-2

I'm unable to change an input string($prima = $_POST['id'];) and a db query result ($systemuser['id'];) into an array which will be used for pattern matching using one single character at a time and then trying to find a match in the database "id" row that is queried. The point is to use two-third of an id(supposedly incomplete id of a user of a system) to query and find the complete id. Please see my code. I'd appreciate some help. Thanks I'm getting "undefined offset:0 through 9" error.

<?php
session_start();
include_once('server.php');

$error = false;
$gat = "";
$get = "";
$rt1 = "";
$rt2 = "";
$rt3 = "";
$rt4 = "";
$rt5 = "";
$rt6 = "";
$rt7 = "";
$rt8 = "";
$rt9 = "";
$rt0 = "";


if(isset($_POST['btn-login'])){

$firstname = $_POST['firstname'];
$firstname = trim($firstname);
$firstname = trim($_POST['firstname']);
$firstname = htmlspecialchars(strip_tags($firstname));  

$lastname = $_POST['lastname'];
$lastname = trim($lastname);
$lastname = trim($_POST['lastname']);
$lastname = htmlspecialchars(strip_tags($lastname));

$id = $_POST['id'];
$id = trim($id);
$id = trim($_POST['id']);
$id = htmlspecialchars(strip_tags($id));

$gender = $_POST['gender'];


   if(!$error) {
    //search data if no errors 

    $query = "select * from subscribers";
    $conditions = array();

    if(! empty($firstname)){
        $conditions[] = "firstname='$firstname'";
    }

    if(! empty($lastname)){
        $conditions[] = "lastname='$lastname'";
    }

    if(! empty($gender)){
        $conditions[] = "gender='$gender'";
    }


   $sql = $query;
    if(count($conditions) > 0){
        $sql .= " WHERE " . implode(' AND ', $conditions);
    }


    $result = mysqli_query($conn, $sql);


    while($systemuser = mysqli_fetch_array($result, MYSQLI_ASSOC)){

      $systemuser['id'];
      $gat = $systemuser['id'];

    }       


  //convert user input to array
    $prima = $_POST['id'];
    $prima = array();
    $rt1 = $prima[0];
    $rt2 = $prima[1];
    $rt3 = $prima[2];
    $rt4 = $prima[3];
    $rt5 = $prima[4];
    $rt6 = $prima[5];
    $rt7 = $prima[6];
    $rt8 = $prima[7];
    $rt9 = $prima[8];
    $rt0 = $prima[9];

    //retrieve and convert db data into array
    $gat = array(); 




    foreach( $gat as $get ){ 

    $rt1 = $prima[0];      
    if (preg_match("/[$rt1]+/", $gat));{
        $get += 1;
     }

    $rt2 = $prima[1];       
    if (preg_match("/[$rt2]+/", $gat)){ 
        $get += 1;
    }

    $rt3 = $prima[2];
    if (preg_match("/[$rt3]+/", $gat)){ 
        $get += 1;
    }

    $rt4 = $prima[3];
    if (preg_match("/[$rt4]+/", $gat)){ 
        $get += 1;
    }

    $rt5 = $prima[4];
    if (preg_match("/[$rt5]+/", $gat)){ 
        $get += 1;
    }

    $rt6 = $prima[5];
    if (preg_match("/[$rt6]+/", $gat)){ 
        $get += 1;
    }

    $rt7 = $prima[6];
    if (preg_match("/[$rt7]+/", $gat)){ 
        $get += 1;
    }

    $rt8 = $prima[7];
    if (preg_match("/[$rt8]+/", $gat)){ 
        $get += 1;
    }

    $rt9 = $prima[8];
    if (preg_match("/[$rt9]+/", $gat)){
        $get += 1;
    }

    $rt0 = $prima[9];
    if (preg_match("/[$rt0]+/", $gat)){ 
        $get += 1;
    }

    if ($get > 9){
        echo 'match found!';

    }
    else{
        echo 'match not found!';
    }


    }




   }

}

?>
harrid
  • 1
  • 2
  • 1
    Is someone just pulling our leg today with [these](https://stackoverflow.com/questions/51411083/display-first-name-data-based-on-first-letter)? PHP flog instead of golf? – ficuscr Jul 18 '18 at 22:40
  • You may reduce code by applying **Coding Standards** – Shahnawaz Kadari Jul 18 '18 at 22:46
  • Why do you feel it necessary to do things 2 or 3 times instead of once – RiggsFolly Jul 18 '18 at 22:47
  • Some sensible code indentation would be a good idea. It helps us read the code and more importantly it will help **you debug your code** [Take a quick look at a coding standard](http://www.php-fig.org/psr/psr-2/) for your own benefit. You may be asked to amend this code in a few weeks/months and you will thank me in the end. – RiggsFolly Jul 18 '18 at 22:47
  • `$systemuser['id'];` ?? Does what in your opinion???? – RiggsFolly Jul 18 '18 at 22:48
  • Your script is wide open to [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) in either the `MYSQLI_` or `PDO` API's – RiggsFolly Jul 18 '18 at 22:49
  • Hello everyone... – harrid Jul 18 '18 at 22:49
  • All the code under the comment `//convert user input to array` is complete nonsense – RiggsFolly Jul 18 '18 at 22:50
  • @RiggsFolly... that contains values from "id" row which will be used for pattern recognition. – harrid Jul 18 '18 at 22:53
  • Pls how can I fix it? That's why this was created. I'm not as shrewd as you seem to be in PHP. – harrid Jul 18 '18 at 22:55
  • But I do hope you get the grips of the functionality I'm trying to concoct. – harrid Jul 18 '18 at 22:58
  • Show us a sample of strings that should match, and strings that should not. – Rick James Jul 18 '18 at 23:25
  • @RickJames pls see posts below to get a clearer picture. – harrid Jul 19 '18 at 00:07
  • "Yes referencing the letters in string and trying to find a match from the queried db data result $systemuser['id']. If two-third of the characters of the string are contained in any of the returned set of IDs( $systemuser['id']), then there's a match." @ficuscr... posted this as a better way of referencing input string. $str = "I like PHP"; $firstLetter = (isset($str[0])) ? $str[0] : ''; $secondLetter = (isset($str[1])) ? $str[1] : ''; – harrid Jul 19 '18 at 00:07

1 Answers1

0

I started to refactor but there is just too much that is wrong.

You are getting that Undefined offset: 0 notice because...

<?php
$prima = array();
$rt1 = $prima[0];

Is referencing offset zero on an empty array. The code makes no sense. You seem to frequently assign a value and then overwrite in on the next line.

FWIW: strings in PHP can behave much like an array...

UPDATE:

I'm a little confused about crux here honestly. If I wanted to reference the first and second letters in a string I would do:

$str = "I like PHP";
$firstLetter = (isset($str[0])) ? $str[0] : '';
$secondLetter = (isset($str[1])) ? $str[1] : '';

See if you can follow this example:

$str = 'I like PHP';
for ($i=0; $i<strlen($str); $i++) {
    echo $str[$i] . "|"; 
}

And then... are you looking to do a WHERE foo LIKE 'a%' type query? A "wildcard" search?

ficuscr
  • 6,975
  • 2
  • 32
  • 52
  • It's fine, and evident :) We were all rookies when we started. Try and view other peoples code, PHP frameworks for example, learn from them, github is a great resource for that. An IDE would also probably help you out a lot - catch things like assigning a value to a variable that you never go on to reference. – ficuscr Jul 18 '18 at 23:05
  • Ok I get you. but how do I change an input data into an array containing values? I'm trying to separate the characters of input data and get them to standalone. same with that from the db? – harrid Jul 18 '18 at 23:06
  • Thanks for the corrections... your second code, looks like a loop to me. Do you mind clarifying a bit. The user input string in my program has no spaces. Its more like a username. e.g... jacksonfive as against yours I love PHP – harrid Jul 18 '18 at 23:53
  • Yes referencing the letters in string and trying to find a match from the queried db data result $systemuser['id']. If two-third of the characters of the string are contained in any of the returned set of IDs( $systemuser['id']), then there's a match. – harrid Jul 19 '18 at 00:02
  • You probably just need to look at function like [strstr](http://php.net/manual/en/function.strstr.php). Sorry, have to run. Maybe look at an existing implementation of [autocomplete](https://jqueryui.com/autocomplete/)? – ficuscr Jul 19 '18 at 00:32