I got this error can anyone help me?
Notice: Undefined index: submit in
D:\xampp\htdocs\testsubject\cntcinfo.php on line 7
This is my code:
if($_POST['submit']=='Update')
{
mysqli_query($link," UPDATE usr_profile
SET phone='".$_POST['phone']."',
email='".$_POST['emails']."',
address='".$_POST['address']."',
postcode='".$_POST['postcode']."',
city='".$_POST['city']."';
");
header('Location: '.$_SERVER['HTTP_REFERER']);
exit;
}
I tired to use isset
but I got this error instead:
Fatal error: Cannot use isset() on the result of an expression (you
can use "null !== expression" instead) in
D:\xampp\htdocs\testsubject\cntcinfo.php on line 7
this is my isset
if(isset($_POST['submit']=='Update'))
If you want to check whether the POST value is set, you will need to use this code:
if(isset($_POST['submit'])) {
if($_POST['submit'] == 'Update') {
//Do work here
}
}
(or to shorten it):
if(isset($_POST['submit']) && ($_POST['submit'] == 'Update')) {
//Do work here
}
When you call $_POST['submit']=='Update'
inside the isset()
function, you are asking it to check whether the result of an expression is set (which it can't process). So you would need to nest it like i've shown above.
If you're finding that you're getting an undefined index, make sure that the form you're posting from has submit set as one of its form elements.
isset
is not use for comparison . You can use it as
if(isset($_POST['submit']) && $_POST['submit']=='Update')
{
}
Ans make sure you submit type as
<input type="submit" name="submit" value="Update"/>
Your query is open for sql injection you can use before update
$phone=mysqli_real_escape_string ( $link , $_POST['phone'] );
use this
if(isset($_POST['submit']) && $_POST['submit']=='Update')) {
// Your code here
}
Not all browsers send a value for submit buttons, if the form can also be used for adding a user, consider using a checkbox for flagging if it's an update to a user's profile.
You're a sitting duck for SQL Injection attack with that code, you should be using prepared statements which eliminate the risk of SQL Injection attack, you should also be checking to see if MySQL ever returns any errors for the query.
All user submitted data needs to be validated no matter how well you know/trust your users.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.