1

Notice: Undefined index: subject in /var/www/mailer.php on line 12 Notice: Undefined index: message in /var/www/mailer.php on line 13 Notice: Undefined index: from in /var/www/mailer.php on line 14 Notice: Undefined index: verif_box in /var/www/mailer.php on line 15 Notice: Undefined index: tntcon in /var/www/mailer.php on line 23 no variables received, this page cannot be accessed directly

BELOW IS THE CODE

<?php

ini_set('display_errors',1);
error_reporting(E_ALL|E_STRICT);

// -----------------------------------------
//  The Web Help .com
// -----------------------------------------
// remember to replace you@email.com with your own email address lower in this code.

// load the variables form address bar
$subject = $_POST["subject"];
$message = $_POST["message"];
$from = $_POST["from"];
$verif_box = $_POST["verif_box"];

// remove the backslashes that normally appears when entering " or '
$message = stripslashes($message);
$subject = stripslashes($subject);
$from = stripslashes($from);

// check to see if verificaton code was correct
if(md5($verif_box).'a4xn' == $_COOKIE['tntcon']){
    // if verification code was correct send the message and show this page
    mail("abhijit.infogence@gmail.com", 'TheWebHelp.com Form: '.$subject, $_SERVER['REMOTE_ADDR']."\n\n".$message, "From: $from");
    // delete the cookie so it cannot sent again by refreshing this page
    setcookie('tntcon','');
} else if(isset($message) and $message!=""){
    // if verification code was incorrect then return to contact page and show error
    header("Location:".$_SERVER['HTTP_REFERER']."?subject=$subject&from=$from&message=$message&wrong_code=true");
    exit;
} else {
    echo "no variables received, this page cannot be accessed directly";
    exit;
    }
?>
Samuel Liew
  • 76,741
  • 107
  • 159
  • 260
AON
  • 25
  • 1
  • 4
  • *(tipp)* using `error_reporting(-1);` will show every possible error, even when new levels and constants are added in future PHP versions. – Gordon Oct 29 '10 at 15:13
  • ever heard of please? :D second, theese are Notice's - not errors, you probably try to access parts of $_POST, which don't exist – Hannes Oct 29 '10 at 15:15
  • that's my old code :) – adrianTNT Oct 25 '18 at 22:59

8 Answers8

1

You're trying to access parts of a variable which don't exist. You may want to check before using them, if they exist.

Erza Scarlet
  • 21
  • 4
0

The error is simply because the message $_POST array does not have a key called 'message'. It probably comes from the fact that the form has not been submitted. The error is only a notice and won't stop the program from working.

Coin_op
  • 10,568
  • 4
  • 35
  • 46
0

You should check what $_POST contains before you address some particular fields, take a look at the isset function. Or simply turn off display_errors ;)

kovshenin
  • 31,813
  • 4
  • 35
  • 46
  • 1
    "Or simply turn off `display_errors` ;)" => I would recommend that only to make an old / crappy PHP application to work on a recent server... – Maxime Pacary Oct 29 '10 at 15:18
  • @Frosty, I would recommend that on any production server ;) you don't want to show PHP errors to your visitors :) Old code on new PHP, yeah, tonnes of deprecated notices. But I do sometimes hate checking via isset and append a `@` before `$_POST` to avoid those notices. – kovshenin Oct 29 '10 at 15:21
  • I was talking about dev server obviously, since hiding notices is not generally a good practice there. But I agree that sometimes checking with `isset()` is really boring :-) – Maxime Pacary Oct 29 '10 at 15:33
0

Check user-submitted data

$subject = (isset($_POST["subject"]) ? $_POST["subject"] : '');
$message = (isset($_POST["message"]) ? $_POST["message"] : '');
$from = (isset($_POST["from"]) ? $_POST["from"] : '');
$verif_box = (isset($_POST["verif_box"]) ? $_POST["verif_box"] : '');

You can even make your own function to do that

function checkPost($fieldname)
{
  return (isset($_POST[$fieldname]) ? $_POST[$fieldname] : '');
}

And then do

$subject = checkPost("subject");

I recommend as well that you check required POST fields

if (!isset($_POST["xxx"]) || trim($_POST["xxx"]) == '')
{
  // throw exception, display error...
}

etc.

FYI, instead of using stripslashes() to avoid "magic_quotes", you can use a simple function such as this one http://snippets.dzone.com/posts/show/5256 which will do the job for all fields.

Maxime Pacary
  • 22,336
  • 11
  • 85
  • 113
0

It seems that you call this PHP file without submitting a form via the POST method. Make sure that your mailing form has the proper method set:

<form method="POST" action="yourfile.php">
etc.
</form>

You should also sanitize the user input before calling mail() (i. e. remove newlines and tags), otherwise you are calling for trouble.

Karel Petranek
  • 15,005
  • 4
  • 44
  • 68
  • Can...any one change the above code, which will work for me...and let me know the same...please – AON Oct 29 '10 at 15:23
0

Your $_POST and $_COOKIE arrays do not contain those indexes.

Do:

print_r($_POST);
print_r($_COOKIE);

to see what is contained in those arrays

Bjorn
  • 133
  • 1
  • 7
0
foreach(array('subject', 'message', 'from', 'verif_box') as $val)
{
    if (isset($_POST[$val]))
    {
        $$val = trim($_POST[$val]);
        continue;
    }

    // some sort of error checking, like telling the end user that
    // not all fields were correctly given
}
castis
  • 8,154
  • 4
  • 41
  • 63
0
//checking if array elements are set and changing variables values if so
$subject = isset($_POST["subject"])?$_POST["subject"]:null;
$message = isset($_POST["message"])?$_POST["message"]:null;
$from = isset($_POST["from"])?$_POST["from"]:null;
$verif_box = isset($_POST["verif_box"])?$_POST["verif_box"]:null;

// check to see if verificaton code was correct and if cookie value on 'tntcon' is set
if(isset($_COOKIE['tntcon']) && md5($verif_box).'a4xn' == $_COOKIE['tntcon']){

Changes are on lines 12-15 and in 23.

Constantine
  • 119
  • 8
  • What about posting just the changed lines, with maybe 1-2 lines before and after for context? –  Nov 14 '11 at 16:52