0

I currently have a PHP form for our partners to register quotes. After the user log in they are brought to the beginning of the quote form. I would like the user's first name to display in the first form field automatically.

The user's session information includes an array of values; one of which is the firstName value. This is the value that I would like to display in the first field when the user logs in.

When I try to load the page I am getting an error instead of the user's first name.

This is the error I am getting:
Notice: Undefined index: user in C:\wamp64\www\quote_generator\quote_tool.php on line 77

Here is the updated page code:

<?php
    require("config.php");
    if(empty($_SESSION['user'])) 
    {
        header("Location: index.php");
        die("Redirecting to index.php"); 
    }
?>

<!doctype html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <title>Quoting Tool </title>
    <meta name="description" content="Teo partner quote generator tool">
    <meta name="Kenneth Carskadon" content="www.kencarskadon.com">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">

    <!-- CSS -->
    <link rel="stylesheet" href="http://fonts.googleapis.com/css?family=Roboto:400,100,300,500">
    <link rel="stylesheet" href="assets/css/bootstrap.min.css" media="screen">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/3.1.3/css/bootstrap-datetimepicker.min.css">
    <link rel="stylesheet" href="assets/css/font-awesome/css/font-awesome.css">
    <link rel="stylesheet" href="assets/css/form-elements.css">
    <link rel="stylesheet" href="assets/css/datepicker.css">
    <link rel="stylesheet" href="assets/css/style.css">
    <style>
        body {
            background: url("assets/images/backgrounds/background.jpg") no-repeat fixed center;
            background-size: cover;
        }
    </style>
</head>
<body>

<!-- Top menu -->
    <nav class="navbar navbar-inverse navbar-no-bg" role="navigation">
        <div class="container">
            <div>
                <a class="navbar-brand" href="#">
                    <img src="assets/images/logo/Teo%20Logo%20White.png" class="img-responsive" id="teo-logo">
                </a>
            </div>
        </div>
    </nav>

    <!-- Top content -->
    <div class="top-content">
        <div class="inner-bg">
            <div class="container form-container">
                <div class="row">
                    <div class="col-sm-8 col-sm-offset-2 text">
                        <h1><strong>Teo</strong> Partner Quote Generation Form</h1>
                    </div>
                </div>
                <div class="row">
                    <div class="col-sm-8 col-sm-offset-2 form-box">
                        <form role="form" action="" method="post" class="registration-form">
                            <!-- Fieldset 1: Partner Information -->
                            <fieldset>
                                <div class="form-top">
                                    <div class="form-top-left">
                                        <h2>Partner Information</h2>
                                        <h3>Tell us who you are</h3>
                                    </div>
                                    <div class="form-top-right">
                                        <img src="assets/images/icons/partner_info.png" class="form-icon">
                                    </div>
                                </div>
                                <div class="form-bottom">
                                    <div class="form-group">
                                        <input type="text" name="form-partner-name" placeholder="Partner name" class="form-partner-name form-control" id="form-partner-name" 
                                               value="<?php echo $_POST['user']['firstName']?>">
                                    </div>
                                    <div class="form-group">
                                        <select name="partner-level" type="text" title="Select partner level" class="form-control" id="form-partner-level" >
                                          <option>Select partner level</option>  
                                          <option data-price="34">Platinum</option>
                                          <option data-price="32">Gold</option>
                                          <option data-price="29">Silver</option>
                                        </select>
                                    </div>
                                    <div class="form-group">
                                            <input type="text" readonly="readonly" name="discount-perc" placeholder="Discount(%)" class="form-control" id="form-discount-perc">
                                        </div><br />
                                        <div class="form-group">
                                            <input type="text" name="form-margin-perc" placeholder="Margin(%)" class="form-control" id="form-margin-perc">
                                        </div>
                                    <br /><br />
                                    <button type="button" class="btn btn-next">Next</button>
                                </div>
                            </fieldset>

                            <!-- Fieldset 2: Quote Information -->
                            <fieldset>
                                <div class="form-top">
                                    <div class="form-top-left">
                                        <h2>Quote Information</h2>
                                        <h3>Tell us about your customer</h3>
                                    </div>
                                    <div class="form-top-right">
                                        <img src="assets/images/icons/partner_info.png" class="form-icon">
                                    </div>
                                </div>
                                <div class="form-bottom">
                                    <div class="form-group">
                                        <input type="text" name="form-customer-name" placeholder="Customer name" class="form-customer-name form-control" id="form-customer-name">
                                    </div>
                                    <div class="form-group">
                                        <input type="text" name="form-quote-number" placeholder="Quote Number" class="form-quote-number form-control" id="form-quote-number">
                                    </div>
                                    <div class="form-group">
                                        <input  type="text" name="form-incentive-exp" placeholder="Incentive Expiration Date"  class="teo-datepicker">
                                    </div>
                                    <div class="form-group">
                                        <input  type="text" name="form-proposal-exp" placeholder="Proposal Expiration Date"  class="teo-datepicker">
                                    </div>


                                    <br /><br />
                                    <button type="button" class="btn btn-previous">Previous</button>
                                    <button type="button" class="btn btn-next">Next</button>
                                </div>
                            </fieldset>

                            <!-- Fieldset 3: Select Servers -->
                            <fieldset>
                                <div class="form-top">
                                    <div class="form-top-left">
                                        <h2>Select Servers</h2>
                                        <h3>Tell us about the servers you need</h3>
                                    </div>
                                    <div class="form-top-right">
                                        <img src="assets/images/icons/select_servers.png" class="form-icon">
                                    </div>
                                </div>
                                <div class="form-bottom">
                                    <div class="form-group">
                                        <label for="server-select">What kind of server do you need?</label>
                                        <select class="form-control" id="server-type-select">
                                            <option>Please select and option below</option>
                                            <option>Pro Server</option>
                                            <option>Mini Server</option>
                                        </select>
                                    </div>

                                    <div class="form-group">
                                        <label for="server-select">How many servers do you need?</label>
                                        <input type="text" name="form-server-quantity" placeholder="Number of servers" class="form-control" id="form-server-quantity">
                                    </div>
                                    <br /><br />
                                    <button type="button" class="btn btn-previous">Previous</button>
                                    <button type="button" class="btn btn-next">Next</button>
                                    <button type="button" class="btn btn-skip">skip</button>
                                </div>
                            </fieldset>

                            <!-- Fieldset 4: Configure Servers -->
                            <fieldset>
                                <div class="form-top">
                                    <div class="form-top-left">
                                        <h2>Select Servers</h2>
                                        <h3>Tell us about the servers you need</h3>
                                    </div>
                                    <div class="form-top-right">
                                        <img src="assets/images/icons/select_servers.png" class="form-icon">
                                    </div>
                                </div>
                                <div class="form-bottom">
                                    <div class="form-group">
                                        <label for="server-select">What kind of server do you need?</label>
                                        <select class="form-control" id="server-type-select">
                                            <option>Please select and option below</option>
                                            <option>Pro Server</option>
                                            <option>Mini Server</option>
                                        </select>
                                    </div>

                                    <div class="form-group">
                                        <label for="server-select">How many servers do you need?</label>
                                        <input type="text" name="form-server-quantity" placeholder="Number of servers" class="form-control" id="form-server-quantity">
                                    </div>
                                    <br /><br />
                                    <button type="button" class="btn btn-previous">Previous</button>
                                    <button type="button" class="btn btn-next">Next</button>
                                    <button type="button" class="btn btn-skip">Skip</button>
                                </div>
                            </fieldset>
                            <div class="btn-logout">
                                <a href="logout.php">Logout</a>
                            </div>
                        </form>
                    </div>
                </div>
            </div>
        </div>
    </div>


    <!-- Javascript -->
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
    <script src="assets/js/bootstrap.min.js"></script>
    <script src="assets/js/jquery.backstretch.min.js"></script>
    <script type='text/javascript' src="https://rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js"></script>
    <script src="assets/js/bootstrap-datepicker.js"></script>
    <script src="assets/js/scripts.js"></script>

    <!--[if lt IE 10]>
            <script src="assets/js/placeholder.js"></script>
    <![endif]-->
</body>
</html>

Update: I have a session page that shows me the information on the current session, and these are the results for the form I am talking about:

View Image

K. Carskadon
  • 49
  • 12
  • 1
    This seems unwise: `$session = eval("return {$_POST['session']};");`. Just use $_POST['session']. – Scott C Wilson Jun 19 '17 at 16:26
  • Do you mean like this? $session = eval($_POST['session'];); – K. Carskadon Jun 19 '17 at 16:32
  • 1
    I mean stop using eval. Reference the posted variable as I do in my answer. – Scott C Wilson Jun 19 '17 at 16:34
  • 1
    if the code displayed is production / live code I'd be extremely concerned your using `eval` on POSTed data, you're asking to be hacked, and slapped. Stop it. You need to pretty much rewrite your whole session handling code using the [built in `$_SESSION` superglobal](http://php.net/manual/en/reserved.variables.session.php). – Martin Jun 19 '17 at 17:14
  • The login page (not shown here) is using the $_SESSION superglobal to create the initial session. The code above is just evaluating the session to grab the session array. – K. Carskadon Jun 19 '17 at 17:19

1 Answers1

0

The screenshot clarified it.

You should be able to use

$session['user']['firstName']

As noted in the comments above though, you will want to migrate away from using eval, which has security implications.

Scott C Wilson
  • 19,102
  • 10
  • 61
  • 83
  • The code I am having trouble with is on line 88, and I need it to just post the first name of the user; not the entire session. value=""> – K. Carskadon Jun 19 '17 at 16:33
  • Do what I am suggesting and make sure the array key you want is 'firstName'. – Scott C Wilson Jun 19 '17 at 16:34
  • I actually have a page with a session printing tool. I have put a screen shot of the session info into the main post above. The key is 'firstName'. – K. Carskadon Jun 19 '17 at 16:38
  • Am I just echoing that post line for the value attribute in the form? – K. Carskadon Jun 19 '17 at 17:03
  • Correct. Change ` echo("{$session['firstName']}"` to `echo $_POST['session']['user']['firstName']` – Scott C Wilson Jun 19 '17 at 17:17
  • I made the changes you suggested and now the form is displaying the following warning notice instead of the user's name:
    Notice: Undefined index: session in C:\wamp64\www\quote_generator\quote_tool.php on line 74
    – K. Carskadon Jun 19 '17 at 17:22
  • Note: I also updated the code in my initial question so you can see exactly how I implemented your recommendation. – K. Carskadon Jun 19 '17 at 17:23
  • I noticed you changed the solution to not include ['session']. I made the same change, and now the undefined index notice is posting at ['user'] instead. I assume I need to define the index somewhere before it is used, but I don't know how to do that. – K. Carskadon Jun 19 '17 at 17:35
  • OK. Can you please print $session? I know you have a screen shot, I just want you to do this: `print_r($session)` – Scott C Wilson Jun 19 '17 at 17:44