I am a noob when it comes to PHP and other dev stuff. Anyways, I have tried to find a solution for it since the last two days. I searched almost everywhere. So, I was trying to integrate a design into a GPT script using XAMPP, but I am shown a bunch of errors each time I try to go to localhost/gpt where the files are. Top of the page shows this:-
"; }}}} if(isset($_SESSION['username']) && isset($_SESSION['password'])){ header("Location: members.php"); } ?>
Notice: Undefined index: username in C:\xampp\htdocs\gpt\includes.php on line 3
Deprecated: mysql_query(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in C:\xampp\htdocs\gpt\includes.php on line 3
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\gpt\includes.php on line 3
Notice: Trying to get property of non-object in C:\xampp\htdocs\gpt\includes.php on line 9
Notice: Trying to get property of non-object in C:\xampp\htdocs\gpt\includes.php on line 14
Notice: Trying to get property of non-object in C:\xampp\htdocs\gpt\includes.php on line 15
Notice: Trying to get property of non-object in C:\xampp\htdocs\gpt\includes.php on line 16
I tried adding error_reporting (E_ALL ^ E_NOTICE); to the top of config.php and includes.php and then the errors were reduced to this:-
"; }}}} if(isset($_SESSION['username']) && isset($_SESSION['password'])){ header("Location: members.php"); } ?>
Deprecated: mysql_query(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in C:\xampp\htdocs\gpt\includes.php on line 4
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\gpt\includes.php on line 4
I've also tried adding session_start(); to every page. Anyways, these are the pages involved:-
config.php
<?
session_start();ob_start();
$hostname = "localhost"; //your hostname (normally localhost)
$data_username = "root"; //database username
$data_password = ""; //database password
$data_basename = "gpt"; //database name
$conn = mysql_connect("".$hostname."","".$data_username."","".$data_password."");
mysql_select_db("".$data_basename."") or die(mysql_error());
$bonuspoints=10; //bonus points awarded for new users
$mainpointsneeded=200; //max number of points needed before user can request voucher
?>
includes.php
<?php
error_reporting (E_ALL ^ E_NOTICE);
session_start();
$fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE username='".$_SESSION['username']."'"));
$title= "My Voucher Geek"; //your site title
$yourdomain="http://localhost/gpt"; //your domain name where script is installed - do not use trailing slash
$tweetmsg="Get Amazon and ASOS gift vouchers for free at http://www.myvouchergeek.com"; //set text for tweet this button on homepage
$bonuspoints= 10; //amount of bonus points to give to users
$refer_points=2; //amount of points a user receives if one of their referred users completes any survey
$ref_id=$fetch_users_data->id;
if(isset($_GET['join'])){
$referral_ID = $_GET['join'];
$referral_string= "?join=".$referral_ID;
}
$membername= $fetch_users_data->username; //don't change
$memberpoints=$fetch_users_data->points; //don't change
$membersurveys=$fetch_users_data->completed_surveys; //don't change
$earnedpoints = $memberpoints - $bonuspoints;//if you want to display how many points user has earned (as opposed to bonus points)
$mainpointsneeded = 200; //total points needed before user can request a voucher
$pointsneeded= $mainpointsneeded - $memberpoints; //points left before they can request voucher
$contactemail = "YOUR_EMAIL_ADDRESS"; //contact form messages will be sent here
$requestemail = "THE_SAME_OR_ANOTHER_EMAIL_ADDRESS"; //request a voucher messages will be sent here
?>
index.php
<?
session_start();
include_once"config.php";
if(isset($_POST['login'])){
$username= trim($_POST['username']);
$password = trim($_POST['password']);
if($username == NULL OR $password == NULL){
$final_report.="Please complete both fields";
}else{
$check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
if(mysql_num_rows($check_user_data) == 0){
$final_report.="This username does not exist";
}else{
$get_user_data = mysql_fetch_array($check_user_data);
if($get_user_data['password'] == $password){
$start_idsess = $_SESSION['username'] = "".$get_user_data['username']."";
$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";
$final_report.="<meta http-equiv='Refresh' content='0; URL=members.php'/>";
}}}}
if(isset($_SESSION['username']) && isset($_SESSION['password'])){
header("Location: members.php");
}
?>
<?php include("includes.php");?>
<HTML>HTML_CONTENT</HTML>
Those are warnings that all mysql_* functions are deprecated and you shouldn't be using them anymore. If you don't want the warnings to show up you need to move your error reporting setting before you use the functions. Right now you have error_reporting (E_ALL ^ E_NOTICE); at the top of includes.php which is the last thing that gets called. You should move it to the top of config.php. Also with the error settings you have now you are showing all errors except Notices so warnings will still show up. If you want to hide warnings and/or deprecated error entries you need to change it to:
error_reporting(E_ERROR);
Also you should change these lines, you don't need the quotes:
//$conn = mysql_connect("".$hostname."","".$data_username."","".$data_password."");
//mysql_select_db("".$data_basename."") or die(mysql_error());
$conn = mysql_connect($hostname,$data_username,$data_password);
mysql_select_db($data_basename) or die(mysql_error());
Also right now your script is very insecure. $username doesn't get filtered before it is sent to the db.
You have other places where you have $variable1 = "".$variable2."" these double quotes you have a worthless. You can just say $variable = $variable2;