Forum Moderators: coopster
Errors
Notice: Undefined index: fromcombo in C:\wamp\www\site\booking.php on line 8
Notice: Undefined index: tocombo in C:\wamp\www\site\booking.php on line 8
Notice: Undefined index: DV in C:\wamp\www\site\booking.php on line 8
php script:
<?php
mysql_connect("localhost", "root", "password");
mysql_select_db("online_bus_project");
mysql_query("INSERT INTO trip (gender, country, date) VALUES ('$_POST[fromcombo]', '$_POST[tocombo]', '$_POST[DV]')");
?>
Html Form:
<form name="tstest" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<CENTER>From : <select name="fromcombo">
<option value="khairpur">Khairpur</option>
<option value="sukkur">Sukkur</option>
</select>
To : <select name="tocombo">
<option value="karachi">Karachi</option>
<option value="hyderabad">Hyderabad</option>
</select></CENTER><br /><br><br>
<CENTER>Date : <script type="text/javascript" language="javascript">
(INPUT(NAME("DV")+READONLY())+INPUT(TYPE("button")+VALUE("Calender")+ONCLICK("popCal(this.form.DV)"))).FORM().write();
</script></CENTER><br><br><br>
<center><input type="submit" value="Submit Info" /></CENTER>
</form>
i have this bit of code at the top of every file:
if (strpos($_SERVER["REQUEST_URI"], 'DEBUG')) {
ini_set("display_errors", 1);
error_reporting(E_ALL);
} else {
error_reporting("E_ALL ~ E_NOTICE");
}
this means when you add ?DEBUG to the url in the browser it turns on all errors, otherwise they are hidden by default. it keeps things tidy for your visitor and allows easy debugging
(rather than having at the top of every file, it would be best to have it in a file which you include() at the top of every file)
hth
thanx for the help its working
You think it is working because you are simply suppressing those notice messages. Notice messages can be OK if your code is handling the situation (although to be honest I think they are always best avoided) - But in your case these Notice messages are actually telling you there is something wrong, because you are not handling the situation correctly in your code.
These notices are basically telling you that $_POST['fromcombo'], $_POST['tocombo'] and $_POST['DV'] are not set (which they won't be when your page first displays, before values are POSTed back from your form). You then proceed to INSERT these blank values directly into your database. Your table 'trip' is going to end up with a blank record - which I'm sure is not required. You are not validating your form input before processing it into your database which is a big security issue.
At the very least you need to do something like (assuming all values must be set):
$fromcombo = isset($_POST['fromcombo']) ? $_POST['fromcombo'] : null;
$tocombo = isset($_POST['tocombo']) ? $_POST['tocombo'] : null;
$dv = isset($_POST['DV']) ? $_POST['DV'] : null;
if (!is_null($fromcombo) && !is_null($tocombo) && !is_null($dv)) {
mysql_query("INSERT INTO trip (gender, country, date) VALUES ('$fromcombo', '$tocombo', '$dv')");
}
But this is not validating your form input. $fromcombo and $tocombo need to be checked to make that the value is in fact one from the select list and that $dv is a valid date (assuming that it is a date).
Full error_reporting should be enabled whilst you are developing your code.
