0

Database table I want to check a column value of a table is not equal to zero in php .But it gives error on column name "Undefined index". Please guide me what is problem with my code.My php code is given below

<?php 
if($_SERVER['REQUEST_METHOD']=='POST'){
     require_once('dbConnect.php');
     $paydue=$_POST['paydue'];
     $rid=$_POST['rid'];            
     $cardid  = $_POST['cardid'];
     $sq = "SELECT * FROM bill WHERE refid='".$rid."'";
     $query=mysqli_query($con,$sq); 
     $result=mysqli_fetch_row($query); 
     if($result["paydue"] != '0'){
          $sql = "SELECT * FROM account WHERE cardid='".$cardid."'";
          $query1=mysqli_query($con,$sql); 
          $result1=mysqli_fetch_row($query1); 
          $sql1="UPDATE account SET balance = (balance - $paydue) WHERE cardid='$cardid';";
          if(mysqli_query($con,$sql1)){
               echo 'Payed Successfully';
               $sql2="Update bill set paydue = (paydue - $paydue) where refid='$rid';";
               mysqli_query($con,$sql2);
          }else{
               echo 'Could Not Payed Try Again';
          }
      }else{
           echo 'your Bill already Payed';
      } 
      //closing connection 
      mysqli_close($con);
 }
 ?>
Abdulmateen Ch.
  • 99
  • 1
  • 9
  • 1
    *"But it gives error on column name "Undefined index""* - Keep going................ which one/name? This could be *anything*. Post the full error or wait longer. – Funk Forty Niner May 12 '17 at 17:37
  • 1
    If any of those rows are `NULL` then `0` != `NULL/empty`. Your html form's unknown also. – Funk Forty Niner May 12 '17 at 17:39
  • I'd guess `paydue` is not in your table. `var_dump($result)`. Also you can check for the non-zero in the SQL. You might actually be able to do this all in one query. You also are open to SQL injections, parameterize. – chris85 May 12 '17 at 17:39
  • paydue is column name – Abdulmateen Ch. May 12 '17 at 17:40
  • And `var_dump($result)` gives back... – chris85 May 12 '17 at 17:40
  • ok... well if you can't provide us with the full error and the HTML for this, debug your code. There are many tools at your disposal; good luck. – Funk Forty Niner May 12 '17 at 17:43
  • [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)*** Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard May 12 '17 at 17:45
  • @Fred-ii- Error is undefined index:paydue in... – Abdulmateen Ch. May 12 '17 at 17:46

0 Answers0