homepage Welcome to WebmasterWorld Guest from 54.167.11.16
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Switching to mysqli causing errors
phpstuck




msg:4611889
 1:33 am on Sep 23, 2013 (gmt 0)

First post here!

I have a localhost site which has run perfectly well for a few years, then I updates my XAMMP to the new version and found out what mysqli was all about. I have been able to convert most of it back to a working interface, except one section. I have tried everything under the sun, but the problem persists.

Here is the error I'm getting:

Notice: Undefined variable: quan1 in C:\xampp\htdocs\addupc.php on line 39

Here is the code:
<?PHP

include_once 'addinven.php';
include_once 'db.php';

$quan = $_POST['quan'];
$upc = $_POST["upc"];

echo $upc;
//echo "<BR>";
if(($quan < 1)){
echo "<center><b><font face='tahoma' color='red'>** You did not enter a quantity! **</center></b><br />";

}else{
$contlist='SELECT * FROM inven WHERE upc="$_POST[upc]"';
$t = mysqli_query($dbc, $contlist);

/*while ($all = mysqli_fetch_array($t, MYSQLI_BOTH)) {
$quan1 = $all['quant'];
$upc1 = $all['upc'];
$brand = $all['brand'];
$descrip = $all['descrip'];
$size = $all['size'];
$flavor = $all['flavor'];
$cat = $all['cat'];
}
*/

while ($all = mysqli_fetch_array($t)) {
$quan1 = $all['quant'];
$upc1 = $all['upc'];
$brand = $all['brand'];
$descrip = $all['descrip'];
$size = $all['size'];
$flavor = $all['flavor'];
$cat = $all['cat'];
}

$quan2 = (($quan)+($quan1));

//check that upc does not already exist

$sql_user_check ="SELECT upc FROM inven
WHERE upc='$_POST[upc]'";

$user_check = mysqli_num_rows($t);

if(($user_check > 0)){
echo "<center><b><font face='tahoma' color='black'>Updated ".$descrip." </b><br />";

$sql = "UPDATE inven SET quant=(('$quan1')+('$_POST[quan]'))
WHERE upc='$_POST[upc]'";

echo '<TABLE id=AutoNumber4 style="BORDER-COLLAPSE: collapse" borderColor=#111111 height=12
cellSpacing=3 cellPadding=3 width=600 border=1>
<TBODY>
<TR>
<TD width=900 height=12><CENTER>';
echo "<center><font face='tahoma' color='black' size='2'>You now have <b>".$quan2."</b> ".$brand.", ".$descrip." - ".$size."<br />";
echo '</td></tr></table>';

if(!$sql){
echo 'A database error occured while adding your product.';
}


}else{


echo '<TABLE id=AutoNumber5 style="BORDER-COLLAPSE: collapse" borderColor=#111111 bgcolor=black
height=12 cellSpacing=3 cellPadding=3 width=600 border=1>
<TBODY>
<TR>
<TD width=600 height=12><CENTER>';

echo "<center><b><font face='tahoma' color='red'>Item does not exist in database!</b><br /></center>";
echo '</td></tr></table>';
include_once 'addnew.php';


}
}
include_once 'footer.html';

?>




The database connection works, I have tested it over and over (db.php) $dbc is the variable for the connection within that file.

 

swa66




msg:4612014
 1:27 pm on Sep 23, 2013 (gmt 0)

what mysqli was all about.

The code above is not how you're going to find out.

mysqli's biggest improvement is the ability to use prepared statements and use them to separate data from code. That way you avoid sql injections. But the code above is still wide open to sql injection, XSS, and probably a lot more.

Also by now: <center>, <font> really ... it's just sad.
Similarly <center><b>.... </center></b> isn't proper nesting
And don't get me started on tables holding just one cell.

penders




msg:4612030
 2:23 pm on Sep 23, 2013 (gmt 0)

The "Notice" (not an error) you are getting is not because you are using mysqli. You probably had the same "problem" before, but the error_reporting level is probably set "higher" (by default) on the new server, so you are now seeing it.

The reason you are getting this "Notice" is because there are no rows returned in your result set and the $quan1 variable is not being explicitly set. (It will default to 0 in this case.)

Initialise your variables at the start of your code - always good practise.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved