0

I have data's stored with the delimiter / in my table. I need to separate them and need to store them in different table. While doing that i'm getting:

Notice: Undefined index: VSX1 in /opt/lampp/htdocs/disease.php on line 21

How can I solve this kind of error?

<html>
<body>
    <?php
        $username = "root";
        $password = "****";
        $hostname = "localhost"; 
    $dbhandle = mysql_connect($hostname, $username, $password) or die("Unable to connect to MySQL");
        $selected = mysql_select_db("disease",$dbhandle) or die("Could not select disease");
    $result = mysql_query("SELECT * FROM `primary_data` LIMIT 0, 30");
        while($row = mysql_fetch_array($result))
        {
    $string = $row['gene_name'];
    $tok = strtok($string, "/");
    while ($tok !== false) {
    mysql_query("insert into temp_gene gene_name   values('".$_POST[$tok]."')");
        $tok = strtok("/");
    }

        }
        mysql_close($dbhandle);
    ?>
    </table>    
    </body>
    </html>
Brad
  • 159,648
  • 54
  • 349
  • 530
Manoj kumar K
  • 1
  • 3
  • 2
    What you are doing is incredibly insecure. You **will be hacked** if you haven't been already. Learn to use prepared/parameterized queries with PDO or similar. Also, don't store data with delimiters in your table if you can help it. – Brad Mar 30 '13 at 04:34
  • possible duplicate of [PHP: "Notice: Undefined variable" and "Notice: Undefined index"](http://stackoverflow.com/questions/4261133/php-notice-undefined-variable-and-notice-undefined-index) – brenjt Mar 30 '13 at 04:57

2 Answers2

1

You transfer data from one table and save it to another. You need no $_POST variable at all! Of course, data MUST be escaped well.

while (($tok = strtok($string, '/')) !== false) {
    $tok = mysql_real_escape_string($tok);
    mysql_query("INSERT INTO temp_gene(gene_name) VALUES('{$tok}')");
}
artoodetoo
  • 918
  • 10
  • 55
0

I second Brad:s advice of using PDO & prepared statements - it is way more elegant and efficient.

Here's some code for you... as I have no idea what you want to do with tokensizing, etc. I've not written the logic for what to do with $gene_name, but I'm sure you do =)

Have a look at http://www.php.net/manual/en/book.pdo.php I also advice you to use Doctrine as a wrapper/ORM on top of PDO, it makes things real easy: http://www.doctrine-project.org/

$dsn = "mysql:dbname={$db_name};host={$db_host}";
try {
    // init db handler.
    $db = new PDO( $dsn, $db_username, $password );

    // Execute selecting query.
    $select_sql = "SELECT gene_name FROM `primary_data` LIMIT 0, 30";
    $select_stmt = $db -> prepare( $sql );
    $select_stmt -> execute();

    // Bind row column 1 (1-indexed) to $gene_name.
    $select_stmt -> bindColumn( 1, $gene_name );

    // Prepare insert query to temp_gene.
    $temp_sql = "INSERT INTO temp_gene(gene_name) VALUES(?)";
    $temp_stmt = $db -> prepare( $temp_sql );

    // Begin transaction, it is more efficient to use transactions as your actual queries becomes 1 instead of O(rows).`enter code here`
    $db -> beginTransaction();

    while ( $row = $select_stmt -> fetch( PDO::FETCH_BOUND ) ) {
        $string =& $gene_name;

        // do your tokenizing logic here... also do escaping for security.

        $temp_stmt -> execute( array( $your_value_string ) );
    }

    // Commit the inserts.
    $db -> commit();
} catch (PDOException $e) {
    die( $e->getMessage() );
}
Centril
  • 2,549
  • 1
  • 22
  • 30