#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2014
    Posts
    13
    Rep Power
    0

    Query string error: Undefined index: id


    Hello experts,
    I am using a query string code. I want to "get" variable of one page to another page.
    PHP Code:
    <?php
    $konek 
    mysql_connect("localhost","root","") or die("Cannot connect to server");
    mysql_select_db("test",$konek) or die("Cannot connect to the database");
    $query mysql_query("select * from persons where id='1'");
    $row mysql_fetch_array($query);
    $q$row['details'];
    ?>

    <a href='query_1.php?id=" . $q . "'>aa</a>
    query_1.php

    PHP Code:
    <?php
    //$ab=1;

    //if(isset($_GET['id'])) 
    $ab$_GET['id'];
    echo 
    $ab;
    ?>

    The above code does not run and give error:

    Notice: Undefined index: id

    I am not geting what i am missing.
    So, can some help me out wid my mistake....
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi,

    the error message is pretty straightforward, don't you think? The script did not receive any URL parameter named id. So the actual question is: Did this parameter ever exist? If yes, when did it get lost?

    Note that your code generally has a lot of issues. The mysql_* functions you're using are long obsolete and will be removed in the near future. And stuffing raw values into an HTML string is a very bad idea, because this can easily lead to cross-site scripting vulnerabilities.

    Check the two threads in my signature:

    The 6 worst sins of security
    How to (properly) access a MySQL database with PHP
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    189
    Rep Power
    0
    A get var should not be wrapped in quotes as you did.
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Originally Posted by jimmyg999
    A get var should not be wrapped in quotes as you did.
    Those are obviously the quotes of the href attribute and the PHP string.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. Confused badger
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Mar 2009
    Location
    West Yorkshire
    Posts
    1,112
    Rep Power
    487
    <a href='query_1.php?id=" . $q . "'>aa</a>

    is wrong

    He is trying to use $q outside of PHP
    Try this instead

    PHP Code:
    <?php 
    $konek 
    mysql_connect("localhost","root","") or die("Cannot connect to server"); 
    mysql_select_db("test",$konek) or die("Cannot connect to the database"); 
    $query mysql_query("select * from persons where id='1'"); 
    $row mysql_fetch_array($query); 
    $q$row['details']; 

    echo 
    "<a href='query_1.php?id=" $q "'>aa</a>";

    ?>
    "For if leisure and security were enjoyed by all alike, the great mass of human beings who are normally stupefied by poverty would become literate and would learn to think for themselves; and when once they had done this, they would sooner or later realise that the privileged minority had no function and they would sweep it away"
    - George Orwell, 1984
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    189
    Rep Power
    0
    Originally Posted by badger_fruit
    <a href='query_1.php?id=" . $q . "'>aa</a>

    is wrong

    He is trying to use $q outside of PHP
    Try this instead
    Good catch!

    Comments on this post

    • Jacques1 disagrees
  12. #7
  13. Confused badger
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Mar 2009
    Location
    West Yorkshire
    Posts
    1,112
    Rep Power
    487
    I'm not sure what J1's disagreeing with (perhaps he's posting now?) but that is a problem that needed to be addressed (apart from the rest of his very valid points).

    To the OP, if you add in various places in $query_1.php the following:

    print_r ( $_GET );

    You might see why it gets lost; although in the example code you provided, I copy/pasted that onto my server and it all worked OK
    "For if leisure and security were enjoyed by all alike, the great mass of human beings who are normally stupefied by poverty would become literate and would learn to think for themselves; and when once they had done this, they would sooner or later realise that the privileged minority had no function and they would sweep it away"
    - George Orwell, 1984
  14. #8
  15. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    The a stuff is obviously a snippet of a larger piece of PHP code. It's rather unlikely that somebody would write down half of a PHP string into the HTML section. He probably just forgot to copy the whole statement.

    This assumption also doesn't fit to the error message. A <a href='query_1.php?id=" . $q . "'>aa</a> is a perfectly valid anchor with the id parameter

    Code:
    " . $q . "
    So there would be no index error.

    Let's wait until we get the feedback from the OP.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  16. #9
  17. Confused badger
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Mar 2009
    Location
    West Yorkshire
    Posts
    1,112
    Rep Power
    487
    Hi Jaques, very true but we can only go on what the OP provided ... who knows, this *might* be the whole code ... you're right though in that $_GET['id'] would still be passed to query_1.php so there's probably something else that the OP didn't provide in that file which is unsetting it.
    "For if leisure and security were enjoyed by all alike, the great mass of human beings who are normally stupefied by poverty would become literate and would learn to think for themselves; and when once they had done this, they would sooner or later realise that the privileged minority had no function and they would sweep it away"
    - George Orwell, 1984
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Location
    Sydney Australia
    Posts
    183
    Rep Power
    83
    Originally Posted by badger_fruit
    you're right though in that $_GET['id'] would still be passed to query_1.php
    No it won't!

    the op said
    Originally Posted by op
    <a href='query_1.php?id=" . $q . "'>aa</a>
    outside of php tags, so no php substitution will take place. The text exactly as written will be the link, and the query string will be
    Code:
    id=" . $q . "
    so $_GET['id'] will be ".$q." which I doubt will find anything in the database.

    Comments on this post

    • Jacques1 disagrees : That was ... totally useless.
  20. #11
  21. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    *sigh*

    Sometimes it might be helpful to read the whole text and not just the first sentence you stumbled upon.

    Originally Posted by BarryG
    so no php substitution will take place.
    Wow, we never knew that you need PHP tags to run PHP code! Thanks so much for pointing it out. It also makes so much sense to explain this to badger_fruit who brought up this very point 12 hours ago.



    Originally Posted by BarryG
    The text exactly as written will be the link, and the query string will be
    Code:
    id=" . $q . "
    That sounds oddly familiar. Wait, didn't I say the same thing in #8?



    Originally Posted by BarryG
    so $_GET['id'] will be ".$q." which I doubt will find anything in the database.
    Um, have you even read the OP's question?
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  22. #12
  23. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2014
    Posts
    13
    Rep Power
    0
    Well..., the code works perfectly fine in Query1.php page. But if i would nt have pasted my link
    i.e echo "<a href='query_1.php?id=" . $a . "'>aa</a>";

    inspite only :

    echo "<a href='query_1.php?id=" . $a . "'></a>";

    so how will i get the $a on my next page which is query_1.php page:

    PHP Code:
    <?php 

    if(isset($_GET['id']))  
    $ab$_GET['id']; 
    echo 
    $ab
    ?>

    I want to echo $a of Query1.php page on query_1.php page.
    I tried with the code above. I am stuck what i am missing.
  24. #13
  25. Confused badger
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Mar 2009
    Location
    West Yorkshire
    Posts
    1,112
    Rep Power
    487
    jackgoody, I am very confused by your post.
    The A HREF you posted now would send the value of $a to "edit_last_follow.php" page and not "query_1.php" ...

    The only thing that I can think of is that in "query_1.php", you should add these lines RIGHT AFTER THE OPENING <?php tags ...

    PHP Code:
    echo "<pre>";
    print_r $_GET );
    echo 
    "</pre>"
    Please post back when you've done that and tell us what you see on your screen.
    Thank you.
    "For if leisure and security were enjoyed by all alike, the great mass of human beings who are normally stupefied by poverty would become literate and would learn to think for themselves; and when once they had done this, they would sooner or later realise that the privileged minority had no function and they would sweep it away"
    - George Orwell, 1984
  26. #14
  27. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    676
    Rep Power
    7
    Would there be an issue with no parenthesis? Try adding:
    PHP Code:
    <?php  
      
    if(isset($_GET['id'])) {   
        
    $ab$_GET['id'];  
        echo 
    '$ab = ' $ab;
      }  
    ?>
    He who knows not and knows not he knows not: he is a fool - shun him. He who knows not and knows he knows not: he is simple - teach him. He who knows and knows not he knows: he is asleep - wake him. He who knows and knows he knows: he is wise - follow him
  28. #15
  29. Confused badger
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Mar 2009
    Location
    West Yorkshire
    Posts
    1,112
    Rep Power
    487
    No curly brackets would mean the script would only execute the next line as part of the condition. Perhaps if he simply removed the if isset (or at least commented it out) then the assignment will always happen, regardless of if $_GET['id'] is set
    "For if leisure and security were enjoyed by all alike, the great mass of human beings who are normally stupefied by poverty would become literate and would learn to think for themselves; and when once they had done this, they would sooner or later realise that the privileged minority had no function and they would sweep it away"
    - George Orwell, 1984

IMN logo majestic logo threadwatch logo seochat tools logo