PHP Error

Integers · Nov 2, 2012

Code:

Notice: Undefined index: username in C:\xampp\htdocs\ThisChat\verify.php on line 6

PHP:

<?php
session_start();
include 'config.php';
 
$username = $_POST['username'];
$password = $_POST['password'];
if(isset($_POST['Submit']))
{
if($username&&$password)
{
    $query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
    $id1 = mysql_query("SELECT `id` FROM `users` WHERE `username`='$username'");
    $numrows = mysql_num_rows($query);
   
    while ($row = mysql_fetch_array($id1))
    {
        $id = $row['id'];
    }
 
 
    if($numrows!=0)
    {
      while ($row = mysql_fetch_assoc($query))
      {
          $user = $row['username'];
          $pass = $row['password'];
      }
 
      if($username==$user&&md5($password)==$pass)
      {
          $_SESSION['user']=$username;
          $_SESSION['user_id']=$id;
          header("location: index.php");
 
      }
      else
        echo "Your password is incorrect, please try again.";
 
    }
    else
      echo "The user $username does not exist";
 
}
else
  echo "Please enter your username and password.";
 
}
 
if($_SESSION['username'])
{
  header("location: index.php");
}
   
?>

Leon · Nov 2, 2012

A form needs to be submitted to that file via POST. The error is basically saying that $_POST['username'] is non-existent.

The form needs to contain 2 inputs, one with the name as "username" and the other with a name as "password".

Integers · Nov 2, 2012

Sorry, I don't know what you mean?

Integers · Nov 3, 2012

TrippyUnicorn said:
he just explained it. If you don't know PHP, then why are you attempting this?

Well because I need it for my site, its just I don't understand how he is explaining it

Tronscript · Nov 3, 2012

This has an SQL Injection exploit, but I cbf to fix that shit right now.

PHP:

<?php
session_start();
include 'config.php';
 
if(isset($_POST['Submit'])) {
  if($username&&$password) {
  $username = $_POST['username'];
  $password = $_POST['password'];
 
    $query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
    $id1 = mysql_query("SELECT `id` FROM `users` WHERE `username`='$username'");
    $numrows = mysql_num_rows($query);
 
    while ($row = mysql_fetch_array($id1))
    {
        $id = $row['id'];
    }
 
 
    if($numrows!=0)
    {
      while ($row = mysql_fetch_assoc($query))
      {
          $user = $row['username'];
          $pass = $row['password'];
      }
 
      if($username==$user&&md5($password)==$pass)
      {
          $_SESSION['user']=$username;
          $_SESSION['user_id']=$id;
          header("location: index.php");
 
      }
      else
        echo "Your password is incorrect, please try again.";
 
    }
    else
      echo "The user $username does not exist";
 
}
else
  echo "Please enter your username and password.";
 
}
 
if($_SESSION['username'])
{
  header("location: index.php");
}
 
?>

Integers · Nov 3, 2012

Tronscript said:

This has an SQL Injection exploit, but I cbf to fix that shit right now.

PHP:

<?php
session_start();
include 'config.php';
 
if(isset($_POST['Submit'])) {
  if($username&&$password) {
  $username = $_POST['username'];
  $password = $_POST['password'];
 
    $query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
    $id1 = mysql_query("SELECT `id` FROM `users` WHERE `username`='$username'");
    $numrows = mysql_num_rows($query);
 
    while ($row = mysql_fetch_array($id1))
    {
        $id = $row['id'];
    }
 
 
    if($numrows!=0)
    {
      while ($row = mysql_fetch_assoc($query))
      {
          $user = $row['username'];
          $pass = $row['password'];
      }
 
      if($username==$user&&md5($password)==$pass)
      {
          $_SESSION['user']=$username;
          $_SESSION['user_id']=$id;
          header("location: index.php");
 
      }
      else
        echo "Your password is incorrect, please try again.";
 
    }
    else
      echo "The user $username does not exist";
 
}
else
  echo "Please enter your username and password.";
 
}
 
if($_SESSION['username'])
{
  header("location: index.php");
}
 
?>

Ok thanks for telling me this.

Lionches · Nov 3, 2012

You might want to secure it, before using it.

Integers · Nov 3, 2012

Weytin said:
You might want to secure it, before using it.

Ok thanks, I will

Li1M0ST3Rz · Nov 3, 2012

Leon said:
A form needs to be submitted to that file via POST. The error is basically saying that $_POST['username'] is non-existent.

The form needs to contain 2 inputs, one with the name as "username" and the other with a name as "password".

well he means like this:

HTML:

<input type="text" name="username" size="45" maxlength="20" class="inputbox" />
<input name="password" type="password" size="45" maxlength="20" class="inputbox" />

Integers · Nov 3, 2012

Oh sorry, I cut that bit out of the bit I was gonna paste to the site so that isnt the issue

tyr0ne · Nov 3, 2012

Just define your variables if there is a post/get action. so basically just put it inside your if instead of outside.

Integers · Nov 4, 2012

Sorted, thanks for the help

You must be registered for see links

PHP Error

Integers

Soon to be Developer!

Leon

Member

Integers

Soon to be Developer!

Integers

Soon to be Developer!

Tronscript

Member

Integers

Soon to be Developer!

Lionches

.

Integers

Soon to be Developer!

Li1M0ST3Rz

I <3 Bianca

Integers

Soon to be Developer!

tyr0ne

Active Member

Integers

Soon to be Developer!

Users who are viewing this thread

Latest posts

Connect with us

Newest members