Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > PHP/MySQL > Beginning PHP
Password Reminder
Register
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Beginning PHP Beginning-level PHP discussions. More advanced coders should post to the Pro PHP forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Beginning PHP section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old November 19th, 2003, 02:44 PM
Registered User
 
Join Date: Nov 2003
Location: , , .
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Error with variable..maybe register globals

Hi everyone,

I am Re-writing a script that allows me to edit content in the database. I am trying to write it with global varibles turned off for security reasons. But I keep getting an error on the page so the script will not work. With global set to on the script still displays an error but it works.

Please help me before I go insane.


ERROR
-------------------------
Notice: Undefined variable: action in C:\Program Files\Apache Group\Apache2\htdocs\site\about1.php on line 5



Code:
<?

include("inc/conn.php");

if($action=="Modify Content")
{
    if ($upfile_name != "")
        {
        $sql_delete = "Select upfile FROM about
                        WHERE id = \"1\"
                        ";
        $result_delete = @mysql_query($sql_delete,$connection) or die("Couldn't execute query.");
        while ($row_delete = mysql_fetch_array($result_delete)) 
            {
            $upfile_delete = $row_delete['upfile'];
            #Try to delete the image if there is one.....
            if ($upfile_delete <> "")
                {
                $file = "$upfile_delete";
                unlink("aboutimage/$file");
                }
            }

        move_uploaded_file($upfile, "aboutimage/$upfile_name")
                or die("The file name you chose for your image is already being used, please use the back button on your browser, change the image file name and try adding it again.");

        $setlist = "content = \"$content\", upfile = \"$upfile_name\"";
        }
    else
        {
        $setlist = "content = \"$content\"";
        }
    $sql = "UPDATE about SET $setlist WHERE id = '1'";
    if(@mysql_query($sql))
        {
        header("Location: admin_menu.php");
        exit;
        }
    else
        {
        header("Location: error.php");
        exit;
        }
}

$sql99 = "SELECT *
        FROM about
        WHERE id = \"1\"
        ";
$result99 = @mysql_query($sql99,$connection) or die("Couldn't execute query.");

while ($row99 = mysql_fetch_array($result99)) 
    {
    $id = $row99['id'];
    $content = $row99['content'];
    $upfile = $row99['upfile'];
    }


?>


<blockquote>
        <table bgcolor="#D7D7D7" border=1>
        <tr>
        <td>
            <FORM METHOD=POST ACTION="about1.php" ENCTYPE="multipart/form-data">
            <table>
            <tr>
                <td colspan=2><span class="maintext"><B>About</B></span></td>
            </tr>
            <tr>
                <td valign=top><span class="maintext"><B>Content:</B></span></td>
                <td><textarea NAME="content" cols=55 rows=20><? echo $content; ?></textarea></td>
            </tr>
            <tr>
                <td colspan=2><span class="maintext"><B>Current File: </B><? echo $upfile; ?></span></td>
            </tr>
            <tr>
                <td><span class="maintext"><B>File:</B></span></td>
                <td><INPUT TYPE="file" NAME="upfile" size=35></td>
            </tr>
            <tr>
                <td colspan=2 align=center><INPUT TYPE="submit" name="action" value="Modify Content"></td>
            </tr>
            </table>
            </FORM>
        </td>
        </tr>
        </table>
    </blockquote>
Reply With Quote
  #2 (permalink)  
Old November 19th, 2003, 03:31 PM
Friend of Wrox
Points: 2,570, Level: 21
Points: 2,570, Level: 21 Points: 2,570, Level: 21 Points: 2,570, Level: 21
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: San Diego, CA, USA
Posts: 836
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Your error message says that $action is undefined. If you have register_globals off, you should be using $_POST['action'], and you should also check for its existence first using isset().

There are LOTS of posts in these forums about this, so anything else I add would be just repeating what's been said hundreds of times. Rich (quesadilla5) and I both have posted very detailed messages about this to these lists. Read the FAQ and then try a site-wide search:

  http://p2p.wrox.com/archive/beginnin...2002-11/17.asp
  http://www.google.com/search?q=site:...ster%5Fglobals


Take care,

Nik
http://www.bigaction.org/
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PHP register globals question Charagrin BOOK: Beginning PHP, Apache, MySQL Web Development ISBN: 978-0-7645-5744-6 1 February 6th, 2006 06:02 PM
Register Globals File Upload Problem fshequin Beginning PHP 0 April 24th, 2005 11:56 PM
register globals problem nulogix Beginning PHP 4 June 16th, 2004 08:49 AM
Register Globals Off cmiller Beginning PHP 4 August 18th, 2003 05:21 PM
Code depending on Register Globals char Beginning PHP 2 July 31st, 2003 11:45 AM



All times are GMT -4. The time now is 10:43 PM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.