Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New Coder
    Join Date
    Jan 2006
    Posts
    89
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Help needed with Recurring error: Notice: Undefined index

    Hi there,

    I am trying to incorporate Advanced Login System into my site, but I keep getting errors such as:

    Notice: Undefined index: REMOTE_HOST in /my_root_path/htdocs/login.inc.php on line 229

    Notice: Undefined index: rmbpw in /my_root_path/htdocs/login.inc.php on line 102

    Notice: Undefined variable: _SESSION in /my_root_path/htdocs/login.inc.php on line 51

    Notice: Undefined index: HTTP_REFERER in /my_root_path/htdocs/login.inc.php on line 56

    There is no problem with the system if I place it straight onto the server "as is". The problems started when I tried to include the main content of the login file as an "inc.php" file.

    What I have done is taken the original index.php file of the system and placed
    <?php include ('login.inc.php'); ?> so that the login system is included as a separate file. This gives me the file login.php, which has the style of the original site with the login form included in it. I think that maybe some code is conflicting from the original system with the login code.

    Here is the code for login.php:

    PHP Code:
    <?php
        session_start
    ();
        
    error_reporting(E_ALL);

        include_once (
    "config/config.php");
        include_once(
    'libs/phemplate.class.inc');
        include_once(
    'libs/vilkmerge.class.inc');
        include_once(
    'libs/catalog.class.inc');
        
        
    $engine = new vilkmerge();
        
    $catalog = new Catalog();
        
    $banners = new banners();
        include(
    'inc/tpl.inc');


    // gathering top menus from database 

        
    $sql="SELECT M.id, M.parent, N.name, M.hover_title, M.meta_description, N.lang, M.theorder FROM menu M INNER JOIN menu_names N ON M.id = N.menu_id AND N.lang = 'lithuanian' ORDER BY M.theorder ASC";                                 
        
        
    $get_header_menu=mysql_query($sql);
        
    $menu_number=mysql_num_rows($get_header_menu);
        
    $menu_width =round(100/$menu_number);
        
        
    $menu_contents='';
        
    $menu_contents.='<table cellpadding="1" width="900px" cellspacing="1"><tbody><tr>';
        while (
    $list_menu=mysql_fetch_array($get_header_menu)){
            
        
    $menu_contents.='<td width="'.$menu_width.'%"><div align="center">
        <a href="'
    .processLink2($list_menu["id"],$list_menu["name"]).'">'.$list_menu["name"].'</a></div></td>';
            
        }
        
    $menu_contents.='</tr></tbody></table>';
    // end of top menu gathering

    // random featured girls
    $random_girl=mysql_fetch_array(mysql_query("SELECT PI.product_id, P.name, PI.filename FROM product_images PI INNER JOIN products P ON PI.product_id=P.id WHERE P.featured=1 GROUP BY P.name ORDER BY RAND() LIMIT 1"));

    if (
    $random_girl){
    $featured_girl='<table width="100%" border="0" cellpadding="0" cellspacing="0" class="border" bgcolor="#D83C85"><tr><td height="20" align="center"><strong>Featured  Escort</strong></td></tr><tr><td align="center" style=" font-family:Verdana, Arial, Helvetica, sans-serif; font-size:11px; color:#FFFFFF;">
    <a href="'
    .processLink($random_girl["product_id"], $random_girl["name"]).'"><img border=0 src="makethumb.php?pic=product_images/'.$random_girl["filename"].'&amp;w=145&amp;sq=N" /></a></td></tr><tr><td align="center" style=" padding-bottom:5px; padding-top:5px; color:#FFFFFF;"><strong>'.$random_girl["name"].'</strong></td></tr></table>    <br>';
    } else {
    $featured_girl='';
    }


    // collecting left menu
        
    $query mysql_query("SELECT * FROM catalog WHERE lang='lithuanian' ORDER BY `theorder` ");
        
    $left_menu='';
        
        while (
    $row mysql_fetch_array($query)) {
            if (
    $row["parent"]!='0'){
            
    $left_menu.= "d.add(".$row["id"].",".$row["parent"].",'".$row["name"]."','".processLink1($row["id"], $row["name"])."'); \n";
                }else {
            
    $left_menu.= "d.add(".$row["id"].",".$row["parent"].",'".$row["name"]."',''); \n";
            }
    }


    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    <head>
    <? 
    $new_title
    =$setts['sitename'];
    if(isset(
    $_GET["product"])){

    $title=mysql_fetch_array(mysql_query("SELECT name, id FROM products WHERE id='".$_GET["product"]."'"));
    $details=mysql_query("SELECT CF.theorder, PD.field_id, PD.text, CF.name
    FROM product_details PD
    LEFT JOIN catalog_fields CF ON CF.id=PD.field_id
    WHERE PD.product_id='"
    .$title["id"]."'
    GROUP BY CF.theorder"
    );

    $new_title=$setts['sitename']." ".$title["name"];

    while (
    $list_title=mysql_fetch_array($details)){
    $new_title.="-".$list_title["name"]."-".$list_title["text"];
     }
    }
    ?>
    <title>
    <?=$new_title;?>
    </title>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <link rel="stylesheet" type="text/css" href="css/main.css" />
    <script type="text/javascript" src="/js/stuff/site_stuff.js"></script>
    <script type='text/javascript' src='js/dtree.js'></script>
    <meta name="Keywords" content="" />
    <meta name="Description" content="" />
    <meta name="rating" content="general" />
    <meta name="distribution" content="global" />
    <meta name="robots" content="index, follow" />
    <meta name="revisit-after" content="5 days" />
    </head>
    <body lang="en" xml:lang="en">
    <div id="header_container">
      <div id="top_menu_container">
        <ul id="top_menu_nav">
          <li>
            <div class="header">
              <?=$menu_contents;?>
            </div>
          </li>
        </ul>
      </div>
      <img src="images/header_top.jpg" width="900" height="190" /></div>
    <div id="main_container">
      <div id="content_container">
        <div id="left_container">
          <div class="button">
            <script type="text/javascript">
                            d = new dTree('d');
                            d.add(0,-1,'ALL ESCORTS GALLERY','index.php?id=all');
                            <?=$left_menu;?>
                            document.write(d);
                        </script>
          </div>
          <div class="button2">
            <? include "newest.php";?>
          </div> 
        </div>
        <div id="top_container_right">
          <div class="text_box">
            <div align="center"><a href="work.php">EMPLOYMENT</a></div>
          </div>
          <div class="bigTArea">
            <p align="center">
              <?=$featured_girl;?>
            </p>
            <p align="center">&nbsp;</p>
            <form action="search_girls.php" method="post">
              <table width="100%" border="0" cellpadding="0" cellspacing="0" class="search_box">
                <tr >
                  <td><div  class="text_box" align="center">ADVANCED SEARCH</div></td>
                </tr>
                <tr>
                  <td class="search_box" style="search_box"><?php $catalog->searchbox(); ?>
                    <p align="center">
                      <input type="submit" name="make_filter" value="Search" />
                      <br />
                      <br />
                  </p></td>
                </tr>
              </table>
            </form>
            </p>
          </div>
        </div>
        <div id="middle">
          <?php include ('login.inc.php'); ?>
        </div>
      </div>
    </div>
    <?php include('footer.php'); ?>
    </div>
    </body>
    </html>
    As you can see the login.inc.php is included in the file above. Now here is the code for login.inc.php:

    PHP Code:
    <?php
    /* DO NOT EDIT THIS FILE UNLESS YOU KNOW WHAT YOU ARE DOING! */
    /*
    login.php
    */

    //this function disables errors when header code is not on the 1st line of code.
    ob_start();
    //include the configuration file. fatal error if file doesn't exist
    require ("config/config_log.php");
    //checking of sql database
    $check_db "SELECT * FROM ".$mysql_pretext."_users";
    $check_db2 "SELECT * FROM ".$mysql_pretext."_logins";
    if (!
    mysql_query ($check_db) || !mysql_query ($check_db2))
    {
        
    //if tables doesn't exist,then install the tables
        
    include ("install.php");
    }
    else
    {
        
    //checking of install file
        
    if (file_exists ("install.php")) die ("<font color=\"red\">FATAL ERROR. INSTALL.PHP EXISTS! POSSIBLE SECURITY RISK! TERMINATING PROGRAM</font>");
    }
    //session_start(); 
    //begin to wipe datebase entries
    if ($development == TRUE)
    {
        
    //chance the time between 3 failed login attempts and another login attempt to 10 seconds only
        //for developmental user
        
    $timeframe time() - 10;
    }
    else
    {
        
    $timeframe time() - 15*60;
    }
    $command "DELETE  FROM ".$mysql_pretext."_logins WHERE lastattempt < '".$timeframe."'";
    mysql_query ($command)
        or die(
    mysql_error()); 
    //check if the use is logged in 1st. If not logged in,why bother logging them out?
    if (isset ($_SESSION['loggedin']) && isset ($_SESSION['time']))
    {
        
    //destroys the login sessions
        
    unset ($_SESSION);
        
    session_destroy();
        
    //set the last IP
        
    $command "UPDATE ".$mysql_pretext."_users SET lastip='$_SERVER[REMOTE_ADDR]' WHERE username='$_SESSION[loggedin]'";
        
    mysql_query ($command)
            or die (
    mysql_error());
        print 
    '<html><head><title>Logout</title></head><body>';
        
    //get the link to return
        
    if ($_SERVER['HTTP_REFERER']) $link $_SERVER['HTTP_REFERER'];
        else 
    $link $_SERVER['PHP_SELF'];
        print 
    '<p align="center">You are logged out. Thank you for using Advanced Login System. A copy can be obtained from <a href="http://www.iqueststudios.com" target="_blank">www.iqueststudios.com</a></p><p align="center"><a href="'.$link.'">Continue</a></p>';
        die();
    }
    else if (isset(
    $_POST['login']))
    {
        
    //set the ip addr of the browser. combine the IP addr with the hostname and port number to reduce risks of two users with the same IP from different proxies from getting mixed up.
        //ipaddr is md5"ed" to prevent leakage of private information.
        
    $ipaddr md5 ($_SERVER['REMOTE_ADDR'].$_SERVER['REMOTE_HOST'].$_SERVER['HTTP_USER_AGENT']);
        
    //get current timestamp
        //$time =date('U');
        //check if there is already a log of the user in the database
        
    $mysql1 "SELECT * FROM ".$mysql_pretext."_logins WHERE ipaddr='$ipaddr'";
        
    $mysql2 mysql_query ($mysql1)
            or die(
    mysql_error());
        
    $mysql3 mysql_fetch_array ($mysql2);
        
    //create a log of user if non existent
        
    if (!$mysql3)
        {
            
    $mysql2 "INSERT INTO  ".$mysql_pretext."_logins (ipaddr,tries,lastattempt,attuser,logexpire) VALUES ('$ipaddr',0,'0',0,0)";
            
    mysql_query ($mysql2) or die (mysql_error());
            
    //debug messages
            //print "You have been logged<br />";
            //print $ipaddr.'<br />';
            //print $time;
        
    }
        
    //if not, then create a log of the user
        
    else
        {
            
    $logged 1;
            
    //debug messages
            //print "You were logged<br />";
            //print $ipaddr.'<br />';
            //print $time;
        
    }
        
    //link to stylesheet. change this to suit your own website
        
    print '<link rel="stylesheet" type="text/css" href="style.css" />';
        
    //check if the anti hacking cookie is set or has reached its limit
        //$_COOKIE['tries'] = $mysql3['tries'];
        
    if (!isset ($myql3['tries']) || $mysql3['tries'] != '0')
        {
            
            
    //define all the vars in case the server don't support the use of global vars
            
    $username strip_tags ($_POST['username']);
            
    $password strip_tags ($_POST['password']);
            
    $rmbpw $_POST['rmbpw'];
            
    //if there is need for image validation
            
    if ($display_bot_image_login)
            {
                
    $code $_POST['code'];
                
    //$realcode = $_POST['realcode'];
                //?imgtxt=".base64_encode ($imgtxt)."\
                //incorrect number
                
    $realcode rawurldecode (base64_decode ($_SESSION['imgcode'])); 
                
    $realcode str_replace (' ' '' ,$realcode); 
                if (
    md5($code) != md5 ($realcode))
                {
                    
    //print $mysql3['lastattempt'];
                    
    $expire time()+(10);
                    if (
    $mysql3['tries'] <= '3' && $mysql3['tries'] != 0)
                    {
                        
    //reduce the number of tries
                        
    $tries $mysql3['tries'] - 1;
                        
    //print $tries;
                        
    print '<p align="center">Invalid validation code.<b>'.$tries.'</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
                        
    //setcookie ('tries', $tries, time()+900, '/', '', 0);
                        
    $update1 "UPDATE ".$mysql_pretext."_logins SET tries = '$tries',attuser='$username',lastattempt='".time()."',logexpire='$expire' WHERE ipaddr = '$ipaddr'";
                        
    $update2 mysql_query ($update1)
                            or die(
    mysql_error());
                        die();
                    }
                    else
    // if ($mysql3['lastattempt'] == '0')
                    
    {
                        
    //set the cookie to hold the variable
                        
    print '<p align="center">Invalid validation code.<b>3</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
                        
    //setcookie ('tries', 3, time()+900, '/', '', 0);
                        
    $update1 "UPDATE ".$mysql_pretext."_logins SET tries = '3',attuser='$username',lastattempt='".time()."',logexpire='$expire' WHERE ipaddr = '$ipaddr'";
                        
    $update2 mysql_query ($update1)
                            or die(
    mysql_error());
                        die();
                    }    
                    
    /*else
                    {
                        print "ERROR CODE: 1";
                        die();
                    }*/            
                
    }
                
    //continue
            
    }
            
    //encode the password in the same encoding as that stored in the db
            
    $mpassword md5($password);
            
    //search for the user.
            //check if there is need to validate the account and use suitable MySQL command
            
    if ($need_to_validate_acct == TRUE
            { 
                
    $search_login "SELECT * FROM ".$mysql_pretext."_users WHERE username='$username' AND password='$mpassword' AND validated='1'"
            }
            else 
            {
                
    $search_login "SELECT * FROM ".$mysql_pretext."_users WHERE username='$username' AND password='$mpassword'";
            }
            
    $search_login2 mysql_query ($search_login) or die (mysql_error()) ;
            
    $search_login3 mysql_fetch_array ($search_login2);
            
            if (
    $search_login3
            {
                
    //valid login!
                
    if (isset ($rmbpw))
                {
                    
    //set these cookie to remember the user next time he logs in.
                    
    setcookie ('username'$usernametime()+1209600'/'''0); 
                    
    setcookie ('password'base64_encode ($password), time()+1209600'/'''0);
                }
                
    //if don't wish to continue remembering username and password
                
    else if(empty ($rmbpw) && isset ($_COOKIE['username']) && isset ($_COOKIE['password']))
                {
                    
    //remove these cookie.
                    
    setcookie ('username'''time()-60'/'''0); 
                    
    setcookie ('password'''time()-60'/'''0);
                }
                
    //start the sessions
                //the line is to be replaced on top line of page
                //session_start();
                //remove the anti-hacking cookie-feature-redundant now
                //setcookie ('tries', '', time()-60, '/', '', 0);
                
    $_SESSION['loggedin'] = $_POST['username'];
                
    $_SESSION['time'] = time();
                
    //header ('Location: '.$PHP_SELF);
                //exit;
                
    if ($development == TRUE) print "<meta http-equiv=\"Refresh\" content=\"5; url=".$PHP_SELF."\">";            
                else print 
    "<meta http-equiv=\"Refresh\" content=\"0; url=".$PHP_SELF."\">";
            } 
            else 
            {
                
    //invalid login!
                
    if ($mysql3['tries'] <= '3' && $mysql3['tries'] != 0)
                {
                    
    //reduce the number of tries
                    //$tries = $_COOKIE['tries'] - 1;
                    
    $tries $mysql3['tries'] - 1;
                    print 
    '<p align="center">Invalid username and password combination or non-activated account.<b>'.$tries.'</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
                    
    //setcookie ('tries', $tries, time()+900, '/', '', 0);
                    
    $update1 "UPDATE ".$mysql_pretext."_logins SET tries = '$tries',attuser='$username',lastattempt='".time()."',logexpire='$expire' WHERE ipaddr = '$ipaddr'";
                    
    $update2 mysql_query ($update1)
                        or die(
    mysql_error());                
                    die();
                }
                else
                {
                    
    //set the cookie to hold the variable
                    
    print '<p align="center">Invalid username and password combination or non-activated account.<b>3</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
                    
    //setcookie ('tries', 3, time()+900, '/', '', 0);
                    
    $update1 "UPDATE ".$mysql_pretext."_logins SET tries = '3',attuser='$username',lastattempt='".time()."',logexpire='$expire' WHERE ipaddr = '$ipaddr'";
                    
    $update2 mysql_query ($update1)
                        or die(
    mysql_error());
                    die();
                }
            }
            
        }
        else 
        {
            
    //block the computer from logging in
            
    print '<p align="center">You have entered invalid data for 3 times in a row. Please wait 15 minutes to try again.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
        }
        
    mysql_close();
    }
    //if the user did not click login.
    else
    {
        
    //set the ip addr of the browser. combine the IP addr with the hostname and port number to reduce risks of two users with the same IP from different proxies from getting mixed up.
        //ipaddr is md5"ed" to prevent leakage of private information.
        
    $ipaddr md5 ($_SERVER['REMOTE_ADDR'].$_SERVER['REMOTE_HOST'].$_SERVER['HTTP_USER_AGENT']);
        
    //get current timestamp
        
    $time =date('U');
        
    //check if there is already a log of the user in the database
        
    $mysql1 "SELECT * FROM ".$mysql_pretext."_logins WHERE ipaddr='$ipaddr'";
        
    $mysql2 mysql_query ($mysql1)
            or die(
    mysql_error());
        
    $mysql3 mysql_fetch_array ($mysql2);
    ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
    "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <title></title>
    <!--<link rel="stylesheet" type="text/css" href="css/log_style.css" />-->
    <script type="text/javascript">
    function popUp(URL) {
    day = new Date();
    id = day.getTime();
    eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=1,menubar=0,resizable=0,width=400,height=300,left = 337,top = 159');");
    }
    </script>
    </head>
    <body>
    <center>
    </center>
    <table width="300" border="1" cellspacing="1px" cellpadding="5px" align="center" style="border-style:solid; border-width:2px; border-collapse:collapse;">
      <tr bgcolor="#666666" height="25px">
        <td><div class="log_heading">Login</div></td>
      </tr>
      <tr bgcolor="#410121" height="200">
        <td valign="top">
          <p>Welcome. Please login.</p>
          <p>&nbsp;</p>
          <form action="<?php //print $_SERVER['PHP_SELF']; ?>" method="post" name="login">
            <p>Username:&nbsp;<input type="text" name="username" value="<?php if (isset ($_COOKIE['username'])){print $_COOKIE['username'];}?>" size="20" />
            </p>
            <p><br />
              Password:&nbsp;&nbsp;<input type="password" name="password" value="<?php if (isset ($_COOKIE['password'])){print base64_decode ($_COOKIE['password']);}?>" size="20" />
              </p><br/>
            <?php 
        
    if ($display_bot_image_login)
        {
            
    $img1 rand (1,9);
            
    $img2 rand (1,9);
            
    $img3 rand (1,9);
            
    $img4 rand (1,9);
            
    $imgtxt $img1.'%20'.$img2.'%20'.$img3.'%20'.$img4;
            
    $_SESSION ['imgcode'] = base64_encode ($imgtxt);
            
    //print "<input type=\"hidden\" name=\"realcode\" value=\"".md5($imgtxt)."\" />";
            
    print "Enter the number below: <input type=\"text\" name=\"code\" size=\"4\" maxlength=\"4\" /><br /><img src=\"makeimg.php\" /><br />";
            print 
    "<small>(<a href=\"#\" onClick=\"history.go()\">refresh</a> if you cannot see the number)</small><br />";
            print 
    "<br />";
        }
        
    ?>
        Remember Pass? <input type="checkbox" name="rmbpw" <?php if (isset ($_COOKIE['password'])){print "checked=checked";} ?> />
        <input type="submit" value="Login" name="login" <?php if ($mysql3['tries'] <= '0'&& $mysql3['lastattempt'] != /* &&time() > $mysql3['logexpire']*/) {print 'disabled="disabled"'; } ?> />
        </form>
        <? if ($allow_guest_to_register)
        {
        
    ?>
        <a href="#" onClick="popUp('register.php')">Register | </a>
        <? ?>
        <a href="#" onClick="popUp('reset.php')">Forgot Password?</a>
        </td>
      </tr>
    </table>
    <hr align="center" width="400px" />
    <div align="center">&copy; iQuest Studios 2007</div>
    </body>
    </html>
    <?php 
    }
    ob_end_flush();
    ?>
    Sorry about the huge amount of code. Just a note, I have 2 config files. One for the login.php file and one for the login.inc.php file. Could this cause the errors? I have done a lot of research on google the errors given are usually corrected by fixing the (isset($_POST['login'])) to (isset($_GET['login'])). I tried this but it didnt work.

    If anyone can help I'd really appreciate this as its been driving me crazy at work for days now!

    Regards
    Jp
    Last edited by jpmad4it; 02-26-2008 at 11:06 AM.

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    Check out this page in the manual for info on the two $_SERVER indices that are giving you problems.

    The rmbpw index isn't always going to be set but it looks like you're trying to use it whether it's set or not.

    Same thing for the variable $_SESSION; you attempt to use it without knowing if it's set or not.

  • #3
    New Coder
    Join Date
    Jan 2006
    Posts
    89
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Fumigator View Post
    Check out this page in the manual for info on the two $_SERVER indices that are giving you problems.

    The rmbpw index isn't always going to be set but it looks like you're trying to use it whether it's set or not.

    Same thing for the variable $_SESSION; you attempt to use it without knowing if it's set or not.
    Hey, thanks for the input. I will check out that link and see if I can interpret what its trying to say!

    So for the variable $_SESSION and index rmbpw, would I need to use something similar to if(!isset('$_SESSION') to determine if they have been set or not? Sorry if there are any mistakes, I'm still a newbie

    If what I say above is correct, what would I need to do if those variables are not set? Would I just exit; ?

    I can turn off these notices using error_reporting(E_ALL ^ E_NOTICE); but its surely best to fix these notices???

    regards
    Jonathan

  • #4
    New Coder
    Join Date
    Jan 2006
    Posts
    89
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Hmm i'm totally lost with this one. I've fixed a few errors by using the following, for example,

    if (array_key_exists('HTTP_REFERER',$_SERVER)) $link = $_SERVER['HTTP_REFERER'];

    This removed the HTTP_SERVER error. I tried to implement this and use it to remove the other errors but its not working.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •