Data is updated in the database but with error

Question

In my system, I have a function to update the data. After I click 'update' button, the data is updated at the database, but it also displays an error like this:

PHP Notice: Undefined index: badgeid in C:\inetpub\wwwroot\tgotworker\pages\manage_engineer_admin\edit_engineer_admin.php on line 33

PHP Notice: Undefined variable: fullname in C:\inetpub\wwwroot\tgotworker\pages\manage_engineer_admin\edit_engineer_admin.php on line 210

PHP Notice: Undefined variable: roles_id in C:\inetpub\wwwroot\tgotworker\pages\manage_engineer_admin\edit_engineer_admin.php on line 220

PHP Notice: Undefined variable: roles_id in C:\inetpub\wwwroot\tgotworker\pages\manage_engineer_admin\edit_engineer_admin.php on line 221

PHP Notice: Undefined variable: team_id in C:\inetpub\wwwroot\tgotworker\pages\manage_engineer_admin\edit_engineer_admin.php on line 231

PHP Notice: Undefined variable: team_id in C:\inetpub\wwwroot\tgotworker\pages\manage_engineer_admin\edit_engineer_admin.php on line 231

Below is my code:

<?php
$sql = "";
require_once "../../config/configPDO.php";
require_once "../../config/check.php";

if(isset($_POST['update']))
{   
  $badgeid = $_POST['badgeid'];

  // checking empty fields
  if(empty($badgeid)) { 

    if(empty($badgeid)) {
      echo "<font color='red'>Fac_Name field is empty.</font><br/>";
    }

  } else {  
    //updating the badgeid
    $sql = "UPDATE users SET roles_id = :roles_id, team_id = :team_id WHERE badgeid = :badgeid";
    $query = $conn->prepare($sql);

    $query->bindParam(':roles_id', $_POST['roles_id']);
    $query->bindParam(':team_id', $_POST['team_id']);
    $query->bindParam(':badgeid', $_POST['badgeid']);
    $query->execute();

    //redirectig to the display page. In our case, it is index.php
    header("Location: ../dashboard/dashboard_super_admin.php");
  }
}

//getting id from url
$badgeid = $_GET['badgeid']; //line 33

//selecting data associated with this particular id
$sql = "SELECT * FROM users LEFT JOIN roles on users.roles_id = roles.roles_id WHERE badgeid = :badgeid";
$query = $conn->prepare($sql);
$query->execute(array(':badgeid' => $badgeid));
$rows = $query->fetchAll(PDO::FETCH_ASSOC);
foreach($rows as $row)
{
  $badgeid = $row["badgeid"];;
  $fullname = $row["fullname"];
  $roles_id = $row["roles_id"];
  $team_id = $row['team_id'];
  $roles_name = $row["roles_name"];
}

$smt = $conn->prepare("SELECT * FROM team");
$smt->execute();
$data = $smt->fetchAll();

?>

   <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="POST">
  <table class = "table table-bordered">
    <tr>
      <td width="20%"><b>Full Name</b></td>
      <td width="80%"><?php echo $fullname; ?></td> //line 210
    </tr>
    <tr>
      <td width="20%"><b>Badge ID</b></td>
      <td width="80%"><?php echo $badgeid; ?></td>
    </tr>
    <tr>
      <td width="20%"><b>Role</b></td>
      <td width="80%">
        <select class="form-control" name="roles_id">
          <option value="1" <?php echo $roles_id == '1'? 'selected': '';?> >Super Admin</option> //line 220
          <option value="2" <?php echo $roles_id == '2'? 'selected': '';?> >Engineer</option> //line 221
        </select>
        <input type="hidden" name="badgeid" value="<?php echo $badgeid ?>">
      </td>
    </tr>
    <tr>
      <td width="20%"><b>Team</b></td>
      <td width="80%">
      <select class="form-control" name="team_id">
      <?php foreach ($data as $row): ?>
        <option value="<?php echo $row["team_id"]; ?>" <?php echo $row["team_id"] == $team_id ? 'selected': ''; ?>><?php echo $row["team_name"]; ?></option> //line 231
      <?php endforeach ?>
      </select>
      <input type="hidden" name="badgeid" value="<?php echo $badgeid ?>">
      </td>
    </tr>  
  </table><br>
  <div align="center">
    <td><button class ="btn btn-primary btn-block" name="update" value="Update" onclick="update()">Update</button></td>
  </div>
</form>

Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/203887/discussion-between-radamel-falcao-and-hamza). — Radamel Falcao, Dec 09 '19 at 08:59
You are using `$_SERVER["PHP_SELF"]` for the form action. This will not pass the `badgeid` as a `$_GET` variable. If you want to keep the GET variables you should be using `$_SERVER['REQUEST_URI']` — Dimitris Filippou, Dec 09 '19 at 14:19

Dimitris Filippou · Answer 1 · 2019-12-09T14:37:05.167

1

The problem is that you are using $_SERVER["PHP_SELF"] as the form action.

This removes the $_GET variables from the redirected page which means that you will be redirected to eg index.php instead of index.php?badgeid=1

This as a result makes this line throw a notice $badgeid = $_GET['badgeid']; and makes your query to have no results so the rest variables are never initialized which in turn results to the rest notices you get.

In order to solve this you could be using $_SERVER['REQUEST_URI'] instead which will keep the variables or save and pass the badgeid by other means.

edited Dec 09 '19 at 14:37

answered Dec 09 '19 at 14:26

Dimitris Filippou

809
6
11

Can you see my another problem here https://stackoverflow.com/questions/59259039/json-error-cannot-login-the-android-apps – Radamel Falcao Dec 10 '19 at 01:44

Data is updated in the database but with error

1 Answers1