CODEWITHSUNDEEP
php
user1309180
user1309180

Reputation: 59

I am getting undefined index on all of my $_POST after submitting

I have a page here where it recieves all of the details from a previous page and posts it in the database on this page. Now lets say I have multiple exams (lets say 2 exams). When I finish the creating the first exam and then submit the form to itself, I suddenly get notices for all of the $_POSTs in the code below. Why am I getting these notices on all of my $_POST’s after my first exam? All the notices have stated that all of those indexes with a $_POST in front of it is undefined.

Below is my code:

<?php
session_start();

if (isset($_POST['id'])) {

$_SESSION['id'] = $_POST['id'];

}


if (isset($_POST['dateChosen'])) {

$_SESSION['dateChosen'] = $_POST['dateChosen'];

}

if (isset($_POST['timeChosen'])) {

$_SESSION['timeChosen'] = $_POST['timeChosen'];

}


$username="xxx";
$password="xxx";
$database="xxx";

mysql_connect('localhost',$username,$password);

mysql_select_db($database) or die( "Unable to select database");

  $insert = array();

  for ($i = 1, $n = $_POST['sessionNum']; $i <= $n; ++$i)
  {
    $insert[] = "' ". mysql_real_escape_string( $_POST['id'] ) . ($n == 1 ? '' : $i) . "',' ". mysql_real_escape_string( $_POST['timeChosen'] ) . "',' ". mysql_real_escape_string( date("Y-m-d", strtotime( $_POST['dateChosen'] ) ) ) . "'";
  }

  $sql = "INSERT INTO Session (SessionId, SessionTime, SessionDate) 
  VALUES (" . implode('), (', $insert) . ")";


  mysql_query($sql);

mysql_close();



?>

Upvotes: 0

Views: 108

Answers (1)

DdD
DdD

Reputation: 453

Even though you DO check isset($_POST[variable]) earlier, you aren't checking in the future parts of the code.

You don't know whether the earlier check has passed or failed (only on success you write to your session) - you should perhaps encase your code with

if(isset($_POST['id']) {

    mysql_connect('localhost',$username,$password);

    mysql_select_db($database) or die( "Unable to select database");

      $insert = array();

      for ($i = 1, $n = $_POST['sessionNum']; $i <= $n; ++$i)
      {
        $insert[] = "' ". mysql_real_escape_string( $_POST['id'] ) . ($n == 1 ? '' : $i) . "',' ". mysql_real_escape_string( $_POST['timeChosen'] ) . "',' ". mysql_real_escape_string( date("Y-m-d", strtotime( $_POST['dateChosen'] ) ) ) . "'";
      }

      $sql = "INSERT INTO Session (SessionId, SessionTime, SessionDate) VALUES (" . implode('), (', $insert) . ")";


      mysql_query($sql);

    mysql_close();


} else {
   //build the form which sends in ID
}

as you are trying to grab $_POST['id'] without being sure it exists? Make sense?

Upvotes: 3

Related Questions