user16174
Reputation: 59
PHP Error With Form - Undefined index
I am trying to use a form to insert a new row into a MySQL database. I apologies if my code is poor, I am still very much a beginner in PHP.
Here is my current code:
<?php
$page ="Add New Member";
require('header.php');
require('authentication.php');
if (isset($_POST)){
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$mobile_number = $_POST['number'];
$programme = $_POST['programme'];
$db->query('INSERT INTO members (first_name, last_name, email, mobile_number, programme)
VALUES ($first_name, $last_name, $email, $mobile_number, $programme');
}
?>
<br />
<div class="col-lg-8 col-lg-offset-2 col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">
Add New Member
</div>
<div class="panel-body">
<div class="row">
<div class="col-lg-6">
<form method="post">
<div class="form-group">
<label>Membership Number</label>
<input name="mem_number" class="form-control" type="text" autocomplete="off" readonly value="<?php foreach($db->query('SELECT id FROM members ORDER BY id DESC LIMIT 1') as $row) {
echo $row['id']+1;}?>">
<p class="help-block">This is automatically assigned.</p>
</div>
<div class="form-group">
<label>First Name</label>
<input type="text" name="first_name" class="form-control" autocomplete="off">
<p class="help-block">Enter your first name here.</p>
</div>
<div class="form-group">
<label>Last Name</label>
<input type="text" name="last_name" class="form-control" autocomplete="off">
<p class="help-block">Enter your last name here.</p>
</div>
<div class="form-group">
<label>Email</label>
<input type="email" name="email" class="form-control" autocomplete="off">
<p class="help-block">Enter your email address here.</p>
</div>
<div class="form-group">
<label>Mobile Number</label>
<input type="text" name="phone_number" class="form-control" autocomplete="off">
<p class="help-block">Enter your phone number here.</p>
</div>
<div class="form-group">
<label>Programme</label>
<select class="form-control" name="programme">
<option>Bootcamp</option>
<option>28 Day Fat Blaster</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Add Member</button>
<button type="reset" class="btn btn-default">Reset Button</button>
</form>
</div>
<!-- /.col-lg-6 (nested) -->
</div>
<!-- /.row (nested) -->
</div>
<!-- /.panel-body -->
</div>
<!-- /.panel -->
</div>
<!-- /.col-lg-12 -->
When I submit the form, I get the following error:
[Fri Oct 03 14:34:01.561508 2014] [:error] [pid 3813] [client 127.0.0.1:41855] PHP Notice: Undefined index: first_name in /var/www/html/addmember.php on line 7, referer: http://localhost/members.php
[Fri Oct 03 14:34:01.561613 2014] [:error] [pid 3813] [client 127.0.0.1:41855] PHP Notice: Undefined index: last_name in /var/www/html/addmember.php on line 8, referer: http://localhost/members.php
[Fri Oct 03 14:34:01.561639 2014] [:error] [pid 3813] [client 127.0.0.1:41855] PHP Notice: Undefined index: email in /var/www/html/addmember.php on line 9, referer: http://localhost/members.php
[Fri Oct 03 14:34:01.561663 2014] [:error] [pid 3813] [client 127.0.0.1:41855] PHP Notice: Undefined index: number in /var/www/html/addmember.php on line 10, referer: http://localhost/members.php
[Fri Oct 03 14:34:01.561686 2014] [:error] [pid 3813] [client 127.0.0.1:41855] PHP Notice: Undefined index: programme in /var/www/html/addmember.php on line 11, referer: http://localhost/members.php
[Fri Oct 03 14:34:30.224432 2014] [:error] [pid 3836] [client 127.0.0.1:41856] PHP Notice: Undefined index: number in /var/www/html/addmember.php on line 10, referer: http://localhost/addmember.php
Now I understand that this means that $_POST['first_name'] is not defined, but I thought that it would be defined when it is posted.
My question is, what am I doing wrong?
Upvotes: 0
Views: 3334
Answers (3)
Funk Forty Niner
Reputation: 74217
The following line is incorrect and is missing quotes in a few places, including for your VALUES variables, and a missing bracket ).
$db->query('INSERT INTO members (first_name, last_name, email, mobile_number, programme)
VALUES ($first_name, $last_name, $email, $mobile_number, $programme');
change it to:
$db->query("INSERT INTO members (first_name, last_name, email, mobile_number, programme)
VALUES ('$first_name', '$last_name', '$email', '$mobile_number', '$programme')");
Your select is also missing values for them, so you will not get anything back from it.
<select class="form-control" name="programme">
<option value="bootcamp">Bootcamp</option>
<option value="fatblaster">28 Day Fat Blaster</option>
</select>
Suggestion:
Instead of if(isset($_POST)) use if(isset($_POST['submit'])){...} while using an input instead of a button.
I.e.:
<input type="submit" name="submit" value="Add Member">
it's more efficient than if(isset($_POST))
Your present code is open to SQL injection.
I suggest you use prepared statements, or PDO with prepared statements, they're safer.
Upvotes: 1
Alex Quintero
Reputation: 1179
In this cases is useful to print the results of $_POST to debug/know the structure.
if( $_POST ) {
die( print_r($_POST) );
// or use
// die( var_dump($_POST) );
}
This way, you know what's inside $_POST.
And here:
$db->query('INSERT INTO members (first_name, last_name, email, mobile_number, programme) VALUES ($first_name, $last_name, $email, $mobile_number, $programme)');
You should be using double quotes and bracking the variables:
$db->query("INSERT INTO members (first_name, last_name, email, mobile_number, programme) VALUES ('{$first_name}', '{$last_name}', '{$email}', '{$mobile_number}', '{$programme}')");
In fact, you should be using prepared statements and parameter bindings:
$db->query('INSERT INTO members (first_name, last_name, email, mobile_number, programme) VALUES (:first_name, :last_name, :email, :mobile_number, :programme)');
Upvotes: 2
ʰᵈˑ
Reputation: 11375
Your errors are being triggered with these lines;
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$mobile_number = $_POST['number'];
$programme = $_POST['programme'];
Therefore, you can do a simple check
$first_name = array_key_exists('first_name', $_POST) ? $_POST['first_name'] : "";
- Checking the
POSTmay also be a good idea in case the client modifies the HTML markup to not POST a form input (with the same name), throwing an error. - You should always check keys exists in an array before using them.
- You should validate and sanitize all your inputs.
Now on to your query.
As these are string, you must treat them as such, by quoting them.
$db->query("INSERT INTO members (first_name, last_name, email, mobile_number, programme)
VALUES ('{$first_name}', '{$last_name}', '{$email}', '{$mobile_number}', '{$programme}')");
- You were also not closing the
VALUESbracket. - Look into prepared statements
Your programme input
You're missing value for your options
<select class="form-control" name="programme">
<option value="bootcamp">Bootcamp</option>
<option value="28_day_fat_blaster">28 Day Fat Blaster</option>
</select>
Upvotes: 1
Related Questions
- How to fix 'Undefined index:' in PHP form action?
- Error: Undefined Index php
- Wordpress php undefined index with form posting to db
- Why do I get “undefined index”?
- PHP undefined index / variable
- Undefined index errors in PHP form submission code
- Undefined Index PHP: Can't Find Form Values
- Simple php "Undefined index" error on form submit
- PHP error. “ Undefined index” the data from the form won't insert into the mysql database
- Undefined Index PHP