I have an error when I load my page

Question

1.00/5 (2 votes)

See more:

Please help i have succeed to send data to my data base but on load  error showing on top of the page "Notice: Undefined index: uname in C:\xampp\htdocs\bbaluchistan.com\Suggestions.php on line 18 , line 19 . line 22 .line 29 .line 31 . line 33. line 35,

What I have tried:

<pre><!DOCTYPE>
<?php
$server="localhost";
$user="root";
$pass="";
$database="sug";

$con=mysql_connect($server,$user,$pass);
$db=mysql_select_db($database,$con);

if(!$con && !db)
{
}
else
{
$uname=$_POST["uname"];
$coments=$_POST["coments"];

if ($_FILES["upload"]["error"] > 0)
 
{
echo "Error: " . $_FILES["upload"]["error"]. "<br>";
}
else
{
$name=$_FILES["upload"]["name"];
	
	$type=$_FILES["upload"]["type"]; 
	
	$size=$_FILES["upload"]["size"] /1024;
	
	$path=$_FILES["upload"]["tmp_name"];
	
	$name=preg_replace("/\s+/","-",$name);
	$picname=pathinfo($name, PATHINFO_FILENAME);
	$picext=pathinfo($name, PATHINFO_EXTENSION);
	$mix=$picname . date("YmjHis") . "." .$picext;

	move_uploaded_file($path, "pictures/" . $mix);		
	
$sql = "INSERT INTO sugt (sr,name,coments,upload) VALUES(NULL,'$uname','$coments','$mix')";

  mysql_query($sql);

}
}
  
?>

<table  width="450" height="150"  >
    <form   action="" method="post" enctype="multipart/form-data">
    <tr>
    <td width="200">Name</td>.
    <td><input type="text" size="38" placeholder="Type Name" name="uname"></td>
    </tr>   
   
    <tr>
    <td width="200">Your suggestion</td>
    <td><textarea cols="42"  rows="7" placeholder="Type Your suggestions" name="coments"></textarea></td>
    </tr>
    
    <tr>
    <td width="200">Upload File</td>
    <td><input type="file" name="upload"></td>
    </tr>
    
    <tr>
    <td colspan="2" align="right">
    <input type="submit" value="Submit">
    <input type="reset" value="Reset">
    </td>
    </tr>
   	</form>
    </table>

Posted 2-Apr-20 9:16am

Member 14790660

Updated 3-Apr-20 9:07am

Dave Kreskowiak

v2

Add a Solution

Comments

Richard Deeming 2-Apr-20 16:35pm

Don't do it like that!

Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

PHP: SQL Injection - Manual[^]

ZurdoDev 3-Apr-20 7:07am

Figure out which line is line 18 and then see why you have an undefined index.

Member 14790660 3-Apr-20 8:51am

I can't understand error still please give me any solution.

ZurdoDev 3-Apr-20 16:20pm

Did you do what I suggested?

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

W∴ Balboos, *GHB* · Answer 1 · 2020-04-03T09:09:00

Here's a way to let you see what there is to see:

In the action file, add the line:

JavaScript

print_r($_POST);

It will dump the entire contents of the $_POST array - you can see what's there and what's not. Another thing to try: change the method to 'get' -and then you can see the results in the URL (don't forget to change how you reference(read) the data!).

A shortcut, by the way, is to retrieve $_REQUEST - which works for both post and get methods - it has a minor drawback (if both methods use the same name= for example) but it's not that easy to do without trying.

In any case - this lets you see what it is your sending and receiving - and don't forget that php is case sensitive.