Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Undefined index line 30 php code

Posted on 2015-02-18
4
124 Views
Last Modified: 2015-02-23
<?php
    session_start() ;
    $link = mysqli_connect("", "", "","")
        or die("Could not connect : " . mysqli_error() );
    mysqli_select_db($link,"") or die("Could not select database");

#$printer_array = array("Oki 420 Ticket",
#        "Oki 420 Report",
#        "Dell 1700 Laser") ;

    if(!isset($_SESSION['storeKey'])) {
        ?>
<html xmlns="http://www.w3.org/1999/xhtml">
<body>
You have not selected a store. Please proceed to the following page to select a store.<br>
<A href="http:///menu.php">Select Here</a>
</body>
</html>
    <?php
    } else {
        $storeKey = $_SESSION['storeKey'] ;
#	print_r($_REQUEST) ;
#	print_r(array_keys($_REQUEST)) ;
#	if(($_SESSION['access'] <= 2) && ($_SESSION['locked'] != 'Y')) {
	     if(isset($_REQUEST['submit'])) {
		$entry = 1;
		for($i=1; $i <= 26; $i++) {
		    $hidden_key = "hidden-" . $i ;
		    $name_key = "full_name-" . $i  ;
		    if($_REQUEST[$name_key]	!= "" ||
			    (isset($_REQUEST[$hidden_key])))
				{
			$active_key = "active-" . $i ;
			if(isset($_REQUEST[$active_key])) {
			    $active = $_REQUEST[$active_key] ;
			} else {
			    $active = "N" ;
			}
			$name = $_REQUEST[$name_key];
			$user_name_key = "user_name-" . $i ;
			$user_name = $_REQUEST[$user_name_key];
			$password_key = "password-" . $i ;
			$password = $_REQUEST[$password_key];
			if(isset($_REQUEST[$hidden_key])) {
			    $hidden = $_REQUEST[$hidden_key] ;
			    print "Update"; 
			    $sql = "UPDATE store_users SET full_name='$name', 
				user_name='$user_name', 
				password='$password',
				active='$active'
				WHERE row_id='$hidden' ; " ;
			    $res = mysqli_query($link,$sql) or 
				die("UPDATE Failed($i) : " .  mysqli_error()) ;
			} else {
			    print "insert"; 
			    $sql = "INSERT INTO store_users (store_key, 
				full_name, user_name, password, active)
				VALUES ('$storeKey', '$name', '$user_name', 
				'$password', '$active');";
			    $res = mysqli_query($link,$sql) or 
				die("INSERT Failed($i) : " .  mysqli_error()) ;
			}
			$entry++;
		    }
		}
	    }
#	}
	$sql = "SELECT * FROM store_users WHERE store_key='$storeKey' ORDER BY full_name ;" ;
        $res = mysqli_query($link,$sql) or die("Query Failed(storeKey) : " .
            mysqli_error());
        for($i = 1; $i <= mysqli_num_rows($res); $i++) {
            $lines[$i] = mysqli_fetch_array($res);
#            print "line$i" ;
        }

	$page = "Staging Users" ;
	require 'header.php' ;
    ?>
<form id="form1" name="form1" method="post" action="">
</table>
  <div align="center"></div>
  <table width="750" height="27" border="0">
    <tr>
      <td width="303"><input type="submit" name="submit" value="Submit" /></td>
      <td width="335">&nbsp;</td>
      <td width="98"><label for="Submit"></label>
          <div align="left">
            <input name="cancel" type="button" onClick="document.location='menu.php'" value="Cancel" />
        </div></td>
    </tr>
  </table>
  <table width="719" height="227" border="1">
    <tr>
	<td colspan="4"><div align="center"><strong><span class="style3">Manage Store Backroom PC Users</span></strong></div></td>
    </tr>
    <tr>
      <td width="43"><strong>Active</strong></td>
      <td width="300"><strong>Full  Name </strong></td>
      <td width="188"><strong>User Name </strong></td>
      <td width="188"><strong>Password</strong></td>
    </tr>
    <?php
	for($i=1 ; $i <= 15; $i++) {
    ?>
    <tr>
      <td><?php if(isset($lines[$i])) {
                ?><input type="hidden" name="hidden-<?php print $i ; ?>" value="<?php
                print $lines[$i]['row_id'] ;
                ?>"><?php
            }
        ?>
	<input name="active-<?php print $i ; ?>" type="checkbox" value="Y" <?php
            if(isset($lines[$i]['active']) == "Y") {                                                   print "checked=\"checked\"";
            }
            ?>/></td>
      <td><input name="full_name-<?php print $i ; ?>" type="text" size="30" maxlength="30" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['full_name'] . "\"" ;
            }
            ?>/></td>
      <td><input name="user_name-<?php print $i ; ?>" type="text" size="15" maxlength="15" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['user_name'] . "\"" ;
            }
            ?>/></td>
      <td><input name="password-<?php print $i ; ?>" type="text" size="15" maxlength="15" <?php
            if(isset($lines[$i])) {
                print "value=\"" . $lines[$i]['password'] . "\"" ;
            }
            ?>/></td>
    </tr>
    <?php
	}
    ?>
  </table>
  <div align="center"></div>
  <table width="750" height="27" border="0">
    <tr>
      <td width="303"><input type="submit" name="submit" value="Submit" /></td>
      <td width="335">&nbsp;</td>
      <td width="98"><label for="Submit"></label>
          <div align="left">
            <input name="cancel" type="button" onClick="document.location='menu.php'" value="Cancel" />
        </div></td>
    </tr>
  </table>
  <p>&nbsp;</p>
</form>
</body>
</html>
<?php } ?>

Open in new window


Looking to fix the undefined index line 30 while converting from an old php to php5.6 and if there are other issues with this code
0
Comment
Question by:JDay2
  • 2
4 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40617666
$_REQUEST[$name_key] and the rest with variables for the index names ($_REQUEST[$hidden_key], $_REQUEST[$active_key])  are undefined in your code above.  They might defined in a form on a previous page.  I have never seen the indexes done with variables like that.  The common format would be like $_REQUEST['firstname'] where 'firstname' is the name of a form element on the previous page.
0
 
LVL 109

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 40617830
It looks like line 30 says this:

if($_REQUEST[$name_key]      != "" || (isset($_REQUEST[$hidden_key])))

Just above that we have these lines that would appear to define the indexes:

for($i=1; $i <= 26; $i++) {
 $hidden_key = "hidden-" . $i ;
 $name_key = "full_name-" . $i  ;

But given that there could be up to 26 indexes, and apparently some of them are not defined, I think the existing logic was written with the idea that undefined variables could be ignored.  A lot of older PHP code worked with that assumption.

My sense is that this code could probably benefit from refactoring with and eye to following the PHP-FIG standards, and with modern programming practices in mind.  $_REQUEST is a security hole that has no place in a deployed application.  It's smarter to use the POST request variables if you're expecting a POST-method request.  There are other things, too -- unescaped variables in query strings and stuff like that.  If it were my task, I would probably consider a do-over to bring this up to current standards.
0
 
LVL 43

Accepted Solution

by:
Chris Stanyon earned 250 total points
ID: 40617899
As a work around you could check the variable is set before checking it's value:

if( (isset($_REQUEST[$name_key]) && $_REQUEST[$name_key] != "") || isset($_REQUEST[$hidden_key]) )

Open in new window

0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40617922
I was wondering if the previous server was supporting 'register_globals' which now obselete.  http://php.net/manual/en/faq.using.php#faq.register-globals   That would explain why the code used to work.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
This article discusses how to create an extensible mechanism for linked drop downs.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question