Undefined index and undefined constant

Question

First of all, I don't know anything about PHP. Here is the PHP script that I am using to add data to a mySQL library:

<?php
header("Access-Control-Allow-Origin: *");
//==MAN2==adf
$hostname = "localhost"; //This is probably correct
$username = "BLERB";    // Your MySQL username
$password = "BLERB";        // Your MySQL Password
$database = "BLERB";     // The name of your database
$table = "BLERB"; // Your actual table to hold the data
//$table2 = "";  //You can use multiple tables to organize your database!

// Make a MySQL Connection no changes need to be made here
//==MAN3==
$dbh = new PDO("mysql:host=$hostname; dbname=$database", $username, $password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
/* 
STEP 2 Potential Variables passed from URL - list them all here.
*/
//==MAN4==
$f = $_POST['f']; //na=new account sv=save ld=load onformation and au=authorize access
$pname = $_POST['n'];
$pip = $_POST['ip'];
$pnp = $_POST['np'];
$pop = $_POST['op'];
$psp = $_POST['sp'];
$pword = $_POST['pass'];

//==MAN5==
$salt = "gameMaker"; // CHANGE THIS TO SOMETHING SECRET
$epword = crypt($pword,$salt); // This encrypts the password and sets it to a variable.

//==MAN6==
//Functions Start

//This function will create a new user account or save file
//==MAN7==
function create_account($dbh,$table,$pip,$pnp,$pop,$psp,$epword,$pname)  //declare function Part between () is all the variables you will need for this function.
{
try
    {
        $stmt = $dbh->prepare("INSERT INTO $table (p_name, p_word, p_ip, p_np, p_op, p_sp) VALUES (:pname, :pword, :pip, :pnp, :pop, :psp)"); //Prepare statement for instert
        $stmt ->bindparam(':pname', $pname, PDO::PARAM_STR);  //Build inserts array
        $stmt ->bindparam(':pword', $epword, PDO::PARAM_STR);
        $stmt ->bindparam(':pip', $pip, PDO::PARAM_STR);
        $stmt ->bindparam(':pnp', $pnp, PDO::PARAM_STR);
        $stmt ->bindparam(':pop', $pop, PDO::PARAM_STR);
        $stmt ->bindparam(':psp', $psp, PDO::PARAM_STR);
        $stmt->execute();  //Execute array
        echo "1";  //Everything worked!
    }
    catch (PDOExecption $ex)
        {   
            echo "0";  //Something went wrong :(
        }
    $dbh = null;
}

// This function will save information to an existing account
//==MAN8==
function save_info($dbh, $table, $pname, $pip, $pnp, $pop, $psp)
{
try
    {
        $stmt = $dbh->prepare("UPDATE $table SET p_ip=?, p_np=?,p_op=?,p_sp=? WHERE p_name=?");
        $stmt->execute(array($pip,$pnp,$pop,$psp,$pname));
        echo "1";
    }
    catch (PDOExecption $ex)
        {   
            echo "0";
        }
    $dbh = null;
}

// This function will pull account information
//==MAN9==
function load_info($dbh,$table,$pname)
{
    {
        $stmt = $dbh->query("SELECT * FROM $table WHERE p_name = '$pname'");
        $result = $stmt->fetchObject();
        echo $result->p_name.",".$result->p_ip. "," .$result->p_np. "," .$result->p_op. "," . $result->p_sp;
        $dbh = null;
    }
}
// This function will simply check if a user exists in the system - useful to auhorize thier aceess. 
//==MAN10==
function auth($dbh, $table, $epword, $pname)
{
    $stmt = $dbh->query("SELECT COUNT(*) from $table WHERE p_name = '$pname' AND p_word = '$epword'"); 
    $result = $stmt->fetchColumn();

    if ($result <= 0)
        {
        echo '0';
        }
    else
        {
        echo '1';   
        }   
}
// This function is used for nothing more than testing that the script and database are working. 
//==MAN11==
function connection_test($dbh,$table,$pname)
{
    $stmt = $dbh->query("SELECT COUNT(*) from $table"); 
    $result = $stmt->fetchColumn();

    if ($result <= 0)
        {
        echo 'Could not communicate with database. Check your setup, username & pass, or your database is empty.';
        }
    else
        {
        echo 'Everything seems good you have '. $result .' row(s) in your database!';   
        }
}

// This determines which function to call based on the $f parameter passed in the URL.
//==MAN12==
switch($f)
{
    case na: create_account($dbh,$table,$pip,$pnp,$pop,$psp,$epword,$pname); break;
    case sv: save_info($dbh, $table,$pname,$pip,$pnp,$pop,$psp); break;
    case ld: load_info($dbh,$table,$pname); break;
    case au: auth($dbh,$table,$epword,$pname); break;
    case ts: connection_test($dbh,$table,$pname); break;
    default: echo"error";
}

?>

I am getting these errors in my log:

[08-Aug-2017 21:50:59 America/Denver] PHP Notice: Undefined index: ip in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 43 [08-Aug-2017 21:50:59 America/Denver] PHP Notice: Undefined index: np in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 44 [08-Aug-2017 21:50:59 America/Denver] PHP Notice: Undefined index: op in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 45 [08-Aug-2017 21:50:59 America/Denver] PHP Notice: Undefined index: sp in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 46 [08-Aug-2017 21:50:59 America/Denver] PHP Notice: Undefined index: pass in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 47 [08-Aug-2017 21:50:59 America/Denver] PHP Notice: Use of undefined constant na - assumed 'na' in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 161 [08-Aug-2017 21:50:59 America/Denver] PHP Notice: Use of undefined constant sv - assumed 'sv' in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 162 [08-Aug-2017 21:50:59 America/Denver] PHP Notice: Use of undefined constant sr - assumed 'sr' in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 163 [08-Aug-2017 21:50:59 America/Denver] PHP Notice: Use of undefined constant ld - assumed 'ld' in /home1/codedgam/public_html/games/draw-online/gameSync.php on line 164

The lines in question that are causing the errors are 43-47:

$stmt ->bindparam(':pword', $epword, PDO::PARAM_STR);
$stmt ->bindparam(':pip', $pip, PDO::PARAM_STR);
$stmt ->bindparam(':pnp', $pnp, PDO::PARAM_STR);
$stmt ->bindparam(':pop', $pop, PDO::PARAM_STR);
$stmt ->bindparam(':psp', $psp, PDO::PARAM_STR);

And lines 161-164:

case na: create_account($dbh,$table,$pip,$pnp,$pop,$psp,$epword,$pname); break;
case sv: save_info($dbh, $table,$pname,$pip,$pnp,$pop,$psp); break;
case sr: save_and_return($dbh, $table,$pname,$pip,$pnp,$pop,$psp); break;
case ld: load_info($dbh,$table,$pname); break;
case au: auth($dbh,$table,$epword,$pname); break;
case ts: connection_test($dbh,$table,$pname); break;
default: echo"error";

Because I don't know PHP I really don't have any clue how to fix this. I've tried searching for solutions but didn't see any that resembled my code.

Any help will be greatly appreciated.

The form that is supposed to submit values to the php file you posted, must have inputs for all the names (`indexes`) specified in `$_POST` e.g. `$_POST['ip'];` must have a corresponding `` Which leads me to believe you loaded the php script without the submission of a form. For the `undefined constant` error, your cases should be strings. e.g. `case 'ld':` — Will B., Aug 10 '17 at 00:09
If the `$_POST` names are expected to be input in the URL as a querystring parameter, you must replace `$_POST` with `$_GET`. This will allow you to navigate to `gameSync.php?f=na&ip=123&np=foo&op=bar&sp=baz&pass=Hello+World` — Will B., Aug 10 '17 at 00:12
That's for the reply. I can see why the problem is happening now. In some of my HTTP requests I submit a string without all those variables. For example website.php&f=ld&pname=bob. In the load function I don't need to have all of the other variables. How do I make it so that in this case it doesn't throw the error? — , Aug 10 '17 at 00:13
So, sorry if I'm not understanding this, variables that may or may not be submitted should us &_GET instead of &_POST. So I would want to leave the f and n variables as &_POST and change everything else to &_GET? — , Aug 10 '17 at 00:18
Form values in forms utilizing `
` are retrieved from the `$_POST` global variable. Those input via URL such as a hyperlink or in `
` are retrieved in the `$_GET` global variable. To not throw an error, you should **always** validate input accepted from external sources. To do this you can simply check for the values using `if(!isset($_POST['ip'])){ die('Invalid Input'); }` This will stop the script from running and show the defined textual output to the browser. You could also perform other actions, such as redirect back to the original form. — Will B., Aug 10 '17 at 00:23
See this php script isn't being called from a html website. I'm doing HTTP requests from a desktop application written in GameMaker Studio, so I don't know its exact implementation of the http_post_string method. Everything appears to be working the way it should, I'm just getting these errors. — , Aug 10 '17 at 01:10
The you should check `var_dump($_GET);` and `var_dump($_POST);` at the top of your script to see which one has your values.HTTP Request is just a protocol request that has many different methods, which can be `GET, POST, DELETE, PUT, OPTIONS, CONNECT, TRACE, HEAD, and PATCH` https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods For the most part PHP uses `$_REQUEST` as a catch all, but is not advised for production usage. See: https://stackoverflow.com/a/107737/1144627 — Will B., Aug 10 '17 at 01:31

Undefined index and undefined constant

0 Answers0