-1

I'm having a problem in PHP code. I got some code from an e-book, but when I tried to run the system, it's giving some errors. I fixed some of the errors by giving proper quotation marks, but now I'm stuck with some other errors.

I'd be more than happy if some one helps me with the following error:

Notice: Undefined index: id in C:\xampp\htdocs\auction\index.php on line 4

This is my code for index.php:

<?php
require("config.php");
require("functions.php");
$validid = pf_validate_number($_GET['id'], "value", $config_basedir);
require("header.php");
if($validid == 0) {
$sql = "SELECT items.* FROM items WHERE dateends > NOW()";
}
else {
$sql = "SELECT * FROM items WHERE dateends > NOW()
AND cat_id = " . $validid . ";";
}
$result = mysql_query($sql);
$numrows = mysql_num_rows($result);

echo "<h1>Items available</h1>";
echo "<table cellpadding='5'>";
echo "<tr>";
echo "<th>Image</th>";
echo "<th>Item</th>";
echo "<th>Bids</th>";
echo "<th>Price</th>";
echo "</tr>";

if($numrows == 0) {
echo "<tr><td colspan=4>No items!</td></tr>";
}

else {
while($row = mysql_fetch_assoc($result)) {
$imagesql = "SELECT * FROM images WHERE
item_id = " . $row['id'] . " LIMIT 1";
$imageresult = mysql_query($imagesql);
$imagenumrows = mysql_num_rows($imageresult);
echo "<tr>";
if($imagenumrows == 0) {
echo "<td>No image</td>";
}
else {
$imagerow = mysql_fetch_assoc($imageresult);
echo "<td><img src='./images/". $imagerow['name'] . "' width='100'></td>";
}
echo "<td>";
echo "<a href='itemdetails.php?id="
. $row['id'] . "'>" . $row['name'] . "</a>";
if($_SESSION['USERID'] == $row['user_id']) {
echo " - [<a href='edititem.php?id="
. $row['id'] . "'>edit</a>]";
}
echo "</td>";

$bidsql = "SELECT item_id, MAX(amount) AS
highestbid, COUNT(id) AS numberofbids FROM bids
WHERE item_id=" . $row['id'] . " GROUP BY item_id;";
$bidresult = mysql_query($bidsql);
$bidrow = mysql_fetch_assoc($bidresult);
$bidnumrows = mysql_num_rows($bidresult);
echo "<td>";
if($bidnumrows == 0) {
echo "0";
}
else {
echo $bidrow['numberofbids'] . "</td>";
}
echo "<td>" . $config_currency;
if($bidnumrows == 0) {
echo sprintf('%.2f', $row['startingprice']);
}
else {
echo sprintf('%.2f', $bidrow['highestbid']);
}

echo "</td>";
echo "<td>" . date("D jS F Y g.iA",
strtotime($row['dateends'])) . "</td>";
echo "</tr>";
}
}
echo "</table>";
require("footer.php");
?>

Some of you asked, where the id is coming from. I have no idea, but I searched it in other files, and here are they:

bar.php:

<?php
require("header.php");
$catsql = "SELECT * FROM categories ORDER BY category ASC;";
$catresult = mysql_query($catsql);
echo "<h1>Categories</h1>";
echo "<ul>";
echo "<li><a href='index.php'>View All</a></li>";
while($catrow = mysql_fetch_assoc($catresult)) {
echo "<li><a href='index.php?id=". $catrow['id'] . "'>" . $catrow['category']. "</a>                    </li>";
   }
echo "</ul>";

?>

header.php:

<?php
session_start();
require("config.php");
$db = mysql_connect($dbhost, $dbuser, $dbpassword);
mysql_select_db($dbdatabase, $db);
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title><?php echo $config_forumsname; ?></title>
<link rel="stylesheet" href="stylesheet.css" type="text/css" />
</head>
<body>
<div id="header">
<h1>BidTastic Auctions</h1>
<div id="menu">
<a href="index.php">Home</a>
<?php
if(isset($_SESSION['USERNAME']) == TRUE) {
echo "<a href='logout.php'>Logout</a>";
}
else {
echo "<a href='login.php'>Login</a>";
}
?>
<a href="newitem.php">New Item</a>
</div>
<div id="container">
<div id="bar">
<?php require("bar.php"); ?>
</div>
<div id="main">

itemdetails.php

<?php
session_start();
include(“config.php”);
include(“functions.php”);
$db = mysql_connect($dbhost, $dbuser, $dbpassword);
mysql_select_db($dbdatabase, $db);
$validid = pf_validate_number($_GET[‘id’], “redirect”, $config_basedir);

if($_POST[‘submit’]) {
if(is_numeric($_POST[‘bid’]) == FALSE) {
header(“Location: “ . $config_basedir
. “itemdetails.php?id=” . $validid . “&error=letter”);
}

$theitemsql = “SELECT * FROM items WHERE id = “ . $validid . “;”;
$theitemresult = mysql_query($theitemsql);
$theitemrow = mysql_fetch_assoc($theitemresult);
$checkbidsql = “SELECT item_id, max(amount) AS
highestbid, count(id) AS number_of_bids FROM
bids WHERE item_id=” . $validid . “ GROUP BY item_id;”;
$checkbidresult = mysql_query($checkbidsql);
$checkbidnumrows = mysql_num_rows($checkbidresult);

if($checkbidnumrows == 0) {
if($theitemrow[‘startingprice’] > $_POST[‘bid’]) {
header(“Location: “ . $config_basedir
. “itemdetails.php?id=” . $validid . “&error=lowprice#bidbox”);
}
}

else {
$checkbidrow = mysql_fetch_assoc($checkbidresult);
if($checkbidrow[‘highestbid’] > $_POST[‘bid’]) {
header(“Location: “ . $config_basedir . “itemdetails.php?id=” .
$validid . “&error=lowprice#bidbox”);
}
}

$inssql = “INSERT INTO bids(item_id, amount, user_id) VALUES(“
. $validid
. “, “ . $_POST[‘bid’]
. “, “ . $_SESSION[‘USERID’]
. “);”;
mysql_query($inssql);

header(“Location: “ . $config_basedir
. “itemdetails.php?id=” . $validid);
}
else {



$validid = pf_validate_number($_GET[‘id’], “redirect”,
$config_basedir);
require(“header.php”);
$itemsql = “SELECT UNIX_TIMESTAMP(dateends) AS dateepoch,
items.* FROM items WHERE id = “ . $validid . “;”;
$itemresult = mysql_query($itemsql);
$itemrow = mysql_fetch_assoc($itemresult);
$nowepoch = mktime();
$rowepoch = $itemrow[‘dateepoch’];
if($rowepoch > $nowepoch) {
$VALIDAUCTION = 1;
}
echo “<h2>” . $itemrow[‘name’] . “</h2>”;

$imagesql = “SELECT * FROM images WHERE item_id = “ . $validid . “;”;
$imageresult = mysql_query($imagesql);
$imagenumrows = mysql_num_rows($imageresult);

$bidsql = “SELECT item_id, MAX(amount) AS highestbid,
COUNT(id) AS number_of_bids FROM bids WHERE item_id=”
. $validid . “ GROUP BY item_id;”;
$bidresult = mysql_query($bidsql);
$bidnumrows = mysql_num_rows($bidresult);

echo “<p>”;
if($bidnumrows == 0) {
echo “<strong>This item has had no bids</strong>
- <strong>Starting Price</strong>: “ . $config_currency
. sprintf(‘%.2f’, $itemrow[‘startingprice’]);
}
else {
$bidrow = mysql_fetch_assoc($bidresult);

echo “<strong>Number Of Bids</strong>: “
. $bidrow[‘number_of_bids’] . “
- <strong>Current Price</strong>: “ . $config_currency
. sprintf(‘%.2f’, $bidrow[‘highestbid’]);
}

echo “ - <strong>Auction ends</strong>: “
. date(“D jS F Y g.iA”, $rowepoch);

echo “</p>”;
if($imagenumrows == 0) {
echo “No images.”;
}
else {
while($imagerow = mysql_fetch_assoc($imageresult)) {
echo “<img src=’./images/” . $imagerow[‘name’] .”’ width=’200’>”;
}
}

echo “<p>” . nl2br($itemrow[‘description’]) . “</p>”;

echo “<a name=’bidbox’>”;
echo “<h2>Bid for this item</h2>”;

if(isset($_SESSION[‘USERNAME’]) == FALSE) {
echo “To bid, you need to log in. Login
<a href=’login.php?id=” . $validid . “&ref=addbid’>here</a>.”;
}

else {
if($VALIDAUCTION == 1) {
echo “Enter the bid amount into the box below.”;
echo “<p>”;
switch($_GET[‘error’]) {
case “lowprice”:
echo “The bid entered is too low.
Please enter another price.”;
break;
case “letter”:
echo “The value entered is not a number.”;
break;
}
?>

<form action=”<?php echo pf_script_with_get($SCRIPT_NAME);
?>” method=”post”>
<table>
<tr>
<td><input type=”text” name=”bid”></td>
<td><input type=”submit” name=”submit” value=”Bid!”></td>
</tr>
</table>
</form>

<?php
}
else {
echo “This auction has now ended.”;
}

$historysql = “SELECT bids.amount, users.username FROM bids,
users WHERE bids.user_id = users.id AND item_id = “
. $validid . “ ORDER BY amount DESC”;
$historyresult = mysql_query($historysql);
$historynumrows = mysql_num_rows($historyresult);
if($historynumrows >= 1) {
echo “<h2>Bid History</h2>”;
echo “<ul>”;
while($historyrow = mysql_fetch_assoc($historyresult)) {
echo “<li>” . $historyrow[‘username’] . “ - “ .
$config_currency . sprintf(‘%.2f’, $historyrow[‘amount’]) . “</li>”;
}
echo “</ul>”;
    }
}
}
require(“footer.php”);
?>

functions.php

<?php
function pf_script_with_get($script) {
$page = $script;
$page = $page . "?";
foreach($_GET as $key => $val) {
$page = $page . $key . "=" . $val . "&";
}

return substr($page, 0, strlen($page)-1);
}

function pf_validate_number($value, $function, $redirect) {
if(isset($value) == TRUE) {
if(is_numeric($value) == FALSE) {
$error = 1;
}
if($error == 1) {
header("Location: " . $redirect);
}
else {
$final = $value;
}
}
else {
if($function == 'redirect') {
header("Location: " . $redirect);
}
if($function == "value") {
$final = 0;
}
}
return $final;
}
?>
Shahnawaz
  • 51
  • 1
  • 3
  • 10
  • add isset($_GET['id']) before using it. – Bojan Kovacevic Apr 19 '13 at 13:28
  • There should be `id` in your url query string. eg: `index.php?id=1`. – Rikesh Apr 19 '13 at 13:28
  • possible duplicate of [PHP: "Notice: Undefined variable" and "Notice: Undefined index"](http://stackoverflow.com/questions/4261133/php-notice-undefined-variable-and-notice-undefined-index) – animuson Apr 19 '13 at 13:36
  • If you don't even know what part could be the problem area (evident from the large amount of code/sections you've posted) maybe it's time to invest in yourself and try and understand what you're actually doing with your code. – asprin Apr 19 '13 at 13:50
  • Welcome to Stack Overflow! Please, don't use `mysql_*` functions to write new code. They are no longer maintained and the community has begun the [deprecation process](http://news.php.net/php.internals/53799). See the [red box](http://uk.php.net/manual/en/function.mysql-connect.php)? Instead you should learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) and use either [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli). If you pick PDO [here is a good tutorial](http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers). – War10ck Apr 19 '13 at 14:12

2 Answers2

3

Are you passing a query string parameter named id to your page? Something like index.php?id=xxx? If not, $_GET['id'] won't be defined, and you can't just access it. You have to check that it exists first with something like array_key_exists.

PHP is being very, very clear in its error message. When you access an array, you give it an "index" (the part between the []) and that index maps to a value. PHP is telling you that the index "id" doesn't exist in whatever array you're accessing on line 4. If you look at line 4, you can see there's only one array being accessed in only one place on that line, $_GET, and you can see the index you're using is id.

user229044
  • 232,980
  • 40
  • 330
  • 338
  • Thank you very much for your help. I have just updated the questions with other files where id is mentioned. Please have a look at it, if you have some time. Thanks again :) – Shahnawaz Apr 19 '13 at 13:53
  • @Shahnawaz Please don't do that. This isn't a site for interactive one-on-one help. It's not fair at all for you to change your question after it's been answered. If you have a second question, post it as a *second question*. – user229044 Apr 19 '13 at 15:19
  • Meagar, I didn't change the question, the question was same. I just provided additional information. Just added more code. You and one other guy asked that where did I get the "id" and I had no idea, so I just provided more code of my system where id is mentioned. Anyways, it's fixed now. I followed the suggestion of chandresh_cool and it's not showing error anymore. – Shahnawaz Apr 20 '13 at 09:29
2

You have a problem in 

$_GET['id']

how are you getting this id, is it coming from query string? Don't think so. Put isset function to check if id is in the url or not. So to solve your problem do this

$validid = 0;
if (isset($_GET['id'])) {
    $validid = pf_validate_number($_GET['id'], "value", $config_basedir);
}

put this in your index.php

chandresh_cool
  • 11,753
  • 3
  • 30
  • 45