$_POST problem

dpluth

Hi all,

I think I'm just missing something obvious as I have this working on other parts of my website. I have a basic login script with register globals turned off.

The login screen code looks like this...

<?
session_start();

$db = mysql_pconnect("10.6.3.140", "stuff", "zzzz") ;

if(!$db)
{
echo "Error: Could not connect to database. Please try again later.";
exit;
}

mysql_select_db("security")
?>

<html>
<head>
<title>Login</title>
</head>
<?

/ If the login form was filled out, run this code
If the from hasn't been filled out yet, jump to the
next CFELSE and display the form. /

/  /
/echo '<body onload="document.frm.UserName.focus();">';/
echo '<body background="security.gif">';
echo '<font face="Arial">';
echo '<br> <br> <br> <br> <br> <br>';
echo '<table align="center" border="1" bgcolor="ffffff">';
echo '<tr><td colspan="2" bgcolor="e5e5e5" align="center"><font color="##990033" size="+1" face="Arial"><strong>System Login</strong></font></td></tr>';
echo '<FORM name="frm" method="post" action="sec_login_update.php"> ' ;
echo '<tr> ';
echo '<td><strong><font size="-1">User Name:</font></strong></td>';
echo '<td><INPUT type="text" name="uname"></td>';
echo '</tr>';
echo '<tr>';
echo '<td><strong><font size="-1">Password:</font></strong></td>';
echo '<td><INPUT type="Password" name="pass" maxlength="10"></td>';
echo '</tr>';
if (isset($pagename))
{
echo '<input type="hidden" name="zpagename" value="'.$pagename.'">';
}
echo '<tr>';
echo '<td colspan="2" align="center">';
echo '<INPUT type="submit" value="Log In">';
echo '</td>';
echo '</tr>';
echo '</FORM>';
echo '</table>';

</font>

</body>
</html>

The sec_login_update.php code in question looks like this....

<?
session_start();
session_register("s_username", "s_loginname", "s_location", "s_password",
"s_misc1", "s_misc2", "s_misc3", "s_misc4", "s_misc5", "s_misc6", "s_misc7", "s_misc8",
"s_misc9", "s_misc10", "s_misc11", "s_pagename", "s_email", "s_loggedin", "s_pagelocation");

$db = mysql_pconnect("10.6.3.140", "root", "") ;

if(!$db)
{
echo "Error: Could not connect to database. Please try again later.";
exit;
}

mysql_select_db("security");

$username = $POST["uname"];
$password = $POST["pass"];

/ more code follows /

When I do this I get the following error messages...

Notice: Undefined index: uname in c:\inetpub\wwwroot\php_security\sec_login_update.php on line 19

Notice: Undefined index: pass in c:\inetpub\wwwroot\php_security\sec_login_update.php on line 20

What am I missing? I just know it's something stupidly simple.

Thanks in advance for any help you can lend.

-Dave

Erkilite

you might want to try setting a value attribute for the input fields.

<input type="text" name="uname" value="" />

you also might want to try something like this

if(isset($_POST['uname'])) $username=$_POST['uname'];

also your <form> and </form> tags are inside the table, you should move them outside of the table.

Weedpacket

If a field is empty, it's not included in the submitted request (the rules about what gets submitted from a form are described here). As Erkilite notes, you should check to see if something was submitted (with [man]isset[/man] or [man]empty[/man]) for each field before trying to use it.