You'll get an undefined index if you reach this PHP script from a link that is not using the URL as you specified. So, if I type ...

http://www.example.com/index.php

... into the address bar without the QUERY STRING you mentioned earlier and then your script tries to set that cookie, I'll receive the undefined index error.

I didn't know that.

How can I remedy this coop?

Thanks

Isn't 'undefined index' a warning, not an error?

yes but it shows as an error on the page, so how would I be able to alter the code so I can check if the variable is being set, if it is set the cookie if not bypass it.

Thanks

Warnings are still errors because something is happening that you as the programmer obviously did not plan for, and neither did your end user. Best to monitor for the possibility and write clean code.

First, you need to know that the $_GET superglobal is going to contain only those variables (name/value pairs) that are passed in the QUERY STRING (that stuff after the? in your URL). So you could use isset() [php.net] to check if the variable exists first.

isnt that what I was doing?

lol I've been out of the game for awhile.

Thanks

You are checking the $_COOKIE, not the $_GET superglobal. You'll need to check both I suppose.

if (!isset($_GET['ref']) && !isset($_COOKIE['referral'])) { 
setcookie(referral, $_GET['ref'], 2592000 + time()); 
}

As a C++ programmer, I can say that considering warnings as errors is an excellent best practice. I've gotten used to ignoring errors in PHP, though, because so many of these CMS systems blow up big time when you turn warnings on.

In my own code, I like to do things like coopster showed you. Just good practice.

hmmm, have updated the code, but still seem to have the same error.

is there a way I could do it with just the variable and exclude the cookie?

if (!isset($ref])) {
$referral = 'admin';
}

would that work?

I just want to get it right before it goes live.

Thanks

Here's a band-aid:

As we've mentioned, it's a good practice to eliminate warnings.

However, if you don't want them displayed (I tend to turn them off for "live" servers, and on for "sandbox" servers), you do this:

ini_set('display_errors', 1);
ini_set('error_reporting', E_ERROR);

Warnings will not be shown. If you do this:

ini_set('display_errors', 1);
ini_set('error_reporting', E_ALL);

or this:

ini_set('display_errors', 1);
ini_set('error_reporting', E_ERROR ¦ E_WARNING);

they will.

Talks about it here [us.php.net].

One thing about PHP is that it is an interpreted language. That basically means that it won't register an error or warning until it comes upon that error. The exception is for structural errors, like improperly closed brackets.

This is different from compiled languages, like C++, where everything needs to resolve before the code is deployed.

In an interpreted language, if you never encounter a code path during runtime, you never get to see any problems with that code. In C++, we have a concept called "code coverage," which indicates which parts of the code are being called when. If we look at a code coverage map, and see that a subroutine is not being called, then it may indicate a bug, or an appendix that can be removed. It may also indicate some badly-written or untested code that could blow up as soon as we use it.

What does this have to do with this type of issue?

In PHP, you can prevent execution of an entire path that would otherwise generate warnings and/or errors. It will not generate these warnings. You can't really do that in C++.

This is both good and bad. It can give us great power, and really nasty bugs.

For example, say that you have a series of parameters that all work together:

index.php?verbose_output=1&show_values=1&show_names=1

Now,

show_values

and

show_names

only make sense if

verbose_output

is set.

In your PHP, you may have this:

$verbose = $_GET['verbose_output'];
$values = $_GET['show_values'];
$names = $_GET['show_names'];

These will generate a number of warnings if they are declared in this fashion.

What we would do to stop that would be:

if(isset($_GET['verbose_output'])){
$verbose = $_GET['verbose_output'];
$values = $_GET['show_values'];
$names = $_GET['show_names'];
}

There's one problem with this, however. If

verbose_output

is set, but neither of the other two options are set, then you will still get warnings when you use

verbose_output

.

You can remedy that in two ways:

if(isset($_GET['verbose_output'])){
$verbose = $_GET['verbose_output'];
if(isset($_GET['show_values'])){
$values = $_GET['show_values'];
}
if(isset($_GET['show_names'])){
$names = $_GET['show_names'];
}
}

or

if(isset($_GET['verbose_output'])){
$verbose = $_GET['verbose_output'];
}
if(isset($_GET['show_values'])){
$values = $_GET['show_values'];
}
if(isset($_GET['show_names'])){
$names = $_GET['show_names'];
}

hmm, I sort of understand where you are coming from, and if I am understanding it correctly, this will work right?

if (!isset($ref)) {
setcookie(referral, $_GET['ref'], 2592000 + time());
}

I do not want to disable any eror messages, I would rather just fix the code.

Thanks

I assume so.

It looks like you are setting a cookie, and don't want to set it if it already exists. There are a couple of variables involved, and one of them is a parameter that is provided on the URI calling the page. If this is not provided, then you can't set the cookie anyway.

In the example you give, I assume that "$ref" is the same as "$_GET['ref']". Note also that you don't have a dollar sign in front of "referral." If the idea is to call the cookie "referral", then this is fine, as PHP will assume that this is a string value. However, just as a best practice, I would still surround it in quotes to make it clear that it's a string value.

hmmmm, I update the code and I get this.

Undefined index: ref

as well as

Use of undefined constant referral - assumed 'referral'

when visiting the main page.

anyone have an idea?

Thanks

Just for S's and G's, try this:

if ( isset($_GET['ref']) &&!isset($_COOKIE['referral']) ) {
setcookie('referral', $_GET['ref'], 2592000 + time());
}

Pretty much exacly what coopster suggested, with quotes around 'referral'.