Error declaring variable in login system

Asked

Viewed 52 times

1

I am making a login system and now I come across a "Notice" that indicates that my Variable is not defined. This variable is not informed by the form. It is defined by a function that will generate a key. KeyGenerator();

I have checked several times and I have in the database the table correctly. I’ve looked at all the ways to declare an empty variable and can’t get the error out. Does anyone know how to?

The error is given on the line when I have the data entered in the database:

"Notice: Undefined variable: userkey in C: Program Files Easyphp-Devserver-14.1VC9 data localweb panel system database.php on line 7 You have an error in your SQL syntax; check the manual that Corresponds to your Mysql server version for the right syntax to use near '@servidor.com, Ana78, 40bd001563085fc35165329ea1ff5c5ecbdbbeef, , 1456576578, 1)' at line 1"

<?php 
// CADASTAR O USUARIO
    function Register($name, $mail, $username, $password,  $status = true){
        $password = CryptPassword($password);
        $userKey  = KeyGenerator();
        $register = time();
        $query    = "INSERT INTO membros (name, mail, username, password, userkey, register, status) VALUES ($name, $mail, $username, $password, $userkey, $register, $status)";

        return mysql_query($query) or die(mysql_error());
    }

// VERIFICA SE LOGIN EXISTE
    function UserNameExists($username){
        $query  = "SELECT username FROM membros WHERE username = '$username'";
        $result = mysql_query($query) or die(mysql_error());
        if(mysql_num_rows($result) <= 0)
            return true;
        else
            return false;
    }


// VERIFICA SE EXISTE E-MAIL
    function MailExists ($mail){
        $query  = "SELECT mail FROM membros WHERE mail = '$mail'";
        $result = mysql_query($query) or die(mysql_error());
        if(mysql_num_rows($result) <= 0)
            return true;
        else
            return false;
    }

// CONEXAO COM BANCO DE DADOS
    function connect(){
        $conn = mysql_connect(HOSTNAME, USERNAME, PASSWORD);

        if (!$conn)
            die(mysql_error());
            else {
                mysql_select_db(DATABASE, $conn ) or die(mysql_error());

                mysql_query("SET NAME 'utf-8");
                mysql_query("SET character_set_connection=utf8");
                mysql_query("SET character_set_client=utf8");
                mysql_query("SET character_set_results=utf8");


            }

    }

 ?>

Function:

    function KeyGenerator(){
        return rand();
    }

Form:

<?php 
    require_once $_SERVER['DOCUMENT_ROOT'].'/painel/system/system.php';
    AccessPublic();
 ?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Registar</title>
</head>
<body>

<h2>Registar</h2>
<hr>


<?php ValidateFormRegister(); ?>

<form action="" method="post">

    <label for="">Nome</label><br/>
        <input type="text" name="name" value="<?php echo GetPost('name'); ?>"><br/><br/>

    <label for="">E-Mail</label><br/>
        <input type="text" name="mail" value="<?php echo GetPost('mail'); ?>"><br/><br/>

    <label for="">Usuário</label><br/>
        <input type="text" name="username" value="<?php echo GetPost('username'); ?>"><br/><br/>

    <label for="">Palavra-Passe</label><br/>
        <input type="password" name="password"><br/><br/>

    <label for="">Confirme a Palavra-Passe</label><br/>
        <input type="password" name="confirm"><br/><br/>

    <input type="submit" name="send" value="Registar">

    <a href="<?php echo URL_BASE; ?>">LOGAR-SE</a>




</form>

</body>
</html>

1 answer

2


There is a difference when using uppercase and lowercase in the name of variables in PHP.

$userKey = "exemplo"; // no seu caso: $userKey = KeyGenerator();
echo $userkey; // vai dar erro (K minúsculo), $userkey != $userKey
echo $userKey; // está correto

http://php.net/manual/en/language.variables.basics.php:

Variables in PHP are represented by a dollar sign ($) followed by the variable name. Variable names in PHP distinguish between upper and lower case.

Use $userKey and should work:

$query = "INSERT INTO membros (name, mail, username, password, userkey, register, status) VALUES ($name, $mail, $username, $password, $userKey, $register, $status)";
  • Berriel, just a hint, it would be interesting to translate the quote into English as well.

  • @Diegof did, I was looking for the link of the manual in en to not have to translate with my words

  • +1. It would be interesting who denied now speak what can be improved. The response has already been translated and suitable to the site.

  • @Diego, thank you very much, this is what was generating the error of the indefinite variable, such a banal thing of inattention. but now continues the second error: You have an error in your SQL syntax; check the manual that Corresponds to your Mysql server version for the right syntax to use near '@Hotmail.com, golx, 40bd001563085fc35165329ea1ff5c5ecbdbbeef, a6ea306ef0cd6d8008' at line 1

  • Sorry again the simplicity of the case, in this error already comes with the form data and this line 1? where to find the syntax error?

  • @GOLX this error is because you need to escape these characters, as the @. I also recommend not using the functions mysql_*, because they are depreciated. Look in Sopt that you will find information about it. If my answer has solved the problem of your original question, please mark it as an answer. If you don’t find the solution to your new problem in Sopt, open a new question with the necessary details, but I think you will find.

  • @berriel, ogd, then I will look for alternative to swap mysql_. Now how in this code can I escape the characters? how would I do this?

  • @GOLX use http://php.net/manual/en/function.mysql-real-escape-string.php. Don’t forget to mark this as correct or vote.

  • @Berries is still on the basic course of php, sorry. I made some attempts to escape but in vain, the second mistake continues.Can you give me an example of how I would look in this my code please?

  • @GOLX’s policy discourages this type of attitude, since a solution given in a comment can hardly be found by other users and so would not have much purpose. I recommend you see this: http://answall.com/questions/103046/posso-utilizar-mysql-real-escape-string-em-site-mysqli-connect If you cannot find what you are looking for, you can open a new question

Show 5 more comments

Browser other questions tagged

You are not signed in. Login or sign up in order to post.