PHP undefined index error when clicking a url and invoking a php script

Question

I have a call to a PHP script from my home page which I do like this:

echo '<a href="/problems/delete_problem.php?problem_id='.$problem_id.'">Delete</a>';

So it is pretty standard.

Then in my PHP I have this code:

<?php
// delete_problem

include '../connect.php'; // Here I have db connection settings

error_log ( ".......in delete problem");

$problem_id = mysql_real_escape_string($_GET["problem_id"]);

?>

And the last line where I try to get the problem_id is throwing the undefined index error. Any idea why?

Thanks!

Answer 1

Bleh, all you people with the mysql_real_escape string...

Always check if a variable is set before you try and assign the value of it to another variable.

Also use (int) to cast!!

if (isset($_GET["problem_id"])){
  $problem_id = (int) $_GET["problem_id"];
}

Answer 2

For values coming from the user, always make sure they are present and possibly validate their format.

Use:

if (isset($_GET['problem_id']) && trim($_GET['problem_id']) != '') {
    $problem_id = $_GET['problem_id'];
    // make sure it is a number
} else {
   echo "No problem id given!";
}

That warning appears because the $_GET array doesn't contain a value problem_id, most likely because it was not passed with the URL.

Answer 3

Have you got an actual connection inside connect.php? Or does it just store variables and the like?

mysql_real_escape_string may be causing a problem as if a connection is not available it will fail.

Beyond that, try echoing out the contents of the GET variable. You can also check whether it exists by using (isset($_GET["problem_id"])).