PHP update using input value

Question

I keep getting the following error and can not figure out what is going wrong.

Notice: Undefined index: name in C:\xampp\htdocs\FYP\resProcessing.php on line 99

The error relates to the following line:

$name = $_POST['name'];

The following below is my code:

if ($quick_check != 0){
    while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)){

        $id = $row['id'];
        $tablenum = $row['tablenum'];
        $avail = $row['avail'];

        $spots .= 'You just reserved table '.$tid.'.<br />';
        $spots .= 'You only have 8 minutes to finish or your reservation will expire and the table will open up to other people.<br />';
    }

    $availNow = $avail - $num;

    $sql = "UPDATE available SET avail='$availNow' WHERE id='$id' LIMIT 1";
    $query = mysqli_query($connect, $sql);

    $sql = "INSERT INTO reserves(tablenumber,numseats,restime) VALUES ('$tablenum','$num',now())";
    $query = mysqli_query($connect, $sql);

    $reserveID = mysqli_insert_id($connect);
    $spots .= '<form name="confirmform" id="confirmform" method="post" onSubmit="return false;">';
    $spots .= 'Full Name: &nbsp;<input type="text" name="name" id="name" required autofocus placeholder="Your Name" pattern="[a-zA-Z]+{3,}" title="Please enter your full name."></br>';

    // hidden field holds the table name
    $spots .= '<input id="tableNumber" type="hidden" value="'.$tablenum.'">';
    // hidden field holds the number of seats
    $spots .= '<input id="numSeats" type="hidden" value="'.$num.'">';
    // hidden field holds the reserve insert id
    $spots .= '<input id="reserveID" type="hidden" value="'.$reserveID.'">';

    // On submit call js function
    $spots .= '<button id="confirmbtn" onClick="confirmSeats();updateInfo();">Make Reservations</button></br>';

    $name = $_POST['name'];

    $sql = "UPDATE available SET name='$name' WHERE id='$id' LIMIT 1";
    $query = mysqli_query($connect, $sql);

    $spots .= '</form>';
    $spots .= '<button id="cancelbtn" onClick="cancelReserve('.$reserveID.')">Cancel Reservation</button>';


} else {
    $spots .= "Sorry, someone just reserved those. Try another table";
    $reserveID = "open";
}           

echo "$spots|$reserveID";
exit();
}

I would really appreciate if anybody could help. Thanks!

Answer 1

The reason is that the POST request does not contain name parameter.

Or HTTP request type is not POST in your case.

Try $name = $_REQUEST['name']; — it would account for GET variables (and cookies) as well. If it doesn't help, fix your client (be it HTML form, JavaScript or something else).

You may also check if POST variable is defined before trying to access it, e.g.:

if (isset($_POST['name']))
{ 
    $name = $_POST['name'];
} 
else 
{ 
    echo "Name is required"; 
    // ...
}

Answer 2

Info:

It sounds like $_POST['name'] is not defined. You should verify whether or not it is and if it isn't you should have some logic to handle that case. You can use PHP isset() to check to see if $_POST['name'] "is set".

Warning:

Others may suggest using $_REQUEST, in case your variable is possibly set on $_GET as well, but you should understand how a RESTful API works before simply falling back to using $_REQUEST as there may be business logic and/or security considerations that can be affected.

Bonus:

You may also want to take a look at some PHP frameworks such as Laravel.