0

For the sake of learning no-framework php from scratch, I wrote an admin.php file which have the following code:

<?php

$not_auth_msg = "<h1>Not Authorized</h1>";
if($_GET['username'] == "admin") {
    $pass = md5($_GET['password']);
    if($pass != "21232f297a57a5a743894a0e4a801fc3") {
        exit($not_auth_msg);
    }
} else {
    exit($not_auth_msg);
}

?>

<!doctype html>
<html>
<head>
  <!-- link to bootstrap -->
  <!-- jquery script -->
  <!-- etc -->
</head>
..
..
..
</html>

Authorization works OK, but php 5.4's built in server replies "PHP Notice: Undefined index: username in ..." for each static file (bootstrap, jquery etc.), and the worse thing - the static files do not load!

What am I doing wrong?

Improve this question
1
  • You should use isset() to check whether $_GET['username'] is set. Commented Mar 3, 2013 at 18:21

3 Answers 3

Reset to default
2

Change the if with 

if(isset($_GET['username']) && $_GET['username'] == "admin") {
...

}

That will solve your problem. When your not providing username that key is not set in $_GET and error notification if your php.ini file must be ALL i.e. notifications will be displayed/rendered.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

So now I don't get an exception but the static files are not being loaded as before @user2129388
It is because your using exit() in else block which will not render anything beyond that line of code. Put your PHP code after <head> that will fix the issue.
I found the problem, it wasn't related to php's code location, I just had an extra "/" char in my path (see right after the php extension): admin.php/?username=admin&password=admin As for the exceptions, I'm using your answer and it works, thanks. @user2129388
1

The notice is caused when you try to access an non-existant element in an array. In your case, the $_GET superglobal didn't actually have a 'username' element (meaning, you didn't pass a username through the url).

You can change your code to test for the existance of the element before you actually check its contents:

if(array_key_exists('username',$_GET) && $_GET['username'] == "admin") {
  ...
}

This works because PHP uses shortcut boolean evaluation - meaning the right side of that expression is not going to be evaluated if the left half turns out to be false.

Improve this answer

1 Comment

So now I don't get an exception but the static files are not being loaded as before @Hazzit
0

see this line

if($_GET['username'] == "admin")

whenever you have empty / no value for $_GET['username'] you will get this error..you need to adjust your code so that you handle that case too, something like

if(!isset($_GET['username'])){

your code....to handle this index error
}else{

normal cose
}
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.