Unidentified index error, No results in database

Question

I have tried figuring out what the issue is for 3 days now and I just can't seem to figure it out.

I have creating a website which involves a 'register' page. I have also set up a database via MySQL Workbench and it seems to be fully connected to my website (according to PhpStorm).

issue is, once i fill in the registration details on the page, i get hit with this error which points to my SQL query...

"Notice: Undefined index: first_name in F:\Client Server Side\MVCtemplate\Models\userDataSet.php on line 20" etc..

userDataSet.php code:

<?php

require_once ('Models/Database.php');
require_once ('Models/userData.php');

class userDataSet
{
    protected $_dbHandle, $_dbInstance;

    public function __construct() {
        $this->_dbInstance = Database::getInstance();
        $this->_dbHandle = $this->_dbInstance->getdbConnection();

    }

    public function registerUser()
    {

            $sqlQuery = "INSERT INTO accounts (first_name, last_name, u_name, u_email, u_password, c_password) 
        VALUES ('" . $_POST["first_name"] . "','" . $_POST["last_name"] . "','" . $_POST["u_name"] . "','" . $_POST["u_email"] . "','" . $_POST["u_password"] . "','" . $_POST["c_password"] . "')";


        $statement = $this->_dbHandle->prepare($sqlQuery);
        $statement->execute();

        $dataSet = [];
        while ($row = $statement->fetch()) {
            $dataSet[] = new userData($row);
        }
        return $dataSet;
    }
}

Also get the same error with my "userData.php" page which points to this:

    $first_name = $_POST["first_name"];
    $last_name = $_POST["last_name"];
    $u_name = $_POST["u_name"];
    $u_email = $_POST["u_email"];
    $u_password = $_POST["u_password"];
    $c_password = $_POST["c_password"];


    $dbHandle = new PDO("mysql:host=$host;dbname=$dbName", $username, $password);

    $sqlQuery = "INSERT INTO accounts (first_name, last_name, u_name, u_email, u_password, c_password)
    VALUES ('$first_name, $last_name, $u_name, $u_email, $u_password, $c_password')";

    $statement = $dbHandle->prepare($sqlQuery); //prepare PDO statement
    $statement->execute();

register form code:

<form class="form-horizontal" method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">

                    <div class="form-group">
                        <label for="name" class="cols-sm-2 control-label">First Name</label>
                        <div class="cols-sm-10">
                            <div class="input-group">
                                <span class="input-group-addon"><i class="fa fa-user fa" aria-hidden="true"></i></span>
                                <input type="text" class="form-control" name="first_name" id="first_name"
                                       placeholder="Enter your Name"/>


                            </div>
                        </div>
                    </div>

<div class="form-group ">
                    <button type="submit" value="submit" name="submit"
                            class="btn btn-primary btn-lg btn-block login-button">Register
                    </button>
                    <?php echo "<p class='text-danger'></p>"; ?>
                </div>

You should check the tables, for errors, because the rror message point to that. But when you use prepare statement, please also use bindparameter, because this would still be unsecure. — nbk, Nov 17 '19 at 15:44
What exactly is in "line 20"? I guess the `$_POST` array doesn't contain `first_name`. Check the content with `var_dump($_POST)`. Then check your HTML form. — Paul Spiegel, Nov 17 '19 at 15:45
Also see: [how-can-i-prevent-sql-injection-in-php](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) and [notice-undefined-variable-notice-undefined-index-and-notice-undefined](https://stackoverflow.com/questions/4261133/notice-undefined-variable-notice-undefined-index-and-notice-undefined) and [cargo_cult_prepared_statement](https://phpdelusions.net/pdo/cargo_cult_prepared_statement) — Paul Spiegel, Nov 17 '19 at 15:48
Where is your 'register' page code? the problem lies in there. — Jim.B, Nov 17 '19 at 15:58

score -1 · Answer 1 · answered Nov 17 '19 at 16:13

-1

The error is due to the HTML form you are submitting to the script, which does not contain an input with the name attribute first_name.

Your code is also very insecure as it is open to SQL injection, FYI.

It is also possible your <form method is not set to POST

answered Nov 17 '19 at 16:13

Alfie

2,341
2
28
45

I have the correct attribute and form method. – jay dad Nov 17 '19 at 16:26
Please post the code for your form, the issue is certainly caused there – Alfie Nov 17 '19 at 16:31
i have posted my register form code. – jay dad Nov 17 '19 at 16:39
is that the whole thing? where's the submit element and the closing tag? – Alfie Nov 17 '19 at 16:41
its pretty long hence why i just shown the form attributes. – jay dad Nov 17 '19 at 16:44
I have posted the submit element now. – jay dad Nov 17 '19 at 16:46
I agree there are no issues with the snippet you have shown, but I am still convinced the error lies in your form. Have you tried looking at the data that gets submitted in the Network section of your browser's developer tools? – Alfie Nov 17 '19 at 16:48

Unidentified index error, No results in database

1 Answers1