Is $showAlert defined on line 38 in login.php?

AtulSharma
May 20, 2023
234 views
0 votes
2 Answers

I am newbie learning PHP, and I think my problem is that I can’t pass a variable value from HTML to PHP:

I have one page, called login.php. Here it is its code, along with its HTML code as well:

<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $showAlert = false;
    $showError = false;
    include 'partials/_dbconnect.php';
    $username = $_POST["username"];
    $password = $_POST["password"];
    $cpassword = $_POST["cpassword"];
    $exists = false;
    if (($password == $cpassword) && $exists == false) {
        $sql = "INSERT INTO `snousersinfo` (`username`, `password`, `date`) VALUES ('$username', '$password', current_timestamp())";

        $result = mysqli_query($conn, $sql);
        if ($result) {
            $showAlert = true;
        }
        else {
            $showError = "Passwords don't match";
        }
    }
}
?>

<html lang="en">
<head>
</head>

<body>
<?php
    if ($showAlert) {
        echo '<div class="alert alert-success alert-dismissible fade show" role="alert">
        <strong>Done!</strong> You account is now created.
        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
    </div>';}
    ?>

Here i’m getting problem with the $showAlert. Xamp is giving warning like :-

Warning: Undefined variable $showAlert in C:xampphtdocslogin with phplogin.php on line 38

so iam nit able to run my code with this problem.
If anyone is here to clear my error then please help me out of this.

Tags: html php

Answers

- ArmanGharavi
- May 20, 2023 at 9:24 pm
- 0 votes
0
It appears that you may be experiencing an issue where the $showAlert variable is not being set correctly, which is causing problems when checking it in the if ($showAlert) statement.

Based on your code, it seems that the $showAlert variable is only set to true inside the conditional block where the query is executed successfully. However, if the condition is not met, the variable remains undefined, resulting in the warning you mentioned.

To address this, you can initialize the $showAlert variable at the beginning of your code outside the if ($_SERVER["REQUEST_METHOD"] == "POST") block, and set it to false initially:
```
$showAlert = false;

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    // Rest of your code
}
```
By doing this, you ensure that $showAlert is always defined, even if the POST request condition is not satisfied (like when request is GET). This should help resolve the issue you’re facing.

And about MySQL injection, it’s important to take security precautions when working with user inputs. In your code, you’re directly using the $_POST values in your SQL query. This approach can potentially expose your application to SQL injection attacks.

To mitigate this risk, it’s recommended to use prepared statements or parameterized queries. Prepared statements allow you to separate the SQL logic from the data values, preventing malicious SQL code from being executed.
```
// Your existing code...

$stmt = $conn->prepare("INSERT INTO `snousersinfo` (`username`, `password`, `date`) VALUES (?, ?, current_timestamp())");
$stmt->bind_param("ss", $username, $password);
$result = $stmt->execute();

// Your existing code...
```
If you have any further questions or need additional assistance, feel free to ask.
Good luck with your PHP learning!
Login or Signup to reply.

- YirnickvanDijk
- May 20, 2023 at 9:26 pm
- 0 votes
0
It seems like you don’t POST anything. and you make the variable $showAlert after something is posted. in the lower part of the code you already try to access the variable while it’s not declared because you didn’t posting anything. I would recommend declaring the $showAlert variable just above the if-statement with the post-check about like this:

$showAlert = false;

if ($_SERVER["REQUEST_METHOD"] == "POST") {

I hope this will help.

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.