I have made a simple website to allow the user to sell an item and then view a list of the items for sale. It works perfectly on Safari and in Chrome but it doesn't work on FireFox. I only came across this during testing. I will post my code for the input form and the processing php and then the error I get in Firefox.
FORM:
<?php
// Define variables and set to empty values
$titleErr = $descriptionErr = $priceErr = $quantityErr = $durationErr = $locationErr = "";
$title = $description = $price = $quantity = $duration = $location = "";
$valid = FALSE;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$valid = TRUE;
if (empty($_POST["title"])) {
$titleErr = "Title is required";
$valid = FALSE;
}
else {
$title = test_input($_POST["title"]);
}
if (empty($_POST["description"])) {
$descriptionErr = "A description is required";
$valid = FALSE;
}
else {
$description = test_input($_POST["description"]);
if (!preg_match("/^[a-zA-Z ]*$/", $description)) {
$descriptionErr = "Only letters and white space allowed";
}
}
if (empty($_POST["price"])) {
$priceErr = "A price is required";
$valid = FALSE;
}
else {
$price = test_input($_POST["price"]);
}
if (empty($_POST["quantity"])) {
$quantityErr = "A quantity is required";
$valid = FALSE;
}
else {
$quantity = test_input($_POST["quantity"]);
}
if (empty($_POST["duration"])) {
$durationErr = "Duration is required";
$valid = FALSE;
}
else {
$duration = test_input($_POST["duration"]);
}
if (empty($_POST["location"])) {
$locationErr = "A location is required";
$valid = FALSE;
}
else {
$location = test_input($_POST["location"]);
}
// If valid then redirect
if($valid){
header('Location: sell_your_item.php');
exit();
}
}
// Function to remove spaces, strip slashes and allow special characters to be used in form
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>Sell Your Item</title>
<link href="style.css" type="text/css" rel="stylesheet">
</head>
<body>
<div>
<h2>Sell your item</h2><br>
<section>
<nav id="primary_nav_wrap" data-role="navbar">
<ul>
<li><a href="form.php">Sell an item</a></li>
<li><a href="list_items.php">Items for sale</a></li>
</ul>
</nav>
</section><br><br>
<p><span class="error">* required.</span></p>
<form method="post" onsubmit='<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>' enctype="multipart/form-data">
Title:
<input type="text" name="title" value="<?php echo $title;?>">
<span class="error">* <?php echo $titleErr;?></span>
<br><br>
Description:
<textarea class="textarea" name="description" rows="2" cols="50" value="<?php echo $description;?>">
</textarea>
<span class="error">* <?php echo $descriptionErr;?></span>
<br><br>
Choose A Picture:
<input type="file" name="picture" value="<?php echo $picture;?>">
<br><br>
Category:
<select name="category">
<option
value="Collectables" <?php if(isset($_POST['category']) && $_POST['category'] == 'Collectables') echo "selected"; ?>
name="Collectables">Collectables</option>
<option
value="Electronics" <?php if(isset($_POST['category']) && $_POST['category'] == 'Electronics') echo "selected"; ?>
name="Electronics">Electronics</option>
<option
value="Vehicles" <?php if(isset($_POST['category']) && $_POST['category'] == 'Vehicles') echo "selected"; ?>
name="Vehicles">Vehicles</option>
<option
value="Children" <?php if(isset($_POST['category']) && $_POST['category'] == 'Children') echo "selected"; ?>
name="Children">Children</option>
<option
value="Clothing" <?php if(isset($_POST['category']) && $_POST['category'] == 'Clothing') echo "selected"; ?>
name="Clothing">Clothing</option>
<option
value="Fitness" <?php if(isset($_POST['category']) && $_POST['category'] == 'Fitness') echo "selected"; ?>
name="Fitness">Fitness</option>
<option
value="Homegarden" <?php if(isset($_POST['category']) && $_POST['category'] == 'Homegarden') echo "selected"; ?>
name="Homegarden">Home & Garden</option>
</select>
<br><br>
Starting Price:
<input type="number" name="price" min="0.01" step="0.01" value="<?php echo $price;?>">
<span class="error">* <?php echo $priceErr;?></span>
<br><br>
Quantity:
<input type="number" name="quantity" min="1" max="99" value="<?php echo $quantity;?>">
<span class="error">* <?php echo $quantityErr;?></span>
<br><br>
Duration (days):
<input type="number" name="duration" min="1" max="10" value="<?php echo $duration;?>">
<span class="error">* <?php echo $durationErr;?></span>
<br><br>
Location:
<input type="text" name="location" value="<?php echo $location;?>">
<span class="error">* <?php echo $locationErr;?></span>
<br><br>
Auction Type:
<select name="auction_type">
<option value="Fixed_price" <?php if(isset($_POST['auction_type']) && $_POST['auction_type'] == 'Fixedprice') echo "selected"; ?>
name="fixedprice">Fixed Price Sale</option>
<option value="Auction" <?php if(isset($_POST['auction_type']) && $_POST['auction_type'] == 'Auction') echo "selected"; ?>
name="auction">Auction</option>
</select>
<br><br>
Payment Method:
<select name="paymentType">
<option value="PayPal" <?php if(isset($_POST['paymentType']) && $_POST['paymentType'] == 'PayPal') echo "selected"; ?>
name="PayPal">PayPal</option>
<option value="Creditcard" <?php if(isset($_POST['paymentType']) && $_POST['paymentType'] == 'Creditcard') echo "selected"; ?>
name="Creditcard">Credit Card</option>
<option value="Bank" <?php if(isset($_POST['paymentType']) && $_POST['paymentType'] == 'Bank') echo "selected"; ?>
name="bank">Bank Deposit</option>
</select>
<br><br>
Postage Details:
<select name="postage">
<option value="Pickup" <?php if(isset($_POST['postage']) && $_POST['postage'] == 'Pickup') echo "selected"; ?>
name="pickup">Pick Up only</option>
<option value="Post" <?php if(isset($_POST['postage']) && $_POST['postage'] == 'Post') echo "selected"; ?>
name="post">Postage available at buyer's expense</option>
</select>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
</div>
</body>
</html>
SELL_YOUR_ITEM.PHP:
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>Sell Your Item</title>
</head>
<body>
<?php
// Maximum file size for the html upload form
$max_file_size = 50 * 1024 * 1024; // size in bytes
// The directory that will recieve the uploaded file
$dir = 'uploads/';
// Determine connection variables
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "ictdbs504";
// Create Connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check Connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// Escape user inputs for security
$sellingFormat = mysqli_real_escape_string($conn, $_POST['auction_type']);
$category = mysqli_real_escape_string($conn, $_REQUEST['category']);
$title = mysqli_real_escape_string($conn, $_REQUEST['title']);
$description = mysqli_real_escape_string($conn, $_REQUEST['description']);
$startPrice = mysqli_real_escape_string($conn, $_REQUEST['price']);
$duration = mysqli_real_escape_string($conn, $_REQUEST['duration']);
$quantity = mysqli_real_escape_string($conn, $_REQUEST['quantity']);
$location = mysqli_real_escape_string($conn, $_REQUEST['location']);
$paymentType = mysqli_real_escape_string($conn, $_REQUEST['paymentType']);
$postageDetails = mysqli_real_escape_string($conn, $_REQUEST['postage']);
//variables for images
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["picture"]["name"]);
$extension = end($temp);
$success = false;
// Check if form submitted
if(isset($_POST['submit'])) {
if (strlen($title)>0 && strlen($description)>0) {
$newFilePath = $dir . "/" . $title . "." . $extension;
move_uploaded_file($_FILES['picture']['tmp_name'], $newFilePath);
// Query database and insert data into item table
$itemQry = 'INSERT INTO items (title, picture, startPrice, category, description, quantity, location, sellingFormat, duration, paymentType, postageDetails)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
$statement = $conn->prepare($itemQry);
$statement->bind_param('sssssssssss', $title, $newFilePath, $startPrice, $category, $description, $quantity, $location, $sellingFormat, $duration, $paymentType, $postageDetails);
$statement->execute();
$success=true;
}}
// If successful, redirect to this page
if($success == true){
header('Location: list_items.php');
die(); }
?>
</body>
</html>
THE ERROR I RECEIVE:
Notice: Undefined index: auction_type in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 32
Notice: Undefined index: category in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 33
Notice: Undefined index: title in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 34
Notice: Undefined index: description in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 35
Notice: Undefined index: price in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 36
Notice: Undefined index: duration in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 37
Notice: Undefined index: quantity in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 38
Notice: Undefined index: location in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 39
Notice: Undefined index: paymentType in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 40
Notice: Undefined index: postage in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 41
Notice: Undefined index: picture in /Applications/XAMPP/xamppfiles/htdocs/ICTDBS504/sell_your_item.php on line 46
Please help!
