PHP $_POST Notice: Undefined index: regno on line 33

Question

I've got this error. I thought it's on misplaced of ' the $_POST, but if I do that (eg $_POST['regno']) it will give T_ESCAPED error. How I can fix this? Here is the code of line 33:

$sql = "SELECT * FROM students WHERE RegNo='$_POST[regno]' AND
password='$_POST[password]' AND Status='Enabled'";

I'm using Wamp as my localhost. Thanks!

This code is highly vulnerable to SQL injections! – Sirko Dec 03 '15 at 08:54 — Sirko, Dec 03 '15 at 08:54

score 1 · Accepted Answer · answered Dec 03 '15 at 08:55

1

You need to check the post value like this

 $reg_no = isset($_POST['regno']) ? $_POST['regno'] : '';
 $sql = "SELECT * FROM students WHERE RegNo='".$reg_no."' AND password='".$_POST['password']."' AND Status='Enabled'";

answered Dec 03 '15 at 08:55

Arun Krish

2,153
1
10
15

Hey, the error did disappear. Thanks @arun-krish ! > – IlhamideaZ Dec 03 '15 at 09:00

score 1 · Answer 2 · answered Dec 03 '15 at 09:01

First be sure that your variables exists before trying to save them :

<?php
if(isset($_POST['regno']) && !empty($_POST['regno'])){
    $regno =$_POST['regno'];
}

if(isset($_POST['password']) && !empty($_POST['password'])){
    $password =$_POST['password'];
}

if(isset($password) && isset($regno)){
    $sql = "SELECT * FROM students WHERE RegNo='$regno' AND password='$password' AND Status='Enabled'";
}
?>

Also keep in mind that using POST var like this is very exposed to SQL injections.

score 0 · Answer 3 · answered Dec 03 '15 at 08:52

0

try this :

$sql = "SELECT * FROM students WHERE RegNo='".$_POST['regno']."' AND password='".$_POST['password']."' AND Status='Enabled'";

answered Dec 03 '15 at 08:52

Akhil Thayyil

9,263
6
34
48

The error still appear @akhil-thayyil – IlhamideaZ Dec 03 '15 at 08:55
print_r($_POST) and check whether you have the params regno and password set in POST – Akhil Thayyil Dec 03 '15 at 08:56

PHP $_POST Notice: Undefined index: regno on line 33

3 Answers3