error "Undefined index" with a form in PHP

Question

I have this code and I have two problem the one is this line:

Notice: Undefined index: elm1 in C:\xampp\htdocs\art-legend\12\edit\index.php on line 65

line 65 in my local is in this page this line ( $editor = $_POST['elm1'];)

and the other error: when I submitted the code go to no page (Object not found!) and this is the form code in the same page:

<form method="post" action="<? echo $PHP_SELF; ?>">

                <div>
                <textarea id="elm1" name="elm1" rows="15" cols="80" style="width: 80%">
            ....
                </textarea>
            </div>
            <br />
        <input type="submit" value="gooooo" name="submit" />

    </form>
<?

$localhost = "localhost";
$user = "root";
$password ="adminpass"; 
$db = "im";

$connect = mysqli_connect($localhost,$user,$password,$db);
$editor = $_POST['elm1'];

$sql = "insert into images(name) values('$editor')";
$query = mysqli_query($connect,$sql);

$sql2 = "select images.name from images";
$query2 = mysqli_query($connect,$sql2);

while ($row = mysqli_fetch_array($query2,MYSQLI_ASSOC)){
    echo $row['name'];

    }

?>

the line in this code

$editor = $_POST['elm1'];

score 1 · Answer 1 · answered Apr 16 '14 at 20:56

1

Try this:

<?php

$localhost = "localhost";
$user = "root";
$password ="adminpass"; 
$db = "im";


$connect = mysqli_connect($localhost,$user,$password,$db);

if(isset($_POST['elm1'])){ //This line
$editor = $_POST['elm1'];
$sql = "insert into images(name) values('".mysqli_real_escape_string($connect, $editor)."')";
$query = mysqli_query($connect,$sql);
}

$sql2 = "select images.name from images";
$query2 = mysqli_query($connect,$sql2);

while ($row = mysqli_fetch_array($query2,MYSQLI_ASSOC)){
echo $row['name'];

}



?>

answered Apr 16 '14 at 20:56

Hackerman

12,139
2
34
45

and please for the love of god sanitize your input or better, use prepared statements. – Patrick James McDougle Apr 16 '14 at 20:57
1

mysqli_real_escape_string() added to the answer..at least it's something xD – Hackerman Apr 16 '14 at 21:00
OP should really consider [prepared statements](http://bobby-tables.com/php.html). – Patrick James McDougle Apr 16 '14 at 21:04
Maybe he is switching from the old mysql_* extension... – Hackerman Apr 16 '14 at 21:09

score 0 · Answer 2 · edited May 23 '17 at 12:20

0

First time the page is loaded there will be no post variables. Try wrapping your code inside:

 if ($_SERVER['REQUEST_METHOD'] == 'POST') {

 }

Also read about How can I prevent SQL injection in PHP?

edited May 23 '17 at 12:20

Community

1
1

answered Apr 16 '14 at 20:56

andrew

9,313
7
30
61

yes the one problem is working now , but why when i submited go to Object not found! – Foda Apr 16 '14 at 21:02
look at the html and make sure that `action=""` is what you expect it to be. – Patrick James McDougle Apr 16 '14 at 21:06
is this wrong ? – Foda Apr 16 '14 at 21:11
Look at the html of the rendered page and make sure that everything is coming out right when you load the page. – Patrick James McDougle Apr 16 '14 at 21:12

error "Undefined index" with a form in PHP

2 Answers2