
    <tr>
	<td colspan="4"><div align="center"><strong><span class="style3">Manage Store Backroom PC Users</span></strong></div></td>
    </tr>
    <tr>
      <td width="43"><strong>Active</strong></td>
      <td width="300"><strong>Full  Name </strong></td>
      <td width="188"><strong>User Name </strong></td>
      <td width="188"><strong>Password</strong></td>
    </tr>
    <?php
	for($i=1 ; $i <= 15; $i++) {
    ?>
    <tr>
      <td><?php if(isset($lines[$i])) {
                ?><input type="hidden" name="hidden-<?php print $i ; ?>" value="<?php
                print $lines[$i]['row_id'] ;
                ?>"><?php
            }
        ?>
	<input name="active-<?php print $i ; ?>" type="checkbox" value="Y" <?php
            if(isset($lines[$i]['active']) == "Y") {                                                   print "checked=\"checked\"";
            }
            ?>/></td>
      <td><input name="full_name-<?php print $i ; ?>" type="text" size="30" maxlength="30" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['full_name'] . "\"" ;
            }
            ?>/></td>
      <td><input name="user_name-<?php print $i ; ?>" type="text" size="15" maxlength="15" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['user_name'] . "\"" ;
            }
            ?>/></td>
      <td><input name="password-<?php print $i ; ?>" type="text" size="15" maxlength="15" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['password'] . "\"" ;
            }
            ?>/></td>
    </tr>
    <?php
	}
    ?>
  </table>
  <div align="center"></div>
  <table width="750" height="27" border="0">
    <tr>
      <td width="303"><input type="submit" name="submit" value="Submit" /></td>
      <td width="335">&nbsp;</td>
      <td width="98"><label for="Submit"></label>
          <div align="left">
            <input name="cancel" type="button" onClick="document.location='menu.php'" value="Cancel" />
        </div></td>
    </tr>
  </table>
  <p>&nbsp;</p>
</form>
</body>
</html>
<?php } ?>

Open in new window


Looking to fix the undefined index line 30 while converting from an old php to php5.6 and if there are other issues with this code
0
Comment
Question by:JDay2
  • 2
4 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40617666
$_REQUEST[$name_key] and the rest with variables for the index names ($_REQUEST[$hidden_key], $_REQUEST[$active_key])  are undefined in your code above.  They might defined in a form on a previous page.  I have never seen the indexes done with variables like that.  The common format would be like $_REQUEST['firstname'] where 'firstname' is the name of a form element on the previous page.
0
 
LVL 108

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 40617830
It looks like line 30 says this:

if($_REQUEST[$name_key]      != "" || (isset($_REQUEST[$hidden_key])))

Just above that we have these lines that would appear to define the indexes:

for($i=1; $i <= 26; $i++) {
 $hidden_key = "hidden-" . $i ;
 $name_key = "full_name-" . $i  ;

But given that there could be up to 26 indexes, and apparently some of them are not defined, I think the existing logic was written with the idea that undefined variables could be ignored.  A lot of older PHP code worked with that assumption.

My sense is that this code could probably benefit from refactoring with and eye to following the PHP-FIG standards, and with modern programming practices in mind.  $_REQUEST is a security hole that has no place in a deployed application.  It's smarter to use the POST request variables if you're expecting a POST-method request.  There are other things, too -- unescaped variables in query strings and stuff like that.  If it were my task, I would probably consider a do-over to bring this up to current standards.
0
 
LVL 43

Accepted Solution

by:
Chris Stanyon earned 250 total points
ID: 40617899
As a work around you could check the variable is set before checking it's value:

if( (isset($_REQUEST[$name_key]) && $_REQUEST[$name_key] != "") || isset($_REQUEST[$hidden_key]) )

Open in new window

0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40617922
I was wondering if the previous server was supporting 'register_globals' which now obselete.  http://php.net/manual/en/faq.using.php#faq.register-globals   That would explain why the code used to work.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now