1

I am working on a system and i want to check if a record exist. If a record exist then it will not record the data and instead will return to the form. If the data does not exist then it will proceed to recording the data to DB.

HTML form: 

 <form name="studentform" onSubmit="return validate_form ( );" action="queries/insert.php" method="post">

Student Number: <input type="text" name="studentnumber"/>
    College:
 <select name="college" id=a></select>

&nbsp;&nbsp;Course:
<select name="course" id=b></select>

 <input type="radio" name="status" value="regular" />Regular&nbsp;&nbsp;
<input type="radio" name="status" value="irregular" />Irregular 
    <br><br>
    <hr>
    <br>
   Name:
    <input type="text" name="lname"> &nbsp;
    <input type="text" name="fname"> &nbsp;
    <input type="text" name="mname">   


Address: 
<input type="text" name="address" />

<br><br>

 Gender: 
 <select name="gender">
<option value="">---</option>  
<option value="Male">Male</option>
<option value="Female">Female</option>
</select>



<input type="submit" value="Submit">
</form>

PHP form: 

 $query = ("SELECT studentnumber FROM students where studentnumber = '$_POST[studentnumber]'");
 $result=mysql_query($query);

 if($result)
    {
      if(mysql_num_rows($result) >= 1)
      { 
      echo "<script type='text/javascript'>alert('User already exist'); location.href = '../admin_home.php';</script>";
      }
      }
   else{

$sql="INSERT INTO students (studentnumber, college, course, status, lname, fname, mname, address, gender)
VALUES
('$_POST[studentnumber]','$_POST[college]','$_POST[course]','$_POST[status]','$_POST[lname]','$_POST[fname]','$_POST[mname]','$_POST[address]','$_POST[gender]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }

  echo "<script type='text/javascript'>alert('Record Successfully Added'); location.href = '../admin_home.php';</script>";
}

I don't know why but i always get the undefined index error. Maybe i've done something wrong somewhere. Thanks !!

Improve this question
5
  • First things first - read up on "SQL injection" - your code is not secure. Commented Jan 25, 2012 at 12:00
  • A line number for the error would be helpful Commented Jan 25, 2012 at 12:02
  • write the complete error Commented Jan 25, 2012 at 12:02
  • Notice: Undefined index: studentnumber in C:\xampp\htdocs\SIS\WEW\queries\insert.php on line 11 this is the error and line 11 would be this "$query = ("SELECT studentnumber FROM students where studentnumber = '$_POST[studentnumber]'");" Commented Jan 25, 2012 at 12:05
  • possible duplicate of PHP: "Notice: Undefined variable" and "Notice: Undefined index" Commented Mar 29, 2013 at 12:00

3 Answers 3

Reset to default
1

"Undefined index" is referring to your array ($_POST, probably), and it should be a notice, not an error. Can you post the exact message?

In the meantime, switch your first line for

$query = "SELECT studentnumber FROM students where studentnumber = '".mysql_real_escape_string($_POST['studentnumber'])."'";

Also, it's helpful for debugging to print out the query to make sure it looks like you'd expect:

print $query."<br />";  // obviously

[edit]As you've now posted the error message, it becomes far more simple - $_POST['studentnumber'] does not exist. Check your form.

A good way to debug posted results is to use the code

print '<pre>';
print_r($_POST);
print '</pre>';
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I would recommend using prepared statements.
Agreed. I figured I'd just put it here as a reminder for everyone else.
1

The problem is in your queries:

 $query = ("SELECT studentnumber FROM students where studentnumber = '$_POST[studentnumber]'");

$_POST[studentnumber] is not correct. It needs to be $_POST['studentnumber']. Notice the quotes around the key.

I suggest doing it this way:

$query = sprintf("SELECT studentnumber FROM students where studentnumber = '%s'"
                  , mysql_real_escape_string($_POST['studentnumber']));

Change all your queries accordingly.

Improve this answer

5 Comments

i don't think so this will effected $_POST[studentnumber] in the query.
It will, because $_POST has keys as strings. In her case, she is calling a key as a constant
but the key also work without '' single quotes like $_POST[studentnumber]
True, it will work. But only because PHP won't recognize the constant studentnumber and thus assume it to be 'studentnumber'. But it will throw a NOTICE - the purpose of which is to inform the programmer of the error he made so he can rectify it. This should not be used unless its a mistake.
hummm, now understand but in php 4.4.9 its not providing notice, cause i run the same in php 4.4.9 and php 5.3, and got the NOTICE in php 5.3, Thanks
0

try with this:

if( isset($_POST['submit']) ){

  $student_num = mysql_real_escape_string( $_POST['studentnumber'] );
  // Set all the require form fields here with mysql_real_escape_string() fun

  if( !empty($student_num) ){
    // Your Query Here
  }
  else{
   echo 'Value not Set in Student Number Field!';
  }
}

Edit: first check all the fields after isset($_POST['submit']) so that you confirm about all the values are properly getting or not

after getting all the required values start your query

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.