This question already has answers here:
PHP sessions that have already been started [duplicate]
(11 answers)
mysqli_stmt::bind_result(): Number of bind variables doesn't match number of fields in prepared statement
(2 answers)
Closed 1 year ago.
I have developed a simple search page but I can't seem to get it to work. I'm faced with 2 problems, which I think are linked. When I go on the search form page, the error:
Notice: Undefined index: userlogged in header.php on line 36 Notice: Undefined index: adminlogged in header.php on line 59`
And when using the search form using valid test data, these errors are shown:
Notice: A session had already been started - ignoring session_start() in header.php on line 3 Notice: Undefined index: userlogged in header.php on line 36 Notice: Undefined index: adminlogged in header.php on line 59
mysqli_stmt::bind_result(): Number of bind variables doesn't match number of fields in prepared statement in search.php on line 12
I wont post the header.php as I think it's because of the bind_result, however I'm not sure how I've done this wrong.
I have tried removing the session_start() from header.php so it's not included automatically, but that just throws this error:
Notice: Undefined variable: _SESSION in header.php on line 36 Notice: Undefined variable: _SESSION in header.php on line 59
Searchform.php
<?php
ob_start();
error_reporting(E_ALL);
?>
<br><br><br>
<?php
ini_set('display_errors', -1);
include 'header.php';
include 'connection.php';
?>
<br /><br />
<html>
<header>
<link rel="stylesheet" type="text/css" href="web.css" />
<link rel="stylesheet" type="text/css" href="/web.css" />
</header>
<body>
<center>
<h2>Search for people</h2>
<br />
Please enter the name you wish to search for<br /><br />
<form method="post" action="search.php" id="searchform">
<input type="text" name="name">
<input type="submit" name="searchsubmit" value="Submit">
</form>
<br /><br/>
Or search people by category
</center>
</body>
</html>
Search.php
<?php
if(isset($_POST['searchsubmit']))
{
include 'searchform.php';
include 'header.php';
$name = $_POST['name'];
if ($stmt = $connection->prepare ("SELECT * FROM users WHERE Username = ?"))
{
$stmt->bind_param('s', $name);
$stmt->execute();
$stmt->bind_result($personresult);
$stmt->fetch();
print_r($personresult);
}
else
{
echo "<p>Please enter a search query</p>";
}
}
else
{
echo "NOT SET!";
}
?>
Without knowing what the columns are in your database, I can only give a partial response to what you are doing wrong with the bind_result.
But before that, you are going to run in to an issue with sessions and your header stuff because you are showing all notices. I would suggest starting it on the requested pages rather than your includes. So right after you start the script, make the call to session_start() and don't make it anywhere else. Note that it must go before any output.
Now, for the bind_result. What the error message is telling you is that you are selecting more from your table than just one column. ie, you might be selecting a userid, uname, realname, etc. But when you bind the result, you are only giving it room for one of those. So a basic example to show you the relationship, I'll modify your select slightly:
$stmt = $connection->prepare ("SELECT userId, userName, realName FROM users WHERE Username = ?")
Then when you bind your result, you will want to do something like:
$stmt->bind_result($userId, $userName, $realName);
For each column you select in your statement, you need a variable to represent it within your bind_result call.
Related
I'm trying to learn PHP and i'm doing my first login connection page to my Active Directory, i've already done those two pages:
form.php:
<HTML>
<body>
<form action="ADconnect" method="post">
<p>Votre login : <input type="text" name="login"/></p>
<p>Votre password : <input type="password" name="password"/></p>
<p><input type="submit" value="OK"></p>
</form>
</body>
</HTML>
ADconnect.php:
<?php
//check var
$check_password = $_POST['password'];
$check_dn= $_POST['login'];
//display of check var
echo $check_password;
echo "<br>";
echo $check_dn;
echo "<br>";
//AD's connexion var
$AD_con = ldap_connect("ADname") or die("could not connect to AD");
$AD_dn = "CN=".ldap_connect('$_POST['login']').",OU=XXX,OU=XXX,DC=XXX,DC=XXX";
$AD_password = ldap_connect('$_POST['password']');
echo $AD_dn;
echo "<br>";
//what i've tried to convert the AD's var:
//convert of $AD_con and $AD_password
//$AD_dn1 = strval($AD_dn);
//$AD_password1 = strval($AD_password);
//display of the converts
//echo $AD_dn1;
//echo $AD_password1;
//connect function
if (isset($_POST['login']) && $_POST['password'] == 0){
if (ldap_bind($AD_con, $AD_dn, $AD_password)){
include 'frontpage.php';
}
else{
echo "invalid user/pass or other error";
}
}
else
echo "var aren't correctly collect";
?>
I have an error when i'm trying to test those two pages and that's what i get:
pitword
Pit wasntme
CN=Resource id #7,OU=XXX,OU=XXX,DC=XXX,DC=XXX
A PHP Error was encountered
Severity: Warning
Message: ldap_bind() expects parameter 3 to be string, resource given
Filename: pages/ADconnect.php
Line Number: 30
Backtrace:
File: C:\wamp64\www\test\application\views\pages\ADconnect.php
Line: 30
Function: ldap_bind
File: C:\wamp64\www\test\application\controllers\pages.php
Line: 10
Function: view
File: C:\wamp64\www\test\index.php
Line: 315
Function: require_once
invalid user/pass or other error
So the values of my fields login and password are correctly recovered from one page to the other, and i've tested the connect function with plain text to see if the problem was coming from this. But i've reached my AD server.
The problem seems to be that when i'm using the ldap_connect() function, the values of my variables $AD_dn and $AD_password are changed into "resource #7" and "resource #8". Normally it have to display "pit wasntme" for $AD_dn and "pitpass" $AD_password for the connect function.
By reading the error, i've understood that i've to convert them into strings, because it is what the ldap_bind needs for the second and third parameters. Which i've tried with what i've found on the net (i've put it in my comments below my last echo ""), but the result is still the same.
If anyone can give a tip or an explanation on what i am doing wrong or on how can i recovers correctly (in the good format) my entered values sent by my form, it will be great.
Thanks to take time for reading this thread.
Ok thanks to whoever have try to help me but i've found the solution: i was using ldap_connect() on the $_POST['login'] and $_POST['password'] but if i remove this function all works correctly!
I tried to make this program that takes a credit card number and checks if it it valid or not and let the user know about it but in my program, i dont get echo message at all on clicking submit
<?php
session_start();
if (isset($_POST['submit'])){
$number=$_POST['cc'];
$total=0;
$i=1;
$last4= substr($number,-4,4);
$number=$str_split($number);
$number=array_reverse($number);
foreach($number as $digit){
if(i%2==0){
$digit*=2;
if($digit>9){
$digit -=9;
}
}
$total += $digit;
$i++;
}
if($total%10==0){
echo "Your credit card number ending in ".$last4." is valid";
}
else
{
echo "Your credit card number ending in ".$last4." is invalid";
}
}
?>
<html>
<head>
<title>Credit Card Number</title>
</head>
<body>
<form action="cards.php">
<input type="text" name="cc">
<input type="submit" name="submit">
</form>
</body>
</html>
Let's go over this, one step at a time.
Firstly, the following condition never gets met/satisfied, since you're using a POST array against a form that does not (specifically) contain a "post" method in it <form action="cards.php">.
if (isset($_POST['submit'])){
// ...
}
Since forms default to a "GET" method when "POST" was not implied, it needs to be included.
<form action="cards.php" method="post">
Next, we have the following error (pulled from and stated in comments):
"Notice: Undefined variable: str_split"
str_split() should have been declared as a function, rather than a variable.
$number=$str_split($number);
^ $ is a variable character
It needs to be removed:
$number= str_split($number);
And then we have the following error (also pulled from and stated in comments):
Use of undefined constant i - assumed 'i'"
That was caused by the missing $ for the "i" in if(i%2==0) and is first declared in $i=1;.
It looked for a constant of that name, and since it did not find one, it threw you that error.
Therefore, it should read as:
if($i%2==0)
I am trying to send back the last inserted id after I insert some data into my database. I am successfully entering the data into the database, but there is no response data being sent back. I am using Php PDO and it is hosted on Google App Engine and my headers are set to application/json in the dbconnect.php file. What do I need to add to make it successfully send back response data.
<?php
require('dbconnect.php');
$statement=$con->prepare('INSERT INTO customers (fname, lname) VALUES (:fname,:lname)');
$statement->execute(array(':fname' => $_POST['fname'], ':lname' => $_POST['lname'] ));
$orderId = $statement->lastInsertId();
$json = $json_encode($orderId);
echo $json;
$con = null;
?>
I got Notice: Undefined index: fname and Notice: Undefined index: lname and Fatal error: Call to undefined method PDOStatement::lastInsertId() – Moustache_Me_A_Question 10 mins ago
You have no name attributes for the form elements.
Therefore you need to add them to your elements.
Here is an example form you can base yourself on:
<form action="" method="post">
First name:
<input type="text" name="fname">
<br>
Last name:
<input type="text" name="lname">
<br>
<input type="submit" name="submit" value="Submit">
</form>
That is why you're getting undefined index notices.
$json = $json_encode($orderId); should read as $json = json_encode($orderId); - json_encode() shouldn't be a variable but the function itself.
http://php.net/manual/en/function.json-encode.php
Also:
$orderId = $statement->lastInsertId();
to
$orderId = $con->lastInsertId();
which is why you're getting this message:
Fatal error: Call to undefined method PDOStatement::lastInsertId()
lastInsertId() is a method of the PDO class, not the PDOStatement class.
which I found in Bill Karwin's answer when Googling the error:
https://stackoverflow.com/a/8580768/
I wrote a simple php script that basically echos the values put into a form on the page, later, I will have this write to a DB but I was working on troubleshooting it before I did that since I keep getting this warning.
Does anyone know why I am getting it? If I just fill in the fields and submit the form, the script works fine and the warning disappears.
PHP Function:
function quickEntry()
{
$subTitle = $_POST['subTitle'];
$subDetails = $_POST['details']; //This is line 13 in my code
echo "$subTitle";
echo "<br>$subDetails";
}
HTML / PHP Code:
<form method="post" action="">
<hr>
<h1>Quick Entry:<p></h1>
Subject Title:<br> <input type="text" name="subTitle"><br><br>
Subject Details: <p><textarea name="details" placeholder="Enter Details here..."></textarea><p><br>
<input type="submit" name="QuickEntrySubmit" value="Submit Quick Entry" /><br>
</form>
<?php
if (isset($_POST['QuickEntrySubmit']))
{
quickEntry();
}
?>
I know that I could disable warnings and I wouldn't see this, but I really just want to know why php is throwing the warning so I can fix the syntax appropriately and keep my code clean going forward. Full warning is:
Notice: Undefined index: details in C:\xampp\htdocs\test1.php on line 13
Thanks!
The reason why you are getting that error is because you are not checking whether the 'subTitle' and 'details' inputs have values in them.
Your code should work well like this:
function quickEntry(){
$subTitle = isset($_POST['subTitle'])? $_POST['subTitle']: null;
$subDetails = isset($_POST['details'])? $_POST['details']: null ; //This is line 13 in my code
if(!is_null($subTitle) && !is_null($subDetails)){
echo "$subTitle";
echo "<br>$subDetails";
} else{
//blah blah blah
}
You get the warnings because the $_POST variables with the indexes that you're checking for ($_POST['subTitle'] & $_POST['details']) aren't set, so the variables are empty as you reference something that isn't there.
You should do a check to ensure they are set first before trying to assign them to a variable:
$subTitle = (isset($_POST['subTitle']) && !empty($_POST['subTitle'])) ? $_POST['subTitle'] : null;
$subDetails = (isset($_POST['details']) && !empty($_POST['details'])) ? $_POST['details'] : null;
The above code will check to ensure the post index isset() and isn't empty() before assigning it to the variables.
NOTE
The variables are set when you submit the form because you are actually posting the data to the script.
You see the input attribute name? When you submit the form, they are the relevant $_POST indexes.
Just remember to ensure that the values aren't empty if you intend to print them to the markup.
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
Closed 9 years ago.
Here i'm going to do a insert to the MySQL.but here i'm getting error.I saw there's a duplicated for the same but in those answers they asked to add ISSET.In my coding i added that also but still i'm getting this error.
Error 1 : Notice: Undefined index: Description in ....... add.php on line 8
Error 2 : Notice: Undefined variable: _FILE in ..........\add.php on line 9
Error 3 : Fatal error: Call to undefined function NOW() in ....add.php on line 12
Here i added my Coding below
<html>
<body>
<?php
include('config.php');
if(isset($_POST['submit']))
{
$Title=$_POST['Title'];
$Description=$_POST['Description'];
$Image = addslashes(file_get_contents($_FILE['Image']));
$Categories = $_POST['category'];
$ModifiedBy = 1;
$ModifiedDate = NOW();
$query1=mysql_query("insert into testdb values('','$Title','$Description','$Image','$Categories','$ModifiedBy',$ModifiedDate,1)");
if($query1)
{
header("location:list.php");
}
}
?>
<fieldset style="width:300px;">
<form method="post" action="" enctype="multipart/form-data">
Title: <input type="text" name="Title"><br>
Description: <input type="text" name="description"><br>
Image : <input type="file" name="Image" /><br>
<select name="category" id="category">
<option>Choose</option>
<option value="1">new</option>
<option value="2">info</option>
<option value="2">Event</option>
<br>
<input type="submit" name="submit">
</form>
</fieldset>
</body>
</html>
You have grammar issues in your code. It should be this:
$Title=$_POST['Title'];
$Description=$_POST['description'];
$Image = addslashes(file_get_contents($_FILES['Image']));
$Categories = $_POST['category'];
$ModifiedBy = 1;
$ModifiedDate = 'NOW()';
$query1=mysql_query("insert into testdb values('','$Title','$Description','$Image','$Categories','$ModifiedBy',$ModifiedDate,1)");
Error 1: Case of "description" is wrong!
Error 2: it should be $_FILES (add an S). Also that is not how you handle file uploads -
[read more here][1]
Error 3: NOW() is a mysql tag. not php. you can use date() if you want this in php.
$_FILE should probably be $_FILES, just a typo there. The linked page will give you a bit more information about how to post files using PHP.
The NOW() function is for mysql, not PHP. You can use php's date format to emulate the way MySQL saves dates instead:
date("Y-m-d H:i:s")
For the Description error, that's to do with casing. Description != description. Try and be consistent with casing where you can, that often helps when looking for errors. Also, space your code out a little and make use of indentation.
When in doubt over an error, I usually check what line I get the error on. If it's one I've not encountered before, try a search and see if something similar comes up. #John Conde's link in his comment is a great place to start