Undefined index with $_POST [duplicate]

2020-01-24 12:01发布

站内问答 / PHP
1542 10 4

I am trying to relearn some PHP basics for making a simple login script, however I get an error I have not received before(I made the same script a little over a year ago and never had this error. I simplified the code as much as I could to test to see which area was problematic and here is the issue:

<?php
$user = $_POST["username"];
if($user != null)
{
    echo $user;
    echo " is your username";
}
else
{
    echo "no username supplied";
}
?>

Now this code works fine when I send a variable to the script, but when no variable is supplied it spits out an error. In theory this will be fine because if no username/pass is supplied then an error is expected. I will be checking to make sure of this before the code is send to the script, however I fear that somehow a blank string may leak through and spit out some unknown error. Here is the error I get:

( ! ) Notice: Undefined index: username in C:\wamp\www\verify_login.php on line 2

Call Stack

    Time    Memory  Function    Location
1   0.0003  668576  {main}( )   ..\verify_login.php:0

no username supplied

as you can see the code registers that no variable was supplied, but it gives out and error that I assume means that a variable was not found were one was expected or something like that. Can someone please clarify this for me?

10条回答
相关推荐>>
2楼-- · 2020-01-24 12:54

try

if(isset($_POST['username']))
    echo $_POST['username']." is your username";
else
    echo "no username supplied";
查看更多
0人赞 添加讨论(0) 举报
Ridiculous、
3楼-- · 2020-01-24 12:58

Try this:

I use this everywhere where there is a $_POST request. 

$username=isset($_POST['username']) ? $_POST['username'] : "";

This is just a short hand boolean, if isset it will set it to $_POST['username'], if not then it will set it to an empty string.

Usage example:

if($username===""){ echo "Field is blank" } else { echo "Success" };
查看更多
0人赞 添加讨论(0) 举报
虎瘦雄心在
4楼-- · 2020-01-24 13:01

Prior to PHP 5.2.0 and above you should use filter_input() which is especially created for that to get a specific external user inputs such as get, post or cookie variables by name and optionally filters it to avoid any XSS/Injection attacks on your site. For example:

$user = filter_input(INPUT_POST, 'username');

You may use one of INPUT_GET, INPUT_POST, INPUT_COOKIE, INPUT_SERVER, or INPUT_ENV.

By using optional 3rd argument, you can extend it by variety of filters (for validating, sanitizing, filtering or other), e.g. FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_ENCODED, etc.

For example:

<?php
$search_html = filter_input(INPUT_GET, 'search', FILTER_SANITIZE_SPECIAL_CHARS);
$search_url = filter_input(INPUT_GET, 'search', FILTER_SANITIZE_ENCODED);
echo "You have searched for $search_html.\n";
echo "<a href='?search=$search_url'>Search again.</a>";
?>

The syntax is:

mixed filter_input ( int $type , string $variable_name [, int $filter = FILTER_DEFAULT [, mixed $options ]] )

(PHP 5 >= 5.2.0, PHP 7)

See also: Why is better to use filter_input()?

查看更多
0人赞 添加讨论(0) 举报
Juvenile、少年°
5楼-- · 2020-01-24 13:02

When you say:

$user = $_POST["username"];

You're asking the PHP interpreter to assign $user the value of the $_POST array that has a key (or index) of username. If it doesn't exist, PHP throws a fit.

Use isset($_POST['user']) to check for the existence of that variable:

if (isset($_POST['user'])) {
  $user = $_POST["username"];
  ...
查看更多
0人赞 添加讨论(0) 举报
上一页 1 2
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)