Back To Programming / Scripting / Coding Forum

notice error when non-registered users view posts

iWiGG_2010
Newbie
Joined: Nov 22, 2011
Posts: 10
Loc: Australia
Status: Offline

November 22nd, 2011, 6:51 pm

Hi all,

Wondering if any of you can help me. I am new to php.

I keep getting this notice:
Notice: Undefined index: user_id in C:\wamp\www\website\view_topic.php on line 16

Its a basic fourm page. I want non-registered users to be able to view the posts but not post a reply.

Does anyone know what is happening and how I could fix it thanks.

PHP Code: [ Select ]

<?php include 'init.php'; ?>

<?php include 'template/header.php'; ?>

<br /><h3><p>View Topic</p></h3>
<p><br />

<?php
$cid = $_GET['cid'];
$tid = $_GET['tid'];
$sql = "SELECT * FROM `topics` WHERE `album_id`='".$cid."' AND id='".$tid."' LIMIT 1";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) == 1) {
echo "<table width='100%'>";
if ($_SESSION['user_id']) {
echo "<tr><td colspan='2'><center><input type='submit' value='Add Reply' onClick=\"window.location = 'post_reply.php?cid=".$cid."&tid=".$tid."'\" /></center><hr /><br />";
} else {

echo "<br /><tr><td colspan='2'><p>Please Log in to add a comment</p></td></tr>"; }
while ($row = mysql_fetch_assoc($res)) {
$sql2 = "SELECT * FROM `posts` WHERE `album_id`='".$cid."' AND `topic_id`='".$tid."' ORDER BY `post_date` DESC";
$res2 = mysql_query($sql2) or die(mysql_error());
while ($row2 = mysql_fetch_assoc($res2)) {
echo "<tr><td valign='top' style='border: 1px sold #FFF;'><div style='min-height: 125px;'><br /><p>".$row['topic_title']."<br /><br />by ".$row2['post_creator']." - ".$row2['post_date']."<br />".$row2['post_content']."</p></div></td>

<tr><td colspan='2'><hr /></td></tr>";
}
$old_views = $row['topic_views'];
$new_views = $old_views + 1;
$sql3 = "UPDATE `topics` SET `topic_views`='".$new_views."' WHERE `album_id`='".$cid."' AND id='".$tid."' LIMIT 1";
$res3 = mysql_query($sql3) or die(mysql_error());
}
echo "</table>";
} else {
echo "<p>This topic does not exist</p>";
}
?>
</p>
<p>  </p>
<?php include 'template/footer.php'; ?>

<?php include 'init.php'; ?>
<?php include 'template/header.php'; ?>
<br /><h3><p>View Topic</p></h3>
<p><br />
<?php
$cid = $_GET['cid'];
$tid = $_GET['tid'];
$sql = "SELECT * FROM `topics` WHERE `album_id`='".$cid."' AND id='".$tid."' LIMIT 1";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) == 1) {
echo "<table width='100%'>";
if ($_SESSION['user_id']) {
echo "<tr><td colspan='2'><center><input type='submit' value='Add Reply' onClick=\"window.location = 'post_reply.php?cid=".$cid."&tid=".$tid."'\" /></center><hr /><br />";
} else {
echo "<br /><tr><td colspan='2'><p>Please Log in to add a comment</p></td></tr>"; }
while ($row = mysql_fetch_assoc($res)) {
$sql2 = "SELECT * FROM `posts` WHERE `album_id`='".$cid."' AND `topic_id`='".$tid."' ORDER BY `post_date` DESC";
$res2 = mysql_query($sql2) or die(mysql_error());
while ($row2 = mysql_fetch_assoc($res2)) {
echo "<tr><td valign='top' style='border: 1px sold #FFF;'><div style='min-height: 125px;'><br /><p>".$row['topic_title']."<br /><br />by ".$row2['post_creator']." - ".$row2['post_date']."<br />".$row2['post_content']."</p></div></td>
<tr><td colspan='2'><hr /></td></tr>";
}
$old_views = $row['topic_views'];
$new_views = $old_views + 1;
$sql3 = "UPDATE `topics` SET `topic_views`='".$new_views."' WHERE `album_id`='".$cid."' AND id='".$tid."' LIMIT 1";
$res3 = mysql_query($sql3) or die(mysql_error());
}
echo "</table>";
} else {
echo "<p>This topic does not exist</p>";
}
?>
</p>
<p>  </p>
<?php include 'template/footer.php'; ?>

Anonymous
Bot
- www.ozzu.com
Joined: 25 Feb 2008
Posts: ?
Loc: Ozzuland
Status: Online

November 22nd, 2011, 6:51 pm

Bogey
Bogey
Joined: Jul 14, 2005
Posts: 8211
Loc: USA
Status: Offline

November 26th, 2011, 11:04 pm

It means $_SESSION['user_id'] is not set.

"Bring forth therefore fruits meet for repentance:" Matthew 3:8

Bigwebmaster
Site Admin
Joined: Dec 20, 2002
Posts: 8922
Loc: Seattle, WA & Phoenix, AZ
Status: Offline

November 27th, 2011, 12:10 am

You can fix it by changing line 16 to this:

PHP Code: [ Select ]

if (isset($_SESSION['user_id'])) {

Ozzu Hosting - Want your website on a fast server like Ozzu?

iWiGG_2010
Newbie
Joined: Nov 22, 2011
Posts: 10
Loc: Australia
Status: Offline

November 27th, 2011, 12:15 am

great thanks it works

WritingBadCode
Graduate
Joined: Apr 28, 2011
Posts: 214
Loc: Sweden
Status: Offline

November 27th, 2011, 5:23 pm

Not that you was asking but I think you should reconsider your code that says:

Code: [ Select ]

$cid = $_GET['cid'];
$tid = $_GET['tid'];
$sql = "SELECT * FROM `topics` WHERE `album_id`='".$cid."' AND id='".$tid."' LIMIT 1";
$res = mysql_query($sql)

$cid = $_GET['cid'];
$tid = $_GET['tid'];
$sql = "SELECT * FROM `topics` WHERE `album_id`='".$cid."' AND id='".$tid."' LIMIT 1";
$res = mysql_query($sql)

I'm not an expert at MySQL injections but I have seen many examples of why trusting user input is most of the time a bad idea.

You are collecting and loading whatever value here without any checks and then runs it as a MySQL query.

Make it a habit to always check ANY possible user input to limit the possibilities for abuse of your queries.

iWiGG_2010
Newbie
Joined: Nov 22, 2011
Posts: 10
Loc: Australia
Status: Offline

November 27th, 2011, 5:28 pm

Thanks, for your advice. I look into it.

Page 1 of 1

To Reply to this topic you need to LOGIN or REGISTER. It is free.

Post Information

Total Posts in this topic: 6 posts
Users browsing this forum: No registered users and 100 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

notice error when non-registered users view posts

Post Information

Sponsored Links

Other Languages

Website Development

Graphics

OS & Hardware

Internet Marketing

Marketplace

Community Area

Ozzu Maintenance

Forum Network

Forum Partners

Other Information