Welcome to WebmasterWorld Guest from 54.145.144.101

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Switching to mysqli causing errors

   
1:33 am on Sep 23, 2013 (gmt 0)



First post here!

I have a localhost site which has run perfectly well for a few years, then I updates my XAMMP to the new version and found out what mysqli was all about. I have been able to convert most of it back to a working interface, except one section. I have tried everything under the sun, but the problem persists.

Here is the error I'm getting:

Notice: Undefined variable: quan1 in C:\xampp\htdocs\addupc.php on line 39

Here is the code:
<?PHP

include_once 'addinven.php';
include_once 'db.php';

$quan = $_POST['quan'];
$upc = $_POST["upc"];

echo $upc;
//echo "<BR>";
if(($quan < 1)){
echo "<center><b><font face='tahoma' color='red'>** You did not enter a quantity! **</center></b><br />";

}else{
$contlist='SELECT * FROM inven WHERE upc="$_POST[upc]"';
$t = mysqli_query($dbc, $contlist);

/*while ($all = mysqli_fetch_array($t, MYSQLI_BOTH)) {
$quan1 = $all['quant'];
$upc1 = $all['upc'];
$brand = $all['brand'];
$descrip = $all['descrip'];
$size = $all['size'];
$flavor = $all['flavor'];
$cat = $all['cat'];
}
*/

while ($all = mysqli_fetch_array($t)) {
$quan1 = $all['quant'];
$upc1 = $all['upc'];
$brand = $all['brand'];
$descrip = $all['descrip'];
$size = $all['size'];
$flavor = $all['flavor'];
$cat = $all['cat'];
}

$quan2 = (($quan)+($quan1));

//check that upc does not already exist

$sql_user_check ="SELECT upc FROM inven
WHERE upc='$_POST[upc]'";

$user_check = mysqli_num_rows($t);

if(($user_check > 0)){
echo "<center><b><font face='tahoma' color='black'>Updated ".$descrip." </b><br />";

$sql = "UPDATE inven SET quant=(('$quan1')+('$_POST[quan]'))
WHERE upc='$_POST[upc]'";

echo '<TABLE id=AutoNumber4 style="BORDER-COLLAPSE: collapse" borderColor=#111111 height=12
cellSpacing=3 cellPadding=3 width=600 border=1>
<TBODY>
<TR>
<TD width=900 height=12><CENTER>';
echo "<center><font face='tahoma' color='black' size='2'>You now have <b>".$quan2."</b> ".$brand.", ".$descrip." - ".$size."<br />";
echo '</td></tr></table>';

if(!$sql){
echo 'A database error occured while adding your product.';
}


}else{


echo '<TABLE id=AutoNumber5 style="BORDER-COLLAPSE: collapse" borderColor=#111111 bgcolor=black
height=12 cellSpacing=3 cellPadding=3 width=600 border=1>
<TBODY>
<TR>
<TD width=600 height=12><CENTER>';

echo "<center><b><font face='tahoma' color='red'>Item does not exist in database!</b><br /></center>";
echo '</td></tr></table>';
include_once 'addnew.php';


}
}
include_once 'footer.html';

?>




The database connection works, I have tested it over and over (db.php) $dbc is the variable for the connection within that file.
1:27 pm on Sep 23, 2013 (gmt 0)

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



what mysqli was all about.

The code above is not how you're going to find out.

mysqli's biggest improvement is the ability to use prepared statements and use them to separate data from code. That way you avoid sql injections. But the code above is still wide open to sql injection, XSS, and probably a lot more.

Also by now: <center>, <font> really ... it's just sad.
Similarly <center><b>.... </center></b> isn't proper nesting
And don't get me started on tables holding just one cell.
2:23 pm on Sep 23, 2013 (gmt 0)

WebmasterWorld Senior Member penders is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



The "Notice" (not an error) you are getting is not because you are using mysqli. You probably had the same "problem" before, but the error_reporting level is probably set "higher" (by default) on the new server, so you are now seeing it.

The reason you are getting this "Notice" is because there are no rows returned in your result set and the $quan1 variable is not being explicitly set. (It will default to 0 in this case.)

Initialise your variables at the start of your code - always good practise.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month