I have a php form but everytime I open up the php document it is on, I keep getting these php notice errors:
Notice: Undefined index: sessionid in /web/stud/u0867587/MOBILEPHP/exam_interface.php on line 37
Notice: Undefined index: moduleid in /web/stud/u0867587/MOBILEPHP/exam_interface.php on line 38
Notice: Undefined index: teacherid in /web/stud/u0867587/MOBILEPHP/exam_interface.php on line 39
Notice: Undefined index: studentid in /web/stud/u0867587/MOBILEPHP/exam_interface.php on line 40
Notice: Undefined index: grade in /web/stud/u0867587/MOBILEPHP/exam_interface.php on line 41
When I click on the submit button the notices go away but what do I need to do so that when I open up the php document, there are no notice errors on undefined index?
Below is the coding:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Exam Interface</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<form action="exam_interface.php" method="post" name="sessionform"> <!-- This will post the form to its own page"-->
<p>Session ID: <input type="text" name="sessionid" /></p> <!-- Enter Session Id here-->
<p>Module Number: <input type="text" name="moduleid" /></p> <!-- Enter Module Id here-->
<p>Teacher Username: <input type="text" name="teacherid" /></p> <!-- Enter Teacher here-->
<p>Student Username: <input type="text" name="studentid" /></p> <!-- Enter User Id here-->
<p>Grade: <input type="text" name="grade" /></p> <!-- Enter Grade here-->
<p>Order Results By: <select name="order">
<option name="noorder">Don't Order Results</option>
<option name="ordersessionid">Session ID</option>
<option name="ordermoduleid">Module Number</option>
<option name="orderteacherid">Teacher Username</option>
<option name="orderstudentid">Student Username</option>
<option name="ordergrade">Grade</option>
</select>
<p><input type="submit" value="Submit" /></p>
</form>
<?php
$username="u0867587";
$password="xxxxxxx";
$database="mobile_app";
mysql_connect('localhost',$username,$password);
@mysql_select_db($database) or die("Unable to select database");
$sessionid = $_POST['sessionid'];
$moduleid = $_POST['moduleid'];
$teacherid = $_POST['teacherid'];
$studentid = $_POST['studentid'];
$grade = $_POST['grade'];
$result = mysql_query("SELECT * FROM Module m INNER JOIN Session s ON m.ModuleId = s.ModuleId JOIN Grade_Report gr ON s.SessionId = gr.SessionId JOIN Student st ON gr.StudentId = st.StudentId WHERE ('$sessionid' = '' OR gr.SessionId = '$sessionid') AND ('$moduleid' = '' OR m.ModuleId = '$moduleid') AND ('$teacherid' = '' OR s.TeacherId = '$teacherid') AND ('$studentid' = '' OR gr.StudentId = '$studentid') AND ('$grade' = '' OR gr.Grade = '$grade')");
$num=mysql_numrows($result);
echo "<table border='1'>
<tr>
<th>Student Id</th>
<th>Forename</th>
<th>Session Id</th>
<th>Grade</th>
<th>Mark</th>
<th>Module</th>
<th>Teacher</th>
</tr>";
while ($row = mysql_fetch_array($result)){
echo "<tr>";
echo "<td>" . $row['StudentId'] . "</td>";
echo "<td>" . $row['Forename'] . "</td>";
echo "<td>" . $row['SessionId'] . "</td>";
echo "<td>" . $row['Grade'] . "</td>";
echo "<td>" . $row['Mark'] . "</td>";
echo "<td>" . $row['ModuleName'] . "</td>";
echo "<td>" . $row['TeacherId'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysql_close();
?>
</body>
</html>
That is because the form hasn’t posted yet, and these values are empty. Replace with something like:
And these must be sanitized before used in a database query, to protect your application from SQL injection attacks.
It is highly advisable to remove the
@from your database calls, as it hides error messages that may result from those calls. Instead, useini_set("display_errors", 0);to avoid errors showing onscreen in your production code.