PHP. Error in Apache log: PHP Notice: Undefined index

When using $_SESSION

I have 2 PHP files

DBFunctions.php
GetUsers.php


DBFunction file has this query

DBFunction.php
--------------

<?php

session_start();

public function getUserByEmailAndPassword($email, $password) {

        $result = mysql_query("SELECT * FROM users WHERE email = '$email'") or die(mysql_error());
        		
        // check for result
 
        $no_of_rows = mysql_num_rows($result);

        if ($no_of_rows > 0) {
			
           $result = mysql_fetch_array($result);

			$_SESSION['email'] = '$email';
			
            $salt = $result['salt'];

            $encrypted_password = $result['encrypted_password'];

            $hash = $this->checkhashSSHA($salt, $password);
 
           // check for password equality
 
           if ($encrypted_password == $hash) {

                // user authentication details are correct
 
               return $result;

Open in new window

and i wanted to pass the variable in $_SESSIONresults ($_SESSION should contain email user entered) to the GetUSers.php file

GetUSers.php
------------
//$_SESSION passed to this query

<?php 
session_start();
// get all products from products table 
$result = mysql_query("SELECT users.uid, users.name
FROM users
WHERE EXISTS (SELECT 0 FROM available A1, available A2
WHERE A1.uid =users.uid AND A2.uid = users.uid
AND A1.Available = A2.Dates
\\Passed in by the $_SESSION from the DBFunctions query
AND users.email <> '".$_SESSION['email']."')") or die(mysql_error()); 

Open in new window


But i get this error

Error



[15-Oct-2015 15:33:29 Europe/Paris] PHP Notice:  Undefined index: email in C:\wamp\www\GRESTApi\GetUsers.php on line 26

[15-Oct-2015 15:33:29 Europe/Paris] PHP Stack trace:

[15-Oct-2015 15:33:29 Europe/Paris] PHP   1. {main}() C:\wamp\www\GRESTApi\GetUsers.php:0


Line 26 of the GetUSers.php file is this
AND users.email <> '".$_SESSION["email"]."')") or die(mysql_error());

I suspect the problem is the variable is not being passed to the GetUsers.php file and so the  $_SESSION variable in GetUsers.php is NULL.
But why? I have declared the $_SESSION and started the $_SESSION
wilko1000Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
The first use of '$result' is fine but the second use overwrites the first so you will not be getting the 'results' you're looking for.  Try this after you define the 'return' value at the end.
<?php
session_start();
public function getUserByEmailAndPassword($email, $password) {
    $result = mysql_query("SELECT * FROM users WHERE email = '$email'") or die(mysql_error());
                  
        // check for results
 
        $no_of_rows = mysql_num_rows($result);

        if ($no_of_rows > 0) {
           // use a different variable name for the rows returned starting here
           $rows = mysql_fetch_array($result);

                  $_SESSION['email'] = '$email';
                  
            $salt = $rows['salt'];

            $encrypted_password = $rows['encrypted_password'];

            $hash = $this->checkhashSSHA($salt, $password);
 
           // check for password equality
 
           if ($encrypted_password == $hash) {

           // user authentication details are correct
// this doesn't work because $result from above is Not a variable but a reference
            return $result;  // the return must be a value or an array.
            }

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ray PaseurCommented:
Try raising your error_reporting() level to E_ALL so you can see if your script accidentally relies on an undefined variable.

You probably want to check this before it's too late...
http://www.experts-exchange.com/articles/11177/PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html

All of the PHP functions return values of some sort - perhaps boolean, or string, or resource, etc.  You can test these results and print them with var_dump() to see what the function returned.  Whenever you get an unexpected return value, var_dump() is your friend!
Vimal DMSenior Software EngineerCommented:
Hi,

Check for the IF condition working when session value is assigned.

1.I guess your not getting the result set, so the condition in not coming inside your IF statement so obviously the session variable will not be assigned.

2.So when accessing a session array key which is not exists will throw an error as you your getting it now.
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

Ray PaseurCommented:
I just edited the question to put the code into the CODE snippet, and now I think I can see the error.  Going forward, please use the CODE snippet feature when you post code at E-E.  It makes things much easier to read and discuss because we have a unispace font and line numbers.

Check this statement:
$_SESSION['email'] = '$email';

Open in new window

Single quotes have a unique meaning in PHP which causes PHP to ignore variable substitution.  Please read this article to understand what is happening here.  Then remove the quotes around $email and you may get better results!
http://www.experts-exchange.com/articles/12241/Quotation-Marks-in-PHP.html

HTH, ~Ray
wilko1000Author Commented:
Hi Ray

I changed this
$_SESSION['email'] = '$email';

to this
$_SESSION['email'] = $email;

And made no difference
wilko1000Author Commented:
What i did test is this...

if i explicity set the $_SESSION in the GetUsers.php page it works

example
//GetUsers.php
<?php
session_start();

$_SESSION['email'] = "Test@test.com" \\test email

If I set it in the DBFunction.php page it does not work

example
//DBFunction.php  
<?php
session_start();
$_SESSION['email'] = "Test@test.com" \\test email

Same error
PHP Notice:  Undefined index: email in C:\wamp\www\GRESTApi\GetUsers.php on line 26

Its as if the $_SESSION variable is not being passed from //DBFunction.php to the GetUsers.php
Dave BaldwinFixer of ProblemsCommented:
Your 'DBFunction.php' page has too many errors to work properly.  I pointed that out in the first response above to this question.
Ray PaseurCommented:
Suggest you simplify this problem into the SSCCE, so you can reduce the risk of confusion in your test cases.

The $_SESSION variable never has to be "passed" -- it is a PHP superglobal and therefore it is available in every scope and namespace after session_start() has been called.  It's actually much easier than many people think (or overthink).


In case you're new to PHP and want to find some good learning resources, this article may be able to help.
http://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.