Undefined variable if count 0

Question

i have a little bit problem with my following code. I am trying to make a star raiting system and following code is showing raiting details. But i am getting

undefined variable rate_db notice

from if(count($rate_db)) What i missing here anyone can tell me please ?

full code is here:

    <?php
      $query = mysqli_query($db,"SELECT ryid,r_type FROM profileRaiting WHERE rp_uid='$profile_uid'"); 
        while($data = mysqli_fetch_assoc($query)){
           $rate_db[] = $data;
           $sum_rates[] = $data['r_type'];
        }
        if(count($rate_db)){
          $rate_times = count($rate_db);
          $sum_rates = array_sum($sum_rates);
          $rate_value = $sum_rates/$rate_times;
          $rate_bg = (($rate_value)/5)*100;
        } else {
           $rate_times = 0;
           $rate_value = 0;
           $rate_bg = 0;
        }
 ?>

`$rate_db = array();` and `$sum_rates = array();` initialize at top — devpro, Oct 25 '16 at 15:04
Since you define that variable `$rate_db` in your loop, it won't be defined if the loop never occurs (like with an empty result). Define that variable: `$rate_db = array()` before your loop. — M. Eriksson, Oct 25 '16 at 15:04
Side note: You are open to [SQL Injections](http://php.net/manual/en/security.database.sql-injection.php) and should really use [Prepared Statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) instead of concatenating your queries. (there's always a risk when concatenating strings like that) — M. Eriksson, Oct 25 '16 at 15:05
I guess php have variable scope too? you declare `$rate_db` inside the `while` and outside isnt define? — Juan Carlos Oropeza, Oct 25 '16 at 15:06
@JuanCarlosOropeza - If you define a variable in a loop, then it will exist outside as well (after the loop, that is). But if the loop never gets triggered, then it will be undefined. — M. Eriksson, Oct 25 '16 at 15:07

score 3 · Accepted Answer · edited May 23 '17 at 10:27

3

It's better to initialize your both arrays at top as:

$rate_db = array(); 
$sum_rates = array();

And i don't know where you define this variable $profile_uid, if it's user input or session value, than your code is open for SQL Injection, you can use Prepared Statement to prevent SQL attack. And this post will help you to understand: How can I prevent SQL injection in PHP?

Side Note & Suggestion:

One more thing, you can also get the sum of r_type as:

$sum_rates += $data['r_type'];

In this case, you need to initialize $sum_rates as:

$sum_rates = 0;

And just remove this line from IF condition:

$sum_rates = array_sum($sum_rates);

Benefit, no need to use extra method.

edited May 23 '17 at 10:27

Community

1
1

answered Oct 25 '16 at 15:08

devpro

16,184
3
27
38

1

thank you for your nice answer. It is solved my problem. And i fixed SQL injection. – AlwaysStudent Oct 25 '16 at 15:21
@DevStud: glad to help u friend. – devpro Oct 25 '16 at 15:26

score 2 · Answer 2 · answered Oct 25 '16 at 15:06

$rate_db variable is defined in the while loop where you fetch the data from MySQL. However, if the query does not return any records, then while loop's body will not be executed, thus $rate_db variable will not be defined.

Solution: define $rate_db variable as an empty array before the while loop.

score 2 · Answer 3 · answered Oct 25 '16 at 15:07

You can initialize the variable:

<?php
        $rate_db = array();
        $sum_rates = array();
        $query = mysqli_query($db,"SELECT ryid,r_type FROM profileRaiting WHERE rp_uid='$profile_uid'"); 
        while($data = mysqli_fetch_assoc($query)){
           $rate_db[] = $data;
           $sum_rates[] = $data['r_type'];
        }
        $rate_times = count($rate_db);
        if($rate_times > 0){
          $sum_rates = array_sum($sum_rates);
          $rate_value = $sum_rates/$rate_times;
          $rate_bg = (($rate_value)/5)*100;
        } else {
           $rate_times = 0;
           $rate_value = 0;
           $rate_bg = 0;
        }
 ?>

score 1 · Answer 4 · answered Oct 25 '16 at 15:05

before using count you need to be sure that it does have something in it so your complete code can be like this

<?php
  $query = mysqli_query($db,"SELECT ryid,r_type FROM profileRaiting WHERE rp_uid='$profile_uid'"); 
    while($data = mysqli_fetch_assoc($query)){
       $rate_db[] = $data;
       $sum_rates[] = $data['r_type'];
    }
    if(isset($rate_db) && count($rate_db)){
      $rate_times = count($rate_db);
      $sum_rates = array_sum($sum_rates);
      $rate_value = $sum_rates/$rate_times;
      $rate_bg = (($rate_value)/5)*100;
    } else {
       $rate_times = 0;
       $rate_value = 0;
       $rate_bg = 0;
    }
 ?>

score 1 · Answer 5 · answered Oct 25 '16 at 15:12

  $query = mysqli_query($db,"SELECT ryid,r_type FROM profileRaiting WHERE rp_uid='$profile_uid'"); 
        while($data = mysqli_fetch_assoc($query)){
           $rate_db[] = $data;
           $sum_rates[] = $data['r_type'];
        }

Because when your query returns empty result the while loop will never become true, so $rate_db[] will never be reached and therefore will never be created.

to fix this, you should declare $rate_db[] as empty first at the top of your script. to avoid the error.

Undefined variable if count 0

5 Answers5