-3

this is my code for update and delete from data base but i have this errors first when in open this file name of it is topic , i have this message even if i don't upload or delete anything . just when i open this file . 

(Notice: Undefined index: page in C:\xampp\htdocs\art-legend\12\admin\topics.php on line 73)

the second error is when i update any row . it is work but i have this message :

(Notice: Undefined index: topic in C:\xampp\htdocs\art-legend\12\admin\edit.php on line 8)

the third error when i delete any row it dosent work and i have this message : 

(Notice: Undefined index: page in C:\xampp\htdocs\art-legend\12\admin\topics.php on line 73)

and 

(Notice: Undefined index: hiddencounter in C:\xampp\htdocs\art-legend\12\admin\topics.php on line 211)

and this is my all code :

<script  src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>

<script>
   $(document).ready(function() {$("tr:odd").addClass("odd");});
</script>

<style type="text/css">
.odd{
 background-color:#ccc;
    }


div.pagination {
    padding: 3px;
    margin: 3px;
}

div.pagination a {
    padding: 2px 5px 2px 5px;
    margin: 2px;
    border: 1px solid #AAAADD;

    text-decoration: none; /* no underline */
    color: #000099;
}
div.pagination a:hover, div.pagination a:active {
    border: 1px solid #000099;

    color: #000;
}
div.pagination span.current {
    padding: 2px 5px 2px 5px;
    margin: 2px;
        border: 1px solid #000099;

        font-weight: bold;
        background-color: #000099;
        color: #FFF;
    }
    div.pagination span.disabled {
        padding: 2px 5px 2px 5px;
        margin: 2px;
        border: 1px solid #EEE;

        color: #DDD;
    }

</style>


<?php

    /*
        Place code to connect to your DB here.
    */
    $connect=mysqli_connect('localhost','root','adminpass','flip'); // include your code to connect to DB.

    $tbl_name="threads";        //your table name
    // How many adjacent pages should be shown on each side?
    $adjacents = 3;

    /* 
       First get total number of rows in data table. 
       If you have a WHERE clause in your query, make sure you mirror it here.
    */
    $query = "SELECT COUNT(*) as num FROM $tbl_name";
    $total_pages = mysqli_fetch_array(mysqli_query($connect,$query));
    $total_pages = $total_pages['num'];

    /* Setup vars for query. */
    $targetpage = "topics.php";     //your file name  (the name of this file)
    $limit = 10;                                //how many items to show per page
    $page = $_GET['page'];
    if($page) 
        $start = ($page - 1) * $limit;          //first item to display on this page
    else
        $start = 0;                             //if no page var is given, set start to 0

    /* Get data. */
    $sql = "SELECT id,topic FROM $tbl_name order by id DESC LIMIT $start, $limit";
    $result = mysqli_query($connect,$sql);

    /* Setup page vars for display. */
    if ($page == 0) $page = 1;                  //if no page var is given, default to 1.
    $prev = $page - 1;                          //previous page is page - 1
    $next = $page + 1;                          //next page is page + 1
    $lastpage = ceil($total_pages/$limit);      //lastpage is = total pages / items per page, rounded up.
    $lpm1 = $lastpage - 1;                      //last page minus 1

    /* 
        Now we apply our rules and draw the pagination object. 
        We're actually saving the code to a variable in case we want to draw it more than once.
    */
    $pagination = "";
    if($lastpage > 1)
    {   
        $pagination .= "<div class=\"pagination\">";
        //previous button
        if ($page > 1) 
            $pagination.= "<a href=\"$targetpage?page=$prev\">previous</a>";
        else
            $pagination.= "<span class=\"disabled\">previous</span>";   

        //pages 
        if ($lastpage < 7 + ($adjacents * 2))   //not enough pages to bother breaking it up
        {   
            for ($counter = 1; $counter <= $lastpage; $counter++)
            {
                if ($counter == $page)
                    $pagination.= "<span class=\"current\">$counter</span>";
                else
                    $pagination.= "<a href=\"$targetpage?page=$counter\">$counter</a>";                 
            }
        }
        elseif($lastpage > 5 + ($adjacents * 2))    //enough pages to hide some
        {
            //close to beginning; only hide later pages
            if($page < 1 + ($adjacents * 2))        
            {
                for ($counter = 1; $counter < 4 + ($adjacents * 2); $counter++)
                {
                    if ($counter == $page)
                        $pagination.= "<span class=\"current\">$counter</span>";
                    else
                        $pagination.= "<a href=\"$targetpage?page=$counter\">$counter</a>";                 
                }
                $pagination.= "...";
                $pagination.= "<a href=\"$targetpage?page=$lpm1\">$lpm1</a>";
                $pagination.= "<a href=\"$targetpage?page=$lastpage\">$lastpage</a>";       
            }
            //in middle; hide some front and some back
            elseif($lastpage - ($adjacents * 2) > $page && $page > ($adjacents * 2))
            {
                $pagination.= "<a href=\"$targetpage?page=1\">1</a>";
                $pagination.= "<a href=\"$targetpage?page=2\">2</a>";
                $pagination.= "...";
                for ($counter = $page - $adjacents; $counter <= $page + $adjacents; $counter++)
                {
                    if ($counter == $page)
                        $pagination.= "<span class=\"current\">$counter</span>";
                    else
                        $pagination.= "<a href=\"$targetpage?page=$counter\">$counter</a>";                 
                }
                $pagination.= "...";
                $pagination.= "<a href=\"$targetpage?page=$lpm1\">$lpm1</a>";
                $pagination.= "<a href=\"$targetpage?page=$lastpage\">$lastpage</a>";       
            }
            //close to end; only hide early pages
            else
            {
                $pagination.= "<a href=\"$targetpage?page=1\">1</a>";
                $pagination.= "<a href=\"$targetpage?page=2\">2</a>";
                $pagination.= "...";
                for ($counter = $lastpage - (2 + ($adjacents * 2)); $counter <= $lastpage; $counter++)
                {
                    if ($counter == $page)
                        $pagination.= "<span class=\"current\">$counter</span>";
                    else
                        $pagination.= "<a href=\"$targetpage?page=$counter\">$counter</a>";                 
                }
            }
        }

        //next button
        if ($page < $counter - 1) 
            $pagination.= "<a href=\"$targetpage?page=$next\">next </a>";
        else
            $pagination.= "<span class=\"disabled\">next </span>";
        $pagination.= "</div>\n";       
    }
?>
            <form action="" method="post">  
    <?php
              echo "<table border='1'  width='50%' cellpadding='0' cellspacing='0'";



              ?>


              <tr>
                <td>Id</td>
                <td>Subject</td>
                <td>#</td>
                <td>#</td>
                <td>Del</td>
              </tr>

              <?
              while($row=mysqli_fetch_object($result)){

                  ?>
                  <tr>
                    <td><? echo $row->id; ?></td>
                    <td><? echo $row->topic; ?></td>
                    <td><a href='edit.php?id=<? echo $row->id; ?>'>Update</a></td>
                    <td><input type="checkbox" name="checkbox[]" value="<?php echo $row->id ; ?>"></td>
                    <td><input type="submit" name="delete" value="delete" ></td>



                  <?
                  }


            echo "</table>";  
            $num=mysqli_num_rows($result);
            if(isset($_POST['delete'])){ /* IF DELETE IS CLICKED */

$checkbox=$_POST['checkbox'];
$hiddencounter=mysqli_real_escape_string($connect,$_POST['hiddencounter']); /* PREVENT A BIT OF SQL INJECTION */

for($i=0;$i<$hiddencounter;$i++){ /* FOR LOOP BASED ON THE NUMROWS BELOW */

   if(!empty($checkbox[$i])){ /* IF THE CHECKBOX IS TICKED */
        $del_id=mysqli_real_escape_string($connect,$checkbox[$i]);  /* PREVENT A BIT OF SQL INJECTION */
        $sql2="DELETE FROM threads WHERE id='$del_id'";
        $query2=mysqli_query($connect,$sql2); /* IMPLEMENT THE DELETE QUERY */

   }

   if($i==$hiddencounter){ /* IF FOR LOOP ENDS */

   echo "<meta http-equiv=\"refresh\" content=\"0;URL=delete.php\">";

   }

} 

}  

    ?>
    </form>

<?=$pagination?>

and the edit code is :

<?php

if($connect=mysqli_connect('localhost','root','adminpass','flip')) {
    $id = $_GET["id"];
    $topic = $_GET["topic"];
    $sql="SELECT * from threads WHERE id='$id'";
    $query=mysqli_query($connect,$sql);

    while($row=mysqli_fetch_object($query)) {

        ?>

        <form action="<?php echo $_SERVER["PHP_SELF"];?>" method="get" >

        <input type="hidden" name="id" value="<?php echo $row->id; ?>" >
        <input type="text" name="topic" value="<?php echo $row->topic; ?>" >
        <input type="submit" name="submit" value="Update" >


        </form>

        <?
        }

        $sql2="UPDATE threads SET topic= '$topic' WHERE id='$id'";
        $query2=mysqli_query($connect,$sql2);

        if(isset($_GET['submit'])){

        echo "updat done ";

        }

    }

    else {

        echo "erro connection ";

        }


?>

and the delete file is :

<h1>delete Done</h1>
<br />
<a href="topic.php">return to Pr</a>

thank you very much

Gerald Schneider
  • 17,416
  • 9
  • 60
  • 78
Fuad Bro
  • 17
  • 6

3 Answers3

1

The error is about undefined index page , topic , hiddencounter.

Replace: 

$page = $_GET['page'];

With:

$page = isset($_GET['page']) ? (int)$_GET['page'] : 1;

Replace:

$topic = $_GET["topic"];

with:

$topic = isset($_GET["topic"]) ? (int)$_GET["topic"] : 0;

Replace:

$_POST['hiddencounter']

with:

(isset($_POST['hiddencounter']) ? (int)$_POST['hiddencounter'] : 0)
Latheesan
  • 23,247
  • 32
  • 107
  • 201
  • instead of using `intval`, perhaps a simple cast would be better. `intval` is a function, a cast is a language construct. The latter still is more efficient... – Elias Van Ootegem Apr 30 '14 at 08:58
  • it still doesn't work the two error messages disapear but after i delete any row i have this message and dosen't work (Notice: Undefined index: hiddencounter in C:\xampp\htdocs\art-legend\12\admin\topics.php on line 214) – Fuad Bro Apr 30 '14 at 09:03
  • @FuadBro what is the code on line `#214` on your `topics.php` file? – Latheesan Apr 30 '14 at 09:36
  • $hiddencounter=mysqli_real_escape_string($connect,$_POST['hiddencounter']); /* PREVENT A BIT OF SQL INJECTION */ – Fuad Bro Apr 30 '14 at 10:26
  • @FuadBro: If you really want to prevent injection attacks, perhaps consider using a prepared query. AFAIK, `mysqli_*`'s prepared queries (provided you're not using `mysqli_multi_query`) protects you from first degree injection, more than `mysqli_real_escape_string` does... – Elias Van Ootegem Apr 30 '14 at 11:20
0
$checkbox=$_POST['checkbox'];
$page = $_GET['page'];
$id = $_GET["id"];
$topic = $_GET["topic"];

These should be preceeded with isset() and defaulted to something if not set(or furhter code should be in if clause.

Limiter
  • 497
  • 3
  • 11
0

Try to put this first 

$page = isset($_GET['page']) ? intval($_GET['page']) : 1;

and 

$topic = isset($_GET["topic"]) ? intval($_GET["topic"]) : 0;

and replace the hunter check

Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
Foda
  • 58
  • 1
  • 7