1

I'm very new guy on php. I have a website project on my course. I'm stuck on this part and could not move more. Need to help for solving this. I tried to reach email and password like on my code, this error says it's not like this.

I have an error like this:

Notice: Undefined index: email in C:\xampp\htdocs\CONFIG.PHP on line 6 Notice: Undefined index: password in C:\xampp\htdocs\CONFIG.PHP on line 7 Info could not write on database!

(solved with 

if($_SERVER['REQUEST_METHOD'] == 'POST') {
//...

) but now any info does not go to database

config.php:

<?php
    ob_start();
    include "dbconnect.php";

    $email=$_POST["email"];
    $password=$_POST["password"];
    $username=$_POST["username"];
    $submit = isset($_POST['submit']) ? $_POST['submit'] : null;
        $sql="select * from users where email = '".$email."' and password = '".$password."' and username = '".$username."'";
        $query=mysql_query($sql);
        $counter=mysql_num_rows($query);
        if ($counter!=0){ 
            echo "<font size= 3 >This user has been registered before. Please check information.</font>";
        }else{
            $sql2 = "INSERT INTO users(email, password, username) VALUES ('".$email."','".$password."','".$username."'";
            $add = mysql_query($sql2);
             if($submit){ 
                echo "<br>You have registered successfully!
                Please click. ";
                header("Location:regedIndex.html");
             }else{ 
                echo "Info could not write on database!"; 

             } 
            ob_end_flush();
         }
?>

register.html:

<html>
    <head>
        <script type="text/javascript" src="jquery-1.9.1.min.js"></script>
        <link type="text/css" rel="stylesheet" href="popupbox.css"/>
        <link type="text/css" rel="stylesheet" href="main.css"/>
        <script type="text/javascript" src="https://www.google.com/jsapi">
    </script>
    </head>
    <body>
    <div id="logo">
            <div id="left" style="width: 500px;
                height: 100px; margin: 10px 15px 10px 8px;">
                <a href="index.php">
                    <img src="images/logo.png">
                </a>
            <div id="right">

            </div>
        </div>

        <div id="login">
            <div id="triangle"></div>
            <h1>Register</h1>
                <form action="config.php" method="post">
                    <input type="email" name="email" placeholder="Email" />
                    <input type="text" name="username" placeholder="Username" />
                    <input type="password" name="password" placeholder="Password" />
                    <input type="submit" value="Register"/>
                </form>
        </div>
        </br></br></br></br></br></br></br></br></br></br></br></br></br></br>
        <div id="contacts">
            <footer id="footer">
                <ul class="icons">
                    <li>
                        <a href="https://twitter.com/voteproject"> <img src="images/twitter.svg"></a>
                        <a href="https://facebook.com/voteproject"> <img src="images/facebook.svg"></a>
                        <a href="https://github.com/CS320VoteProject/VoteProject"> <img src="images/github.svg"></a>
                    </li>
                </ul>
            </footer>
        </div>
</body>
</html>
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
mustafakoseoglu
  • 13
  • 1
  • 4
  • Something does not match here. I doubt that really is the html form posted to the system. – arkascha Dec 15 '15 at 21:07
  • I checked these kinds of pages but it does not work I have also another login part, It works. All info be checked. – mustafakoseoglu Dec 15 '15 at 21:09
  • 1
    Once you figure this part out, you should read about [preventing sql injections in php](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – skrilled Dec 15 '15 at 21:09
  • You also should hash your passwords. – chris85 Dec 15 '15 at 21:16
  • @mustafakoseoglu I think you have a typo. You forgot to add the ending `)` in values. Change it to this `$sql2 = "INSERT INTO users (email, password, username) VALUES ('".$email."','".$password."','".$username."')";` – Robin Carlo Catacutan Dec 15 '15 at 21:31
  • I remove the *"(solved but edited)"* from your question's title. If there's anything that needs clarification, add the details in your question, or ask the person who gave you an answer, or post a new question. When a question is marked as solved, it is accepted as you did for the answer below. If it did not solve it completely, you can either un-accept it, or tell them what's not working for you. – Funk Forty Niner Dec 15 '15 at 22:11
  • this is also failing you `$submit = isset($_POST['submit']) ? $_POST['submit'] : null;` there is no element hold the `submit` name attribute. – Funk Forty Niner Dec 15 '15 at 22:13

2 Answers2

4

Add if($_SERVER['REQUEST_METHOD'] == 'POST') to check if the form has been submitted.

e.g.

<?php
  if($_SERVER['REQUEST_METHOD'] == 'POST') {
    ob_start();
    include "dbconnect.php";

    $email=$_POST["email"];
    $password=$_POST["password"];
    $username=$_POST["username"];
    $submit = isset($_POST['submit']) ? $_POST['submit'] : null;
    $sql="select * from users where email = '".$email."' and password = '".$password."' and username = '".$username."'";
    $query=mysql_query($sql);
    $counter=mysql_num_rows($query);
    if ($counter!=0){ 
        echo "<font size= 3 >This user has been registered before. Please check information.</font>";
    }else{
        $sql2 = "INSERT INTO users(email, password, username) VALUES ('".$email."','".$password."','".$username."'";
        $add = mysql_query($sql2);
         if($submit){ 
            echo "<br>You have registered successfully!
            Please click. ";
            header("Location:regedIndex.html");
         }else{ 
            echo "Info could not write on database!"; 

         } 
        ob_end_flush();
    }
  }
?>
Robin Carlo Catacutan
  • 13,249
  • 11
  • 52
  • 85
1

The error tells you that the index (usually an array key) email does not exist. This is the line:

$email=$_POST["email"];

The reason it throws this error is because the $_POST superglobal is only filled after the form has been submitted and not when you load it for the first time. Yet, you do no check if this is the case, hence the error. You can avoid it by simply putting a check on the request method around your code:

<?php
ob_start();
include "dbconnect.php";

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $email=$_POST["email"];
    $password=$_POST["password"];
    // etc.
}

On a (very important) side note: Please stop using mysql_ functions. They have been deprecated since 2013 and dropped entirely in PHP7 that has just been released earlier this month. This means that the code is no longer supported. If you would try to run this script on an up-to-date server, it won't run. Also see Why shouldn't I use mysql_* functions in PHP?.

Community
  • 1
  • 1
Oldskool
  • 34,211
  • 7
  • 53
  • 66