I have searched for a solution to my problem but have so far failed to come across a working solution.
I am trying to update a MySQL table using PHP but I keep getting the Error Undefined index: userid.
Below is all the code for my editUsers.php page. Can anyone see where I am going wrong?
confirm_is_admin();
$sessionid = $_SESSION['userid'];
$query = mysqli_query($db, "SELECT * FROM users JOIN users_in_roles ON users.id = users_in_roles.user_id WHERE users.id != $sessionid");
if(isset($_POST['delete'])){
$deleteid = $_GET['id'];
$deletequery = "DELETE FROM users WHERE id =?";
$deletestatement = $db->prepare($deletequery);
$deletestatement->bind_param('d', $deleteid);
$deletestatement->execute();
$deletestatement->store_result();
$deletesuccessful = $deletestatement->affected_rows == 1 ? true : false;
if($deletesuccessful){
$userid = $deletestatement->delete_id;
$deleteRoleQuery = "DELETE FROM users_in_roles WHERE id=?";
$deleterolestatement = $db->prepare($deleteRoleQuery);
$deleterolestatement->bind_param('d', $userid);
$deleterolestatement->execute();
$deleterolestatement->close();
header('location: editUsers.php');
} else{
echo "Failed";
}
}
if(isset($_REQUEST['update'])){
$updateid = $_REQUEST['id'];
$username = $_REQUEST['username'];
$userrole = $_REQUEST['roleid'];
$userpassword = $_REQUEST['password'];
$updatequery = "UPDATE users SET username=?, password=SHA(?) WHERE id =?";
$updatestatement = $db->prepare($updatequery);
$updatestatement->bind_param('ssd', $username, $password, $updateid);
$updatestatement->execute();
$updatestatement->store_result();
$updateSuccessful = $updatestatement->affected_rows == 1 ? true : false;
if($updateSuccessful){
$userid = $updatestatement->update_id;
$updateRoleQuery = "UPDATE users_in_roles SET role_id=? WHERE id=?";
$updaterolestatement = $db->prepare($updateRoleQuery);
$updaterolestatement->bind_param('dd', $userrole, $userid);
$updaterolestatement->execute();
$updaterolestatement->close();
header('location: editUsers.php');
}
else {
echo "Failed";
}
}
?>
<div id="container">
<?php
$row_count = mysqli_num_rows($query);
if ($row_count == 0) {
echo '<p style="color:red">No User details available</p>';
} elseif ($query) {
while($users = mysqli_fetch_array($query)){
$user_id = $users['id'];
$userrole = $users['role_id'];
$username = $users['username'];
echo '<div class="admin">';
echo '<form method="post" action="editUsers.php"';
echo '<input type="hidden" name="id" value="'.$user_id.'" />';
echo 'Username: <input type="text" name="username" value="'.$username.'" /><br>';
echo 'User Role: <input type="text" name="roleid" value="'.$userrole.'" /><br>(1 = admin, 2 = user)<br>';
echo 'Password: <input type="password" name="password" value="" /><br>';
echo '<input type="submit" name="update" value="Update" /> <input type="submit" name="delete" value="Delete" />';
echo '<br><br></form></div>';
}
}else {
die('There was a problem with the query: ' .$query->error);
}
mysqli_free_result($query);
?>
</div>
In PHP, undefined index usually refers to a hash array expression where you tried to get a key that doesn't currently exist in the hash array.
I see two cases where you are trying to get a key 'userid' that might be causing this error (it would help if you noted which code line is reported with the error).
$sessionid = $_SESSION['userid'];
You might not have a 'userid' key in your session data. You should check if that key is set before you try to read it.
if(isset($_POST['delete'])){
$deleteid = $_GET['userid'];
This is another case where the 'userid' key might not be set in your $_GET superglobal. You should check if it is set before reading it.
I think the 'userid' index your error refers to is the one in the $_SESSION superglobal, and the reason it is not set is that you are not calling session_start() to start/resume a session.