CodeIgniter Forums
need help Message: Undefined variable - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: need help Message: Undefined variable (/showthread.php?tid=61788)



need help Message: Undefined variable - setthawuth - 05-17-2015

PHP Code:
public function save(){
 
$this->load->helper('date');
 if(
$_SERVER["REQUEST_METHOD"] == "POST"){
 
$data = array(
 
"USERNAME" => $this->input->post("email"),
 
"PASSWORD" => md5($this->input->post("PASSWORD")),
 
"CREATE_DATE" => NOW(),
 
"STATUS" => 1,
 
"USER_TYPE" =>2
 
 
);
 
$query $this->db->insert("user"$data);
 if(
$query){
 
$this->db->where("email"$this->input->post("email"));
 
$q_profile $this->db->query("SELECT id FROM user WHERE USERNAME ='{"mysql_real_escape_string($this->input->post('email')). "}' LIMIT 1");
 foreach (
$q_profile->result() as $p){
 
 
$uid $p->id;
 
 }
 
 
 
$profile = array(
 
"USER_ID" =>$uid,
 
"NAME" => $this->input->post("name"),
 
"LASTNAME" => $this->input->post("lastname")
 );
 
 
$query_profile $this->db->insert("user_profile"$profile);
 if(
$query_profile){
 return 
true;
 }else{
 return 
false;
 }
 }
 
 }
 
 } 
Quote:A PHP Error was encountered

Severity: Notice

Message: Undefined variable: uid

Filename: models/model_register.php

Line Number: 31

Backtrace:

File: D:\AppServ\www\bilbo_ci\application\models\model_register.php
Line: 31
Function: _error_handler

File: D:\AppServ\www\bilbo_ci\application\controllers\page.php
Line: 47
Function: save

File: D:\AppServ\www\bilbo_ci\index.php
Line: 292
Function: require_once



RE: need help Message: Undefined variable - noobie - 05-18-2015


Hi,

I hope you are just learning and not selling any scripts or programming for money yet, the code you wrote is not safe, it is dangerous actually... but if you are just learning its okay for start, i'm practicing CI for +4 months and still learning security and still don't think i should write for money...

Please read the CodeIgniter's documents before starting to write, the whole point is to use all Framework functions so they can get updated if there are any issues, and also to protect us from mistakes, if you want to just use your own methods, then why use a framework at all?

1. You MD5 a password? and not even salted? please don't... AT THE VERY LEAST use sha256 with a random salt: hash('sha256', $password.$salt) and save salt in database too, even this is not enough but md5 is almost like plain text password today.

2. I noticed the part you use mysql_real_escape_string(), always use "Query Bindings" or CodeIgniter's "Active Record Class" for queries (both are well detailed in documents)

The code you wrote is already deprecated in PHP 5.5 (http://php.net/manual/en/function.mysql-real-escape-string.php)

3. Why did you use ` $this->db->where("email", $this->input->post("email")); ` before $q_profile ? i don't see you using it for anything, it's just an additional useless query

And more...


To answer your question, $uid is not defined,
also instead of all that queries you could just use insert_id()

PHP Code:
$query $this->db->insert("user"$data);

if(
$query){
 
$this->db->where("email"$this->input->post("email"));
 
$q_profile $this->db->query("SELECT id FROM user WHERE USERNAME ='{"mysql_real_escape_string($this->input->post('email')). "}' LIMIT 1");
 foreach (
$q_profile->result() as $p){
 
 
$uid $p->id;


simply use:

PHP Code:
$query $this->db->insert("user"$data);

if (
$this->db->affected_rows() < 1)
{
    return 
FALSE;
}

$uid $this->db->insert_id(); 


Please read User Guide first, don't be that lazy...

P.S. Consider using Ion Auth to handle your signup/login/passwords : http://benedmunds.com/ion_auth/


RE: need help Message: Undefined variable - setthawuth - 05-18-2015

hello noobie.
I,m new, I try to learning CI, your reply number 3 I forget delete sorry.
thank very much for your help, my problem resolved., I will try another

sorry english my bad.


RE: need help Message: Undefined variable - madaan_tushar - 05-25-2015

You can initialize $uid at the start like this:
$uid = '';