This question already has an answer here:
it's me again. I tried to make comments to my website and apparently it is working :/, like in the database it shows inserted values, but every time I refresh the page or go to the page, I get this error:
Notice: Undefined index: user_comment_name in /home/kall0467/public_html/svale_rejser/comments.php on line 38 Notice: Undefined index: user_comment_message in /home/kall0467/public_html/svale_rejser/comments.php on line 39 1 record added
I've been trying to figure it out for 2 days. Here's the code:
<?php
$con = mysql_connect("URL","username","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("database", $con);
$result = mysql_query("SELECT * FROM comments");
echo "<table border='1'>
<tr>
<th>Username</th>
<th>Comment</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['username'] . "</td>";
echo "<td>" . $row['comment'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysql_close($con);
$con1=mysqli_connect("url","username","password","db-name");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$user_comment_name = $_POST['user_comment_name'];
$user_comment_message = $_POST['user_comment_message'];
$sql1="INSERT INTO user_comment (user_comment_name, user_comment_message)
VALUES
('$user_comment_name','$user_comment_message')";
if (!mysqli_query($con1,$sql1))
{
die('Error: ' . mysqli_error($con1));
}
echo "1 record added";
mysqli_close($con1);
?>
<form action="" method="post">
Name <input type="text" name="user_comment_name">
Message <input type="text" name="user_comment_message">
<input type="submit">
</form>
The weird thing is that when I put the second the mysqli connection into another file called insert.php (for example) and put into the then it works, but it directs me to a white page which I dont want. All help appreciated guys! Cheers :)
</div>
The notice error is originating from the fact that you are redirecting/viewing the page:
$user_comment_name = $_POST['user_comment_name'];
This line expects your page to be loaded when submitting values through POST.
In order to validate whether this information is actually posted you should check:
if( isset($_POST)) for instance
Additionally (adding to @h2ooooooo's comment) be aware that you are inserting data from user submitted POST values directly into the database without sanitation. This said, anyone can hack your database with your current setup. Also try to move to prepared statements, available in mysqli_ functions and PDO, refrain from writing new code based on mysql_* function. They are considered bad practice and will be dropped from PHP all together in the near future.
You can solve this error using @(error control operator in php) like below
$user_comment_name = @$_POST['user_comment_name'];
$user_comment_message = @$_POST['user_comment_message'];
But it is not the correct way its just control the error. In your code before value fetching and inserting you have to set if(isset) condition
Example
if(isset($_POST['submit']))
{
$user_comment_name = $_POST['user_comment_name'];
$user_comment_message = $_POST['user_comment_message'];
$sql1="INSERT INTO user_comment (user_comment_name, user_comment_message)
VALUES
('$user_comment_name','$user_comment_message')";
if (!mysqli_query($con1,$sql1))
{
die('Error: ' . mysqli_error($con1));
}
echo "1 record added";
mysqli_close($con1);
}