Wrox Programmer Forums
Go Back   Wrox Programmer Forums > PHP/MySQL > Beginning PHP
Reload this Page Error with variable..maybe register globals
|
Beginning PHP Beginning-level PHP discussions. More advanced coders should post to the Pro PHP forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Beginning PHP section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old November 19th, 2003, 02:44 PM
Registered User
  
Join Date: Nov 2003
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Error with variable..maybe register globals
Hi everyone,

I am Re-writing a script that allows me to edit content in the database. I am trying to write it with global varibles turned off for security reasons. But I keep getting an error on the page so the script will not work. With global set to on the script still displays an error but it works.

Please help me before I go insane.


ERROR
-------------------------
Notice: Undefined variable: action in C:\Program Files\Apache Group\Apache2\htdocs\site\about1.php on line 5



Code:
<?

include("inc/conn.php");

if($action=="Modify Content")
{
    if ($upfile_name != "")
        {
        $sql_delete = "Select upfile FROM about
                        WHERE id = \"1\"
                        ";
        $result_delete = @mysql_query($sql_delete,$connection) or die("Couldn't execute query.");
        while ($row_delete = mysql_fetch_array($result_delete)) 
            {
            $upfile_delete = $row_delete['upfile'];
            #Try to delete the image if there is one.....
            if ($upfile_delete <> "")
                {
                $file = "$upfile_delete";
                unlink("aboutimage/$file");
                }
            }

        move_uploaded_file($upfile, "aboutimage/$upfile_name")
                or die("The file name you chose for your image is already being used, please use the back button on your browser, change the image file name and try adding it again.");

        $setlist = "content = \"$content\", upfile = \"$upfile_name\"";
        }
    else
        {
        $setlist = "content = \"$content\"";
        }
    $sql = "UPDATE about SET $setlist WHERE id = '1'";
    if(@mysql_query($sql))
        {
        header("Location: admin_menu.php");
        exit;
        }
    else
        {
        header("Location: error.php");
        exit;
        }
}

$sql99 = "SELECT *
        FROM about
        WHERE id = \"1\"
        ";
$result99 = @mysql_query($sql99,$connection) or die("Couldn't execute query.");

while ($row99 = mysql_fetch_array($result99)) 
    {
    $id = $row99['id'];
    $content = $row99['content'];
    $upfile = $row99['upfile'];
    }


?>


<blockquote>
        <table bgcolor="#D7D7D7" border=1>
        <tr>
        <td>
            <FORM METHOD=POST ACTION="about1.php" ENCTYPE="multipart/form-data">
            <table>
            <tr>
                <td colspan=2><span class="maintext"><B>About</B></span></td>
            </tr>
            <tr>
                <td valign=top><span class="maintext"><B>Content:</B></span></td>
                <td><textarea NAME="content" cols=55 rows=20><? echo $content; ?></textarea></td>
            </tr>
            <tr>
                <td colspan=2><span class="maintext"><B>Current File: </B><? echo $upfile; ?></span></td>
            </tr>
            <tr>
                <td><span class="maintext"><B>File:</B></span></td>
                <td><INPUT TYPE="file" NAME="upfile" size=35></td>
            </tr>
            <tr>
                <td colspan=2 align=center><INPUT TYPE="submit" name="action" value="Modify Content"></td>
            </tr>
            </table>
            </FORM>
        </td>
        </tr>
        </table>
    </blockquote>
 
Old November 19th, 2003, 03:31 PM
Friend of Wrox
  
Join Date: Jun 2003
Posts: 836
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Your error message says that $action is undefined. If you have register_globals off, you should be using $_POST['action'], and you should also check for its existence first using isset().

There are LOTS of posts in these forums about this, so anything else I add would be just repeating what's been said hundreds of times. Rich (quesadilla5) and I both have posted very detailed messages about this to these lists. Read the FAQ and then try a site-wide search:

  http://p2p.wrox.com/archive/beginnin...2002-11/17.asp
  http://www.google.com/search?q=site:...ster%5Fglobals


Take care,

Nik
http://www.bigaction.org/





Similar Threads
Thread Thread Starter Forum Replies Last Post
PHP register globals question Charagrin BOOK: Beginning PHP, Apache, MySQL Web Development ISBN: 978-0-7645-5744-6 1 February 6th, 2006 06:02 PM
Register Globals File Upload Problem fshequin Beginning PHP 0 April 24th, 2005 11:56 PM
register globals problem nulogix Beginning PHP 4 June 16th, 2004 08:49 AM
Register Globals Off cmiller Beginning PHP 4 August 18th, 2003 05:21 PM
Code depending on Register Globals char Beginning PHP 2 July 31st, 2003 11:45 AM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.