I get always this error:
PHP Notice: Undefined index: selecting-message in /content-protection.php on line 390" and I have tried for many hours to solve this.
I hope someone can help me.
Line 390 Code:
$message = $_POST['selecting-message'];
$update = mysqli_query($connect, "UPDATE `$table` SET enabled='$enabled', alert='$alert', message='$message' WHERE id=14");
echo '<meta http-equiv="refresh" content="0;url=content-protection">';
}
The notice is telling you that the POST array does not contain an element with the key selecting-message. That could be an empty field on your form from the previous page, a typo or any number of other reasons WHY it doesn't exist.
Simply check for a value instead of assuming it is there:
if ( isset ( $_POST['selecting-message'] ) ) {
$message = $_POST['selecting-message'];
$update = mysqli_query($connect, "UPDATE `$table` SET enabled='$enabled', alert='$alert', message='$message' WHERE id=14");
echo '<meta http-equiv="refresh" content="0;url=content-protection">';
}
I find the 'unexpected end of file' error is usually caused by an unbalanced brace '{}'somewhere in the code. Check through it and see if there's a '{' somewhere without a corresponding '}'
kev.
You should maybe read something on SQL injections. Passing an POST value directly into a query without sanitizing will end in a hacked website.
It's a simple PHP web shell, as mentioned above allowing code execution on your web server. Better get rid of it and harden your application