Reputation: 63
How to resolve undefined error in php
<?php
$conn = new mysqli("localhost", "root", "", "hcis") or die(mysqli_error());
$q = $conn->query("SELECT * FROM `vaccine` NATURAL JOIN `itr` WHERE `itr_no` = '$_GET[itr_no]' && `epi_id` = '$_GET[epi_id]'") or die(mysqli_error());
$f = $q->fetch_array();
?>
This is my code. I am getting this error
Notice: Undefined index: itr_no in C:\xampp\htdocs\thesis\admin\epi_print.php on line 25
Notice: Undefined index: epi_id in C:\xampp\htdocs\thesis\admin\epi_print.php on line 25
I tried googling it and found that I have to use isset but I do not know where to put the isset.
Upvotes: 0
Views: 91
Answers (5)
Reputation: 205
isset() is used to check if the variable is set and is not null. Details: https://php.net/manual/en/function.isset.php.
So you should use isset() before you access the $variable. For example:
if (isset($example['id']) {
echo $example['id'];
}
The example above makes sure that if $example['id'] is set, you can access it. If you don't have isset, the echo would run even if $example['id'] was null or undefined - and that would throw an error.
@techiemickey: however, you error is caused by the reason that, you access var in the wrong way. You shout use $_GET['itr_no'] instead of $_GET[itr_no]
Upvotes: 0
Reputation: 23958
You query is vulnerable as you are passing url variables (user input directly) to database query.
Use isset() for checking whether the variable we are using is defined.
Corrected code should be:
$itr_no = isset($_GET['itr_no']) ? $_GET['itr_no'] : '';
$epi_id = isset($_GET['epi_id']) ? $_GET['epi_id'] : '';
$itr_no = $conn->real_escape_string($itr_no);
$epi_id = $conn->real_escape_string($epi_id);
$conn = new mysqli("localhost", "root", "", "hcis") or die(mysqli_error());
$q = $conn->query("SELECT * FROM `vaccine` NATURAL JOIN `itr` WHERE `itr_no` = '$itr_no' && `epi_id` = '$epi_id'") or die(mysqli_error());
$f = $q->fetch_array();
Upvotes: 2
Reputation: 1301
You need surround you form data like, $GET['id']
Your edited code
<?php
$conn = new mysqli("localhost", "root", "", "hcis") or die(mysqli_error());
$q = $conn->query("SELECT * FROM `vaccine` NATURAL JOIN `itr` WHERE `itr_no` = '$_GET['itr_no']' && `epi_id` = '$_GET['epi_id']'");
$f = $q->fetch_array();
?>
Upvotes: 0
Reputation: 937
Using isset() to check your $_GET request value,
<?php
$conn = new mysqli("localhost", "root", "", "hcis") or die(mysqli_error());
//Checkes Whether itr_no And epi_id is available or not
//runs when all are available
if(isset($_GET['itr_no']) && isset($_GET['epi_id'])){
$q = $conn->query("SELECT * FROM `vaccine` NATURAL JOIN `itr` WHERE `itr_no` = '$_GET[itr_no]' && `epi_id` = '$_GET[epi_id]'") or die(mysqli_error());
$f = $q->fetch_array();
}
?>
Use empty() to check $_GET request value
<?php
$conn = new mysqli("localhost", "root", "", "hcis") or die(mysqli_error());
//Checkes Whether itr_no And epi_id is available or not
//runs when all are available
if(!empty($_GET['itr_no']) && !empty($_GET['epi_id'])){
$q = $conn->query("SELECT * FROM `vaccine` NATURAL JOIN `itr` WHERE `itr_no` = '$_GET[itr_no]' && `epi_id` = '$_GET[epi_id]'") or die(mysqli_error());
$f = $q->fetch_array();
}
?>
If you don't want to check using if then at starting you should use to check your $_GET request values like,
$itr_no = isset($_GET['itr_no']) ? $_GET['itr_no'] : '';
$epi_id = isset($_GET['epi_id']) ? $_GET['epi_id'] : '';
Upvotes: 1
Reputation: 31407
having this udefined error again and again
Because, you are trying to access index of an array, which is not defined. In your case, you are trying to access index itr_no and epi_id from array $_GET.
- Verify your URL query string of request, if it contains or may be your form.
or
check if value
issetbefore accessing itif(isset($_GET['itr_no']) && isset($_GET['epi_id'])){
Upvotes: 1