SyntaxFix

[php] $_POST not working. "Notice: Undefined index: username..."

Possible Duplicate:
PHP: “Notice: Undefined variable” and “Notice: Undefined index”

So, I am currently learning PHP and was reading on a book about the md5 function for passwords, so I decided to give it a try and see how it goes. I also decided to use the POST method rather than the GET, since I saw people saying that it is safer and doesn't let the variables appearing on the URL.

For my testing project I made a very simple form, which follows:

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
        <form action="dologin" method="POST">
            <table border="0">
                <tbody>
                    <tr>
                        <td>Username:</td>
                        <td><input type="text" name="username"></td>
                    </tr>
                    <tr>
                        <td>Password:</td>
                        <td><input type="password" name="password"></td>
                    </tr>
                </tbody>
            </table>
            <input type="submit" value="Login">
        </form>
    </body>
</html>

The problem is that when I enter the values on BOTH fields and click "Login" I get the following output on the other PHP file.

Notice: Undefined index: username in C:\xampp\htdocs\md5\home\dologin\index.php on line 11
Username non existent

Here follows the code for the "/dologin/index.php" file

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
        <?php
            mysql_connect("localhost", "root") or die(mysql_error());
            mysql_select_db("test") or die(mysql_error());
            $query = "SELECT password FROM users WHERE username='".$_POST['username']."'";
            $result = mysql_query($query);
            $row = mysql_num_rows($result);
            if(isset($row)){
                $password = (mysql_result($result,$row - 1));
                $enteredpassword = md5("w@#$@#".$_GET['password']."^#3f%#^");
                if($password == $enteredpassword){
                    if(!isset($_COOKIE['PHPSESSID'])){
                        session_start();
                    }
                    $_SERVER['LOGIN_STATUS'] = true;
                } else {
                    die("Access denied");
                }    
            } else {
                die("Username non existent");
            }

        ?>
    </body>
</html>

Any help at all on my issue is very much appreciated, thank you for reading.

This question is related to php http-post undefined-index

The answer is

first of all,

be sure that there is a post

if(isset($_POST['username'])) { 
    // check if the username has been set
}

second, and most importantly, sanitize the data, meaning that

$query = "SELECT password FROM users WHERE username='".$_POST['username']."'";

is deadly dangerous, instead use

$query = "SELECT password FROM users WHERE username='".mysql_real_escape_string($_POST['username'])."'";

and please research the subject sql injection

You should check if the POST['username'] is defined. Use this above:

$username = "";

if(isset($_POST['username'])){
    $username = $_POST['username'];
}

"SELECT password FROM users WHERE username='".$username."'"

Source: Stackoverflow.com

Examples related to php

I am receiving warning in Facebook Application using PHP SDK Pass PDO prepared statement to variables Parse error: syntax error, unexpected [ Preg_match backtrack error Removing "http://" from a string How do I hide the PHP explode delimiter from submitted form results? Problems with installation of Google App Engine SDK for php in OS X Laravel 4 with Sentry 2 add user to a group on Registration php & mysql query not echoing in html with tags? How do I show a message in the foreach loop?

Examples related to http-post

Passing headers with axios POST request How to post raw body data with curl? Send FormData with other field in AngularJS How do I POST a x-www-form-urlencoded request using Fetch? OkHttp Post Body as JSON What is the difference between PUT, POST and PATCH? HTTP Request in Swift with POST method Uploading file using POST request in Node.js Send POST request with JSON data using Volley AngularJS $http-post - convert binary to excel file and download

Examples related to undefined-index

$_POST not working. "Notice: Undefined index: username..." Undefined index with $_POST "Notice: Undefined variable", "Notice: Undefined index", and "Notice: Undefined offset" using PHP

Tags

Loading-animation Invalid-postback Declarative Member Materialize Absolute Touch Scorm2004 Licensing Jikes Mgtwitterengine Tmail Activity-state Jarjar Ipython Wkhtmltopdf Like-keyword Carousel Target-platform Entityobject Weblogic8.x Php-codebrowser Nsoutputstream Atg Elapsedtime Resize-image Html-generation Upx Bluetooth Pointer-arithmetic Tor Web-controls Color-mapping Debugbreak Signal-handling Php-gettext Tcp Linestyle Autosuggest Monitoring Regsvr32 Imovie Multiple-forms Svg Exchange-server-2003 Email-address Framemaker Diamond-operator Django-authopenid Toolstripcontrolhost Nsformatter Adorner Timer-jobs Fairplay Booleanquery Data-mapping Textlabel Mobile-devices Unique-ptr Watchpoint Sdlc Dbstop Pcmanfm Logos Wlst Android-image Infix-operator Streambuf Android-maps Trusted Httpcookie Excel-web-query Crash-reports Initial-context Hyperlink Lookup-tables Compiler-flags Cperl-mode Nsurlcredential Cookbook Jsr168 Memoization Triggers Cpack Futuretask Jhtmlarea Head Alarms Xll Query-by-example Insmod Webexception Scoped-ptr Zend-application Econnect Web-hosting Row Webcontext Django-csrf Initrd