Re: [PHP] contant /

Ashley Sheridan Thu, 08 Apr 2010 09:36:39 -0700

On Thu, 2010-04-08 at 12:26 -0400, Jack wrote:

> I get a couple of errors like this one for undefined variable:
> 
> PHP Notice:  Undefined variable: s_company_name
> 
> And this one for undefined contstant
> 
> PHP Notice:  Use of undefined constant account_type - assumed 'account_type'
> 
>  
> 
> I am putting a piece of code from each so that hopefully someone can explain
> what I need to do to correct this, I know it still runs OK, but want to
> eliminate error/warnings as much as possible.
> 
>  
> 
> 
> 
> CONSTANT CODE:
> 
> if($_POST) {
> 
>  
> 
> 
> 
>    if($username && $password)
> 
>       {
> 
>       f_db_open();
> 
>       $q = mysql_query("SELECT * FROM uas_users WHERE
> user_email='$username'");
> 
>       $auth = mysql_fetch_array($q);
> 
>  
> 
>       if($auth['user_password'] == $password && $auth['user_email'] ==
> $username && $auth['account_status'] == "Approved")
> 
>          {
> 
>  
> 
> 
> 
>          $type = $auth['account_type'];
> 
>  
> 
>                    mysql_query("INSERT INTO logon_log (user, date, time)
> VALUES ('$username', NOW(), NOW())");
> 
>  
> 
> 
> f_put_cookie($auth[user_name],$auth[user_email],$auth[account_type],$auth[co
> mpany_name]);
> 
>  
> 
> 
> 
> VARIABLE CODE:
> 
> function f_option_menu($status_message ) {
> 
> global $s_url, $s_logo, $s_logo_h, $s_logo_w;
> 
>  
> 
> echo "
> 
> <table border='0' width='100%' cellpadding='0' cellspacing='0'>
> 
>   <tr>
> 
>     <td>
> 
>       <img border=0 src='images/".$s_logo."' width=".$s_logo_w."
> height=".$s_logo_h.">
> 
>       <font face='Verdana, Arial' size='3'><b>".$s_company_name."
> ".$status_message."</b></font>
> 
>  
> 
> 
> 
> THANKS!!!!
> 
>  
> 
> 
> 
> 
> 
> Thanks!
> 
> Jack
> 
>  
>


Your function f_option_menu() includes some global variables but nowhere
in that function is s_company_name ever declared, so PHP is throwing an
undefined warning at you.

Also, it appears that you are referencing $_POST variables as globals.
It's recommended that you turn off register_globals, as this can be a
massive security risk if someone overrides one of your variables by
sending their own data at your form. The preferred way is to reference
the variables as $_POST['variable_name']

Thanks,
Ash
http://www.ashleysheridan.co.uk

Re: [PHP] contant /

Reply via email to