Notice: Undefined variable

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Bentot
    New Member
    • Mar 2010
    • 5
    #1

    Notice: Undefined variable

    Thank you. I have another problem with Form.
    I have this code in my first formpage01.php
    Code:
    <form method="post" action="hiUser.php">
Please type your name: <input type="text" name="userName" value="" />
<br />
<input type="submit" />
</form>

    And here's my code in hiUser.php
    Code:
    <?php 
print "<h3>Hi there, $userName</h3>";
?>
    The ERROR when I hit the Submit button is:
    Notice: Undefined variable: userName in C:\wamp\www\php Practice\hiUser .php on line 13
    Thanks in advance
    Last edited by Atli; Mar 23 '10, 06:44 PM. Reason: Added [code] tags.
    Tags: None
    • Atli
      Recognized Expert Expert
      • Nov 2006
      • 5062
      #2
      This is because you need to use the $_POST or $_GET arrays to read data posted to PHP by a <form>. Which on you should use depends on the "method" attribute of the form.

      In your case, you should use $_POST:
      [code=php]$userName = $_POST['userName'];
      print "<h3>Hi there, $userName</h3>";[/code]

      Also, for future reference, when you print "external" or "unsafe" data -- which is basically everything that is not "hard coded" into your code -- into a HTML page, you should run it through htmlentities before printing it.
      [code=php]$userName = htmlentities($_ POST['userName'], ENT_QUOTES, "ISO-8859-1");
      print "<h3>Hi there, $userName</h3>";[/code]
      (Note that if you use a different charset, like UTF-8, you need to change the third parameter to reflect that.)

      P.S.
      What you did in your code is possible, using the now obsolete register_global s directive. But that feature has been made deprecated for security reasons and will be removed in future versions of PHP, so it is a bad idea to keep using it.

      P.P.S.
      I've split this question from your other thread into it's own thread. Please post new questions in new threads.

        Comment

        • Bentot
          New Member
          • Mar 2010
          • 5
          #3
          Thanks for replying. Sorry about the new question. Actually I solved my problem while waiting for an answer. I Googled again and I found out that register_global is probably off so I wrote the following code at the top of my hiUser.php page:
          Code:
          <?php 
$userName = $_REQUEST["userName"];
?>
          I also tried your suggestion $userName = $_POST['userName']; just now and it worked as well. Which one should I use?

          Thanks
          Last edited by Atli; Mar 23 '10, 07:52 PM. Reason: Added [code] tags.

            Comment

            • Atli
              Recognized Expert Expert
              • Nov 2006
              • 5062
              #4
              It's generally better to avoid using $_REQUEST. It contains all the values of $_GET, $_POST and $_COOKIE, meaning that if any of them contain elements with the same name, one will overwrite the other.

              You will also never be sure where the variable is coming from if you use $_REQUEST. It could be coming from any of the three sources. For example, if you use $_REQUEST in your script, and rather than using the form to post to it you just enter the URL of the "action" page directly, like so:
              - http://example.com/action.php?userName=xyz
              This will also be considered valid, even tho you didn't go through the form.

                Comment

                • Bentot
                  New Member
                  • Mar 2010
                  • 5
                  #5
                  ok I'll do that.

                  Thank you very much.

                    Comment

                    Previous template Next
                    Working...