-4

I want to create a registration and login with rest api using PHP mysql in my Application.

This is my code

<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Credential: true');
header('Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Origin, Content-Type, Authorization, Accept, X-Requested-With, x-xsrf-token');
header('Content-Type: application/json; charset=utf-8');

include'config.php';

$postjson = json_decode(file_get_contents('php://input'), true);
$today = date('Y-m-d H:i:s');

if($postjson['aksi'] == 'registration_progress'){
    $emailcheck = mysqli_fetch_array(mysqli_query($mysqli, "SELECT email FROM users WHERE email = '$postjson[email]'"));
    if($emailcheck['email'] == $postjson['email']){
        $result = json_decode(array('success' => false, 'msg' => 'Email Sudah Terdaftar'));
    }else{
        $password= md5($postjson['password']);

        $query = mysqli_query($mysqli, "INSERT INTO users SET
                nama_user = '$postjson[nama_user],
                email     = '$postjson[email],
                password  = '$password,
                createat  = '$today',
        ");
        if($query) $result = json_encode(array('success' => true, 'msg' => 'Registrasi Berhasil !!'));
        else $result = json_encode(array('success' => false, 'msg' => 'Registrasi Gagal !!'));

        echo $result;
    }
}elseif($postjson['aksi'] == 'login_progress'){
    $password = md5($postjson['password']);
    $logindata = mysqli_fetch_array(mysqli_query($mysqli, "SELECT * FROM users WHERE email = '$postjson[email]' AND password = '$password'"));
    $data = array(
        'id_user' => $logindata['id_user'],
        'nama_user' => $logindata['nama_user'],
        'email' => $logindata['email']
    );
    if($logindata){
        $result =json_encode(array('success' => true, 'result' => $data));
    }else{
        $result =json_encode(array('success' => false));
    }
    echo $result;
}

I don't know my error

Notice Trying to access array offset on value of type null in C:\xampp\htdocs\api-ionic\api.php on line 13
Notice: Trying to access array offset on value of type null in C:\xampp\htdocs\api-ionic\api.php on line 31

Shadow
  • 33,525
  • 10
  • 51
  • 64
Sigit Setyo Nugroho
  • 1

3 Answers3

2

I am writing this answer not just to answer your question but to also highlight some critical issues with your code:

First; the answer:

$postjson['aksi'] is line 13. The varible $postjson doesn't exist or is valued as null. You should pre-empt this check with a qualifier to check that this variable is an array and contains the referenced array entity.

if(is_array($postjson)) && array_key_exists( 'aksi',$postjson) 
        && $postjson['aksi'] === 'registration_progress') {
        ...

And do likewise on line 31.

See is_array()
And array_key_exists()

From PHP 8 onwards these notices are now WARNING level errors so try and resolve them sooner rather than later.

Warning

  • STOP USING MD5 AS A PASSWORD. You should be using password_hash() Read Here.

  • CLEAN THE USER DATA ENTERING YOUR DATABASE. Where does this JSON/File data come from? Because you're absolutely not checking or cleaning it before it goes into your database, you are wide open to compromise. There are very good improvements available Read how to use them.

Martin
  • 22,212
  • 11
  • 70
  • 132
-2

The display message is not a Error, just a PHP warning/notice. After PHP 8 whenever a array key doesn't exist, it always display's a NOTICE. Knowing that i can assume that your variable

$postjson = json_decode(file_get_contents('php://input'), true);

does not 'get or has' the specific key 'aksi'. You could try this :

if(isset($postjson['aksi']) && $postjson['aksi'] == 'registration_progress'){
  ....
}elseif(isset($postjson['aksi']) && $postjson['aksi'] == 'login_progress'){
xDiaM0nD
  • 1
  • 1
  • 1
    Actually at/ after PHP 8 the error generated is a WARNING which is a pain in the arse, and a nonsensical idea from PHP developers. – Martin Oct 19 '22 at 14:38
  • @DarkBee indeed, "Notice", "Warning", either way it should be fixed in the code. – Gert B. Oct 19 '22 at 14:41
  • @DarkBee because I can disable the notices in the error reportings but Warnings should not be disabled so I'm left with massive error log files because various dynamically generated SESSION array keys and similar are being checked if they exist and that triggers a WARNING rather than a NOTICE. It's an utter bloat of my erorr logs. – Martin Oct 19 '22 at 14:42
  • 1
    @GertB. No, you miss the point; If an uninstantiated variable is queried normally it always returns false or null; which informs the code that the variable doesn't exist; it's concise and doesn't need any overlay -- now every single reference to a dynamically generated value needs to have a precursor check e.g `if (array_key_exists()...)` which adds code bloat as it doesn't give anything new to the code that wasn't there before (`if ($_SESSION['data'] === "use me"){`) it simply avoids the pointless WARNING error. Code bloat and erorr log bloat. – Martin Oct 19 '22 at 14:46
-2

Line 13:

if($postjson['aksi'] == 'registration_progress'){

$postjson variable does not have index 'aksi'.

Example:

$arr = [
    'a' => 123
];

$arr['b']; // there is no 'b' index in array ()

If you do not know if array contains index, you should first check if it exist:

if(isset($postjson['aksi']) && $postjson['aksi'] == 'registration_progress')

More on isset() function https://www.php.net/manual/en/function.isset.php

Dimitrije Drakulic
  • 16
  • 1
  • 3