reply “Welcome [fname] to my website.” ????

Report · Jun 03, 2011

I am a newbie. I have been working on this problem for a few days and I cannot find the answer. To explain the problem, I have set up a very simple test website. I am using WAMPSERVER 2.1 which includes PHP ver 5.3.5 and MySQL ver 5.5.8.

I have set up a database table with the table “testtable”, a php form “frmTEST.php” for the user to input his first name “fname” and last name “lname”, and a welcome “testOK.php” to reply “Welcome [fname] to my website.” Sounds simple but I cannot get “testOK.php” page to print the correct first name from the table field [fname].

I am using Dreamweaver CS5 to post the users to the database. The posting to the database table “testable” works. After posting the user to the table, the code from DW takes the user to the “testOK”.php page.

Now the problem. At line 8 of my code where I am trying to set the $_SESSION['user_fname'] = $_POST['fname']; I get an error that reads “Undefined index: fname in C:\wamp\www\frmTest.php on line 8”.

1 What am I doing wrong? It appears to me that the code that DW uses, does not make the $_POST[‘fname’] variable usable.

2. Is there a better way to do what I wish to do using DW’s code to POST the users to the table? I want to use DW’s code vs hand coding my own INSERT statement, because I assume that DW will keep up to date with any problems with sanitizing variables and browser incompatibility such as the code block “if (PHP_VERSION < 6)”.

=========== start code for frmTEST.php =============

<?php require_once('Connections/ndc_olcs.php'); ?>

<?php //code I added

session_start(); // I added this to start the session. I could not find in DW's where a session started.

echo session_id(); //debug to see if session id is same as testOK.php page. It WORKS!

// ***************************************

$_SESSION['user_fname'] = $_POST['fname']; // This does not work get error

// Undefined index: fname in C:\wamp\www\frmTest.php on line 8

// *****************************************

?>

<?php

// this code is inserted by Dreamweaver. *************

if (!function_exists("GetSQLValueString")) {

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")

{

if (PHP_VERSION < 6) {

$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {

case "text":

$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

break;

case "long":

case "int":

$theValue = ($theValue != "") ? intval($theValue) : "NULL";

break;

case "double":

$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

break;

case "date":

$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

break;

case "defined":

$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

break;

}

return $theValue;

}

$editFormAction = $_SERVER['PHP_SELF'];

if (isset($_SERVER['QUERY_STRING'])) {

$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "frmTEST")) {

$insertSQL = sprintf("INSERT INTO testtable (fname, lname) VALUES (%s, %s)",

GetSQLValueString($_POST['fname'], "text"),

GetSQLValueString($_POST['lname'], "text"));

mysql_select_db($database_ndc_olcs, $ndc_olcs);

$Result1 = mysql_query($insertSQL, $ndc_olcs) or die(mysql_error());

$insertGoTo = "testOK.php";

if (isset($_SERVER['QUERY_STRING'])) {

$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

$insertGoTo .= $_SERVER['QUERY_STRING'];

}

header(sprintf("Location: %s", $insertGoTo));

}

// End of code inserted by Dreamweaver

//************************************

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<head>

<title>Untitled Document</title>

</head>

<body>

<form action="<?php echo $editFormAction; ?>" method="POST" name="frmTEST">

<p>

<label for="fname">First Name</label>

</p>

<p>

</p>

<p>Sumit Form

</p>

</form>

</body>

</html>

=========== end code for frmTEST.php ===========

============= start code for testOK.php =============

<?php

require_once('Connections/ndc_olcs.php'); // I do not think I need this on this page

session_start();

echo "Your session identification number is ".session_id(); // to debug This Workes

echo ' - - - Welcome ' . $_SESSION['user_fname']; // the real test WORKS!!!

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<head>

<title>Untitled Document</title>

</head>

<body>

<h1>Welcome <?php echo $_SESSION['user_fname']?> to my website. </h1>

</body>

</html>

Report · Jun 04, 2011

tenoc wrote:
I am a newbie. I have been working on this problem for a few days and I cannot find the answer.

Welcome. We were all beginners at one stage. Battling with seemingly unsolvable problems for several days is part of the learning process. However, please don't create multiple threads for what is basically the same question. I have locked your other thread to keep the discussion focused in one place.

Now the problem. At line 8 of my code where I am trying to set the $_SESSION['user_fname'] = $_POST['fname']; I get an error that reads “Undefined index: fname in C:\wamp\www\frmTest.php on line 8”.
1 What am I doing wrong? It appears to me that the code that DW uses, does not make the $_POST[‘fname’] variable usable.

The problem lies in a common misunderstanding of how data is transmitted from one page to another. When you use the Dreamweaver Insert Record server behavior, it inserts values into the database and then uses the PHP header() function to redirect to another page. The values in the $_POST array are destroyed by the redirect.

I want to use DW’s code vs hand coding my own INSERT statement, because I assume that DW will keep up to date with any problems with sanitizing variables and browser incompatibility such as the code block “if (PHP_VERSION < 6)”.

That's not a very wise decision. Although Dreamweaver's server behaviors have had a few changes made to them over the years to fix minor bugs and security problems, even Adobe no longer recommends them for use in a production environment. The server behaviors are regarded as a rapid prototyping or learning tool. You need to customize the code quite extensively to make them robust enough for use in a live website.

The problem with the code you have added is that it runs even before the form has been submitted. You need to edit the Insert Record server behavior and add it there.

Also, by adding the extra code with blank lines outside the PHP tags and echoing the session ID, you prevent the header() function from redirecting to the next page. For an explanation, see the article I wrote here: http://kb2.adobe.com/community/publishing/505/cpsid_50572.html.

Remove the code that you have added, and amend the server behavior code like this:

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "frmTEST")) {
  // start the session
  session_start();
  // sanitize the name and store it as a session variable
  $_SESSION['user_fname'] = htmlentities($_POST['fname'], ENT_COMPAT, 'UTF-8');
  $insertSQL = sprintf("INSERT INTO testtable (fname, lname) VALUES (%s, %s)",
                       GetSQLValueString($_POST['fname'], "text"),
                       GetSQLValueString($_POST['lname'], "text"));
  mysql_select_db($database_ndc_olcs, $ndc_olcs);
  $Result1 = mysql_query($insertSQL, $ndc_olcs) or die(mysql_error());
  $insertGoTo = "testOK.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}

Using session_start() in testOK.php will allow you to display the value of $_SESSION['user_fname']. However, making this edit to the Dreamweaver server behavior code prevents Dreamweaver from recognizing it any more. This is not a problem. All it means is that you can no longer use the Server Behaviors panel to open the Insert Record dialog box to make any changes to the server behavior.

Report · Jun 05, 2011

Thank you VERY much. I think this answered my problem. I will try it and switch to hand codeing.