Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New Coder
    Join Date
    Sep 2012
    Location
    Philippines
    Posts
    11
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Question [HELP]Undefined index Error

    Error:
    Code:
    Notice: Undefined index: gameid in C:\Xampp\htdocs\index.php on line 5
    Code:
    PHP Code:
    <?php

    include 'connect.php';

    $id $_POST['gameid'];
    $step1 "select * from flashgames where gameid = '$id'";
    $step2 mysql_query($step1) or die ("Could not select game");
    $flashgame mysql_fetch_array($step2);

    echo 
    "<center>";
    echo 
    "<h1>" $flashgame['name'] . "</h1>";
    echo 
    "<embed src='" $flashgame['url'] . "' width='750' height='480'></embed>";
    echo 
    "<p>Game played " $flashgame['playedtimes'] . " times.</p>";
    echo 
    "<b>Game Desciption:</b><br/>" $flashgame['description'];
    echo 
    "<br/><b>Genre:</b> " $flashgame['genre'];
    echo 
    "<br/><b>Controls:</b><br/>" $flashgame['controls'];
    echo 
    "<br/><br/>Did you like the game? <!-- Node.js goes here soon --><form action='rate.php?gameid=1' method='get'><input type='button' name='rate' value='YES'/><input type='button' name='rate' value='NO'/></form>";
    echo 
    "YES: " $flashgame['rate-yes'] . "%<br/>NO: " $flashgame['rate-no'] . "%";
    echo 
    "</center>";

    ?>
    For those who will help.

  • #2
    New Coder
    Join Date
    Sep 2011
    Posts
    74
    Thanks
    0
    Thanked 7 Times in 7 Posts
    It basically means that gameid isn't in the $_POST array.

    Try check of its set before trying to use it.

  • Users who have thanked davidjones1990 for this post:

    KazeFlame (10-23-2012)

  • #3
    Regular Coder
    Join Date
    Sep 2007
    Location
    Grahamstown, South Africa
    Posts
    237
    Thanks
    6
    Thanked 17 Times in 17 Posts
    Couple of small tips:

    PHP Code:
    //use 'isset' to determine if a variable exists
    if (!isset($_POST['gameid'])) {
        die(
    "No game defined");
    }

    //escape any content you may be getting from the user
    //otherwise, you are putting your website in danger (google -> mysql injection)

    $id mysql_real_escape_string($_POST['gameid']); 
    There is a really nice sticky on this forum somewhere (i'll go look for the link), that details good practice when writing PHP code.

    Edit: Found the link, here it is: http://www.codingforums.com/showthread.php?t=220807

  • Users who have thanked idalatob for this post:

    KazeFlame (10-23-2012)

  • #4
    New Coder
    Join Date
    Sep 2012
    Location
    Philippines
    Posts
    11
    Thanks
    9
    Thanked 0 Times in 0 Posts
    XD
    Problem solve. I wrote POST instead of GET.

  • #5
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Quote Originally Posted by KazeFlame View Post
    XD
    Problem solve. I wrote POST instead of GET.
    This still won't actually solve the problem. The issue is you are accessing array offsets which may or may not exist. PHP triggers a notice when it does not, but you code will happily continue without a set variable. If you access the page directly, than it will not work properly.
    As pointed out, you need to check that its set before doing any processing.
    PHP Code:
    if (isset($_GET['gameid']))
    {
        
    // all your code in here
    }
    else
    {
        print 
    'No data to show.';

    The code you have doesn't verify that there isn't a problem otherwise. If the value isn't set, then you still end up with the results, but will trigger many errors since $flashgame will be null. The die on the query won't do anything unless its syntactically a failure; querying an invalid where isn't considered a failure, it will simply return a resultset with no results in it.

    Quote Originally Posted by idalatob View Post
    Couple of small tips:

    PHP Code:
    //use 'isset' to determine if a variable exists
    if (!isset($_POST['gameid'])) {
        die(
    "No game defined");
    }

    //escape any content you may be getting from the user
    //otherwise, you are putting your website in danger (google -> mysql injection)

    $id mysql_real_escape_string($_POST['gameid']); 
    There is a really nice sticky on this forum somewhere (i'll go look for the link), that details good practice when writing PHP code.

    Edit: Found the link, here it is: http://www.codingforums.com/showthread.php?t=220807
    Its a little out of date, but many of the same concepts still applies. I'd recommend moving to PDO or MySQLi even just for the prepared statements. Statements do not need to be escaped since the sql structure is compiled separately from the data provided. So all you need to do in advance is make sure that magic_quotes_gpc isn't running (gone as of 5.4 btw), and if it is to issue a stripslashes first.

  • Users who have thanked Fou-Lu for this post:

    KazeFlame (10-25-2012)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •