Php error Notice: Undefined index: UserID in C:\wamp\www\tweetball\classes\word.class.php on line 35_问答_开发者

Php error Notice: Undefined index: UserID in C:\wamp\www\tweetball\classes\word.class.php on line 35

开发者 https://www.devze.com 2023-02-20 18:54 出处：网络

I keep getting this error. And I don\'t know why... Thanks Notice: Undefined index: UserID in C:\\wamp\\www\\tweetball\\classes\\word.class.php on line 35

相关专题：php

I keep getting this error. And I don't know why... Thanks

Notice: Undefined index: UserID in C:\wamp\www\tweetball\classes\word.class.php on line 35

<?php
session_start();
class Word
{

    private $m_sWord;
    private $m_sMessage;
    private $link;
    public function __set($p_sProperty, $p_vValue)
    {
        switch($p_sProperty)
        {
            case "Message":
                $this->m_sMessage = $p_vValue;
                break;
        }      
    }

    public function __get($p_sProperty)
    {
        $vResult = null;
        switch($p_sProperty)
        {
        case "Message": 
            $vResult = $this->m_sMessage;
            break;
        }
        return $vResult;
    }

    public function Save()
    {
        include("Connection.php");
        $sSql = "insert INTO words (word, FK_UserID) VALUES ('$_POST[message]','$_POST[UserID]')";  

        if ($rResult = mysqli_query($this->link, $sSql))
        {   
            echo "";
开发者_运维问答        }
        else
        {       
            throw new Exception('We could not save your word!');    
        }                   
        mysqli_close($this->link);
    }



    public function CreateNew()
        {
            $m_sHost = "localhost";
            $m_sUser = "root";
            $m_sPassword = "";
            $m_sDatabase = "tweetball";

                $link = mysqli_connect($m_sHost,$m_sUser,$m_sPassword,$m_sDatabase);
              if($link!=null){
                    $this->link=$link;
                }
                else
                {
                    throw new Exception("There seems to be a database problem. Try again later");
                }

    }
    public function getWord()
    {


            $m_sHost = "localhost";
            $m_sUser = "root";
            $m_sPassword = "";
            $m_sDatabase = "tweetball";


        $sSql = "select * from tweetball where WordID = 1;";    
        if ($rResult = mysqli_query($this->link, $sSql))
        {
            $singleRecord = mysqli_fetch_assoc($rResult);

            $message = $singleRecord['Word'];
        }
        else
        {       
            throw new Exception('We could get your word!'); 
        }                   
        mysqli_close($link);
        return($message);   
    }

}
?>

You're getting this error because you're referencing an array key "UserID" that is not defined for the array ($_POST in this case). Taking a quick look at your SQL query I notice that your keys are not in quotes, which they need to be.

I won't comment on how incredibly unsafe it is to input unchecked. user data into your database

You must define your id in the class, either you use $_REQUEST or $_POST, make sure you have column in your database also of which values your are sending.

This is not really an error but more of a notice. It tells you that you're trying to use a variable that's not been manually set. With improper settings this can lead to variable injection.

You can fix this by either turning off the PHP error notices (if you're sure your PHP settings are set up safely, defining all or variables before trying to use them or using if(isset($variable)) before calling it.

$sSql = "insert INTO words (word, FK_UserID) 
    VALUES ('$_POST[message]','$_POST[UserID]')";

There is no $_POST['UserID'] value. Note that array keys (e.g. UserID) are case sensitive.

Also note that what you are doing here is vulnerable to SQL injection and should be changed at once. There are many questions here on SO dealing with what SQL injection is and how to prevent it in PHP.