0

I have a php file say p1.php that is getting data from another php file say p2.php which is accessed in p1.php via $_GET. Now the data in $_GET is being saved in a variable $totPrice. p1.php also has a form that is referencing to itself and some processing is done with a MySql database. I am getting an error of:

"Notice: Undefined index: totP in C:\xampp\htdocs\fi\p1.php on line 'where ever $totPrice appears'".

Here's the code for p1.php:-

<?php
global $totPrice;
$totPrice = $_GET['totP'];
if(!isset($_COOKIE['username']))
{
    if(isset($_POST['Submit']))
{
$dbc      = mysqli_connect("localhost","root","","authserver");
$username = $_POST['name'];
$password = $_POST['password'];
$ccno     = $_POST['ccno'];

    if(!empty($username) && !empty($password) && !empty($ccno))
{
     $query = "select * from authserver.fimembers where fName = '$username' AND     password_finmem=SHA('$password') AND CreditCard = $ccno";
$result = mysqli_query($dbc,$query);

if(mysqli_num_rows($result) == 1 )
{
$dbc1 = mysqli_connect("localhost","root","","fininsti");
$query1  = "select * from fininsti.fimembers where fName = '$username' AND    password_finmem=SHA('$password') AND CreditCard = $ccno"; 
    $result1 = mysqli_query($dbc1,$query1);
$row  = mysqli_fetch_array($result1,MYSQL_BOTH);
setcookie('username',$username,time()+60*60);
setcookie('ccno',$row[0],time()+60*60);
echo $totPrice.'<br />';
if($totPrice > $row[3])
if($_GET['totP'] > $row[3])
{
   $status = array('stat' => 0 );   // 0 = Not sufficient funds
}
else
{
$status = array('stat' => 1 );   // 1 = Good To Go!
$newAmt = $row[3]-$totPrice;
$query = "update fininsti.fimembers set Credit = $newAmt where CreditCard = $ccno";
$result = mysqli_query($dbc1,$query);
}           
$retMerUrl = "http://localhost/eTrans/site/confirm.php?".http_build_query($status);
setcookie('username',$username,time()-60*60);
setcookie('ccno',$row[0],time()-60*60);
mysqli_close($dbc1);
mysqli_close($dbc);
header('Location:'.$retMerUrl);             
}
else
   echo "Credentials don't match!";
}
else
{
    echo "Sorry! Fields empty!";
}
setcookie('userId',$username,time()-60*60);
setcookie('ccno',$row[0],time()-60*60);
mysqli_close($dbc);
}
}
?>

Please do get back to me if you have any problem with the question.

4

3 回答 3

3

您需要修复前两行:

global $totPrice;
$totPrice = $_GET['totP'];
  1. 删除第一行。您不需要global外部功能。

  2. 将第二行替换为:

    $totPrice = isset($_GET['totP']) ? $_GET['totP'] : 0;
  3. (与这两行无关)修复代码中的SQL注入问题!!!
于 2012-05-02T20:35:02.027 回答
1

根据您收到的错误消息,很明显totP没有包含在脚本引用的 URL 中。所以你最好的选择是isset在引用$_GET参数之前包括一些检查,例如:

$totPrice = (isset($_GET['totP'])) ? $_GET['totP'] : null;

此外,不确定您为什么要global拨打电话,因为您似乎不在一个函数中。

于 2012-05-02T20:36:29.807 回答
0

要删除通知,isset($_GET['totP']可以进行检查。如果它在 URL 中但未显示在您的页面中,请确保没有发生重写。

您总是var_dump($_GET)可以查看特定代码的查询参数中的所有信息。

查看它收到的内容可能会有所帮助,以便您了解问题所在。

于 2012-05-03T18:42:52.610 回答