Form only working when you hit the checkbox

Question

I am making a form and I wish for the form to be able to be submitted when the checkbox is either ticked or checked. I don't get any other errors when I login without checking the box apart from this one

Notice: Undefined index: stayLoggedIn in /home/sites/2a/d/dbcf5d6440/public_html/MySQL/Challenges/Secretdiary.php on line 91

Here is my code!

<?php

session_start();

 $error="";

if (array_key_exists("logout", $_GET)) {

    unset($_SESSION);
    setcookie("id", "", time() - 60*60);
    $_COOKIE["id"] = "";

} else if(array_key_exists("id", $_SESSION) OR array_key_exists("id", $_COOKIE)) {

    header("Location: loggedinpage.php");
}

    if(array_key_exists("submit", $_POST)) {

        $link = mysqli_connect("XXX", "XXX", "XXX", "XXX");

            if (mysqli_connect_error()) {

                die("Database Connection Error");
            }



        if(!$_POST['email']) {

            $error.= "An Email Address is required<br>";
        }

        if(!$_POST['password']) {

            $error.= "A Password is required<br>";
        }

        if($error != "") {

            $error = "<p>There were error(s) in your form</p>".$error;

        } else {

            if($_POST['signUp'] == '1' ) {

            $query = "SELECT id FROM `users` WHERE email = '".mysqli_real_escape_string($link, $_POST['email'])."' LIMIT 1";
            $result = mysqli_query($link, $query);
            if (mysqli_num_rows($result) > 0) {

                $error = "That email address is taken.";

            } else {

                $query = "INSERT INTO `users` (`email`, `password`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".mysqli_real_escape_string($link, $_POST['password'])."')";

                if (!mysqli_query($link, $query)) {

                    $error="<p>Could not sign you up, please try again</p>";

                } else {

                    $query = "UPDATE `users` SET password = '".md5(md5(mysqli_insert_id($link)).$_POST['password']). "' WHERE id = ".mysqli_insert_id($link)." LIMIT 1";

                    mysqli_query($link, $query);
                    $_SESSION['id'] = mysqli_insert_id($link);
                    if ($_POST['stayLoggedIn'] == '1') {

                        setcookie("id", mysqli_insert_id($link), time() +  60*60*24*365);
                    }


                } header("Location: loggedinpage.php");


            } 


        } else {

                $query = "SELECT * FROM `users` WHERE email = '".mysqli_real_escape_string($link, $_POST['email'])."'";

                $result = mysqli_query($link, $query);
                $row = mysqli_fetch_array($result);
                if (array_key_exists("id", $row)) {

                    $hashedPassword = md5(md5($row['id']).$_POST['password']);
                    if ($hashedPassword == $row['password']) {

                        $_SESSION['id'] = $row['id'];
                        if ($_POST['stayLoggedIn'] == '1') {

                            setcookie("id", $row ($link), time() +  60*60*24*365);
                    }
                    }
                } 

                }


    }

    }



?>




<div id="error"><?php echo $error; ?></div>
<form method="post">
    <input type="email" name="email" placeholder="Your Email Eg. JoBloggs@me.co.uk">
    <input type="password" name="password" placeholder="Password">
    <input type="checkbox" name="stayLoggedIn" value=1>
    <input type="hidden" name="signUp" value="1">
    <input type="submit" name="submit" value="Sign Up!">
</form>

<form method="post">
    <input type="email" name="email" placeholder="Your Email Eg. JoBloggs@me.co.uk">
    <input type="password" name="password" placeholder="Password">
    <input type="checkbox" name="stayLoggedIn" value=1>
    <input type="hidden" name="signUp" value="0">
    <input type="submit" name="submit" value="Log In!">
</form>

When you submit the form without checking the checkbox it's value won't be submitted so you don't have any $_POST['stayLoggedIn'] and to fix it check if it exist using isset($_POST['stayLoggedIn'] ) which return true or false — Souhail Ben Slimene, Jun 04 '17 at 21:27
I hope you realize that you've got bigger problems than just a checkbox issue, yet nobody caught that. You're complicating this more than needed. — Funk Forty Niner, Jun 04 '17 at 21:53
MD5 is not sufficient for password hashing. Use [`password_hash()`](http://us3.php.net/manual/en/function.password-hash.php) and [`password_verify()`](http://us3.php.net/manual/en/function.password-verify.php) instead. — Alex Howansky, Jun 04 '17 at 22:40

score 2 · Answer 1 · answered Jun 04 '17 at 21:18

2

Checkboxes only get submitted as parameters when they're checkecd. So you need to use isset() to test whether the checkbox was set, not check the value. So change

if ($_POST['stayLoggedIn'] == '1')

to

if (isset($_POST['stayLoggedIn'])

answered Jun 04 '17 at 21:18

Barmar

741,623
53
500
612

score 1 · Accepted Answer · answered Jun 04 '17 at 21:18

1

Checkboxes only send the value WHEN CHECKED. So you have to do an isset($_POST['stayLoggedIn']) to see if the value was selected, otherwise that index will not exist in the PHP POST value.

answered Jun 04 '17 at 21:18

Bing

3,071
6
42
81

score 1 · Answer 3 · answered Jun 04 '17 at 21:18

1

If checkbox not selected, value of checkbox not send. You can check stayLoggedIn index exist or not by isset function:

if (isset($_POST['stayLoggedIn']) && $_POST['stayLoggedIn'] == '1') {

answered Jun 04 '17 at 21:18

Mohammad Hamedani

3,304
3
10
22

Form only working when you hit the checkbox

3 Answers3

Linked