Undefined Variable PHP + MySQL -


i know stackoverflow disapproves of repeat questions, bear me have scanned many similar questions without finding specific resolutions me. (mostly mention things avoiding database insertions)

i encounter these error messages:

here db connection success notice: undefined variable: firstname in  c:\xampp\htdocs\practice_connection_app\submit.php on line 10  notice: undefined variable: lastname in  c:\xampp\htdocs\practice_connection_app\submit.php on line 10  notice: undefined variable: conn in   c:\xampp\htdocs\practice_connection_app\submit.php on line 11  fatal error: call member function exec() on null in c:\xampp\htdocs\practice_connection_app\submit.php on line 11 

the first result shows have connected database made using phpmyadmin.

here relevant code (my html submission page calls on php action):

<!doctype html> <html>     <head>         <meta charset="utf-8">         <title>student info</title>     </head>     <body>         <br>         enter first name , last name in corresponding boxes.         <br>         <form  action="submit.php" method="post">             first: <input type="text" name="firstname"/>         <br>             last: <input type="text" name="lastname"/>         <br>         <input type="submit">         </form>       </body> </html> 

the database connection (i think)

<?php echo 'here';     $dsn = 'mysql:host=localhost;dbname=practice_students';     $username = 'test_usr';     $password = 'pa55word';      try {         $db = new pdo($dsn, $username, $password);         echo 'db connection success';     } catch (pdoexception $e) {         $error_message = $e->getmessage();         include('database_error.php');         exit();     }  ?> 

and php submit page

<?php echo 'here ';     $dsn = 'mysql:host=localhost;dbname=practice_students';       try {         $db = new pdo($dsn);         echo 'db connection success';         $sql = "insert people (firstname, lastname)                values ('$firstname', '$lastname')";         $conn->exec($sql);         echo "now know name! hi," . " " . $firstname . " " . $lastname;     } catch (pdoexception $e) {         $error_message = $e->getmessage();         include('database_error.php');         exit();     } ?> 

i understand may need 'cleaning up' avoid database insertions, know how can ensure submissions going database , can returned.

thanks in advance!

not sure manual ahve been reading end code....

you need access post variables (using $_post['firstname']) after sanitizing them of course....

edit:

to access posted variable, can following:

$firstname = $_post['firstname']; 

but need santization going on, use php's filter_var:

$firstname = filter_var($_post['firstname'], filter_sanitize_string); 

though, can better that, , strict in allow through filters / sanitizers... please go investigate part after code "working" :)


Comments

Popular posts from this blog

account - Script error login visual studio DefaultLogin_PCore.js -

xcode - CocoaPod Storyboard error: -