undefined index email error

Question

I'm having a problem here This is my forgot pass.php code

<?php
if(isset($_POST['submit_email']) && $_POST['email'])
{
require 'connect.php';
include 'connect.php';
  $select=mysqli_query($con, "SELECT * from `users` where email='$email'");
  if(mysqli_num_rows($select)==1)
  {
    while($row=mysql_fetch_array($select))
    {
      $email=($row['email']);
      $pass=md5($row['password']);
    }

I'm getting the error Undefined variable: email on line 6. Thanks in advance for helping

that isn't the only thing wrong here; consult the duplicates. — Funk Forty Niner, Oct 18 '17 at 18:57
`md5()`is obsolete for hashing passwords and should *not be used*. PHP provides [password_hash()](http://php.net/manual/en/function.password-hash.php) and [password_verify()](http://php.net/manual/en/function.password-verify.php), please use them. And here are some [good ideas about passwords](https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet). If you are using a PHP version prior to 5.5 [there is a compatibility pack available here](https://github.com/ircmaxell/password_compat). — John Conde, Oct 18 '17 at 18:59
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). — John Conde, Oct 18 '17 at 19:00
Thanks for informing!. i've just added the password.php library for a better algorithm for hasing passwords — , Oct 18 '17 at 19:09

undefined index email error

0 Answers0