i get error from my php code i get unidentified variables

Question

here is my code. i get this error Notice: Undefined variable: fname in C:\xampp\htdocs\health\admin\newpat.php on line 282

Notice: Undefined variable: lname in C:\xampp\htdocs\health\admin\newpat.php on line 282

<label for="fname" class="col-md-2"> First Name: </label>
    <div class="col-md-6">
        <input type="text" class="form-control" id="fname" name="fname"
            placeholder="Enter First Name">
    </div>
    <br />
    <br />
    </div>

    <div class="form-group">
        <label for="lname" class="col-md-2"> Last Name: </label>
        <div class="col-md-6">
            <input type="text" class="form-control" id="lname" name="lname"
                placeholder="Enter Last Name">
        </div>
        <br /> <br />
    </div>

here is the php code:

<?php
        extract($_POST);

        $image = addslashes (file_get_contents($_FILES['image']['tmp_name']));
        $imageta = getimagesize($_FILES['image']['tmp_name']);//to know about image type etc
        $imagetype = $imageta['mime'];
        $query = mysql_query("SELECT * FROM patient WHERE fname='$fname' AND lname = '$lname'");
         if(mysql_num_rows($query)==0){
        if(isset($reg)){
          $patsql= "INSERT INTO `patient`(`fname`, `lname`, `birthday`, `address`, `work`, `civil`, `gender`, `btype`, `height`, `weight`, `fallergy`, `mallergy`, `image`, `imagetype`) VALUES ('$fname','$lname','$dob','$address','$work')";
        }
      }
  ?>

possible duplicate of [PHP: "Notice: Undefined variable" and "Notice: Undefined index"](http://stackoverflow.com/questions/4261133/php-notice-undefined-variable-and-notice-undefined-index) — Rizier123, Feb 28 '15 at 11:37

score -1 · Answer 1 · answered Feb 28 '15 at 11:43

-1

The good news it's not an error, it's just a notice. That won't make your script exit unexpectedly (unlike an error), but you have to fix it.

The notice you have is pretty clear, the variable lname does not exist, so you have to check that you have the spelling right.

But that's clearly not all : do not use extract ! This is like, really really really bad ! What if someone creates a form and make it send data to your PHP script ? Well, put simply, they could replace almost every variable that was defined before the extract by the value they want.

You should also check that your form was completed correctly, and should take care of possible mysql injections.

answered Feb 28 '15 at 11:43

Loufylouf

697
5
13

And where is the answer now? – Rizier123 Feb 28 '15 at 11:44
now i know . i just need to add error_reporting(0); so the notice wont show up . thanks btw. – EverythingRichardify Feb 28 '15 at 11:45
@EverythingRichardify no, not at all – Loufylouf Feb 28 '15 at 11:46
2

PHP not crashing does not mean that your script, as it is now, will do what you expect it to do. – Loufylouf Feb 28 '15 at 11:48

i get error from my php code i get unidentified variables

1 Answers1