0

I try to update the data making use of checkboxes. But when one or more of the checkboxes is not checked, a notice is returned:

Notice: Undefined index: stats2 in E:\wamp\www\HOSPITAL\update.php on line 12

Notice: Undefined index: stats3 in E:\wamp\www\HOSPITAL\update.php on line 12

Notice: Undefined index: stats5 in E:\wamp\www\HOSPITAL\update.php on line 12

<?php
    $con = mysql_connect("localhost","root","");
    if (!$con)
      {
      die('Could not connect: ' . mysql_error());
      }

    mysql_select_db("Hospital", $con);




       mysql_query("UPDATE t2 SET HOSPNUM ='$_POST[hnum]', ROOMNUM='$_POST[rnum]', ADDATE= '$_POST[ad8]', ADTIME='$_POST[adtym]', LASTNAME='$_POST[lname]', FIRSTNAME='$_POST[fname]', MIDNAME='$_POST[mname]', CSTAT='$_POST[cs]', AGE='$_POST[age]', BDAY='$_POST[bday]', ADDRESS='$_POST[ad]', SEX='$_POST[sex]', 
                                                                                                                                                                                                                                                                                                               STAT='$_POST[stats1]', STAT2='$_POST[stats2]', STAT3='$_POST[stats3]', STAT4='$_POST[stats4]', STAT5='$_POST[stats5]', STAT6='$_POST[stats6]', STAT7='$_POST[stats8]', STAT8='$_POST[stats8]', NURSE='$_POST[nurse]'              
        WHERE TELNUM ='$_POST[telnum]'");



    mysql_close($con)
    ?>

Could you help me, so that the notice would not show up?

Improve this question

5 Answers 5

Reset to default
1

This is the defined behavoir for checkboxes - only when set are they included in the form data.

You should use isset() to determine if the checkbox is ticked.

change it to

STAT='".isset($_POST['stats1']).", 
STAT2='".isset($_POST['stats2']).", 
STAT3='".isset($_POST['stats3']).", 
STAT4='".isset($_POST['stats4']).",  
STAT5='".isset($_POST['stats5']).", 
STAT6='".isset($_POST['stats6']).", 
STAT7='".isset($_POST['stats8']).", 
STAT8='".isset($_POST['stats8'])."

Another workaround which works is to add a hidden variable, with the same name, before the checkbox: e.g.

<form action='t1.php' method='post'>
<input type='hidden' name="cb1" value="0">
<input type='checkbox' name="cb1" title='test'>
<input type='submit'  >
</form>
<?php 
print_r($_POST);
?>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thanks, this trick works. I really could learn some good techniques in here
1

The $_POST array doesn't contain a stats2 index. This is because when a checkbox is not checked it will not be included in the post request.

If the form elements are static then you can just check to see if they are set: Replace STAT6='$_POST[stats6]' with STAT6=(array_key_exists('stats6', $_POST)).

If the form elements are generated dynamically, eg:

foreach($students as $student)
{ 
    echo "<input element='checkbox' name='student-is-present-{$value}'>";
}

then include a hidden element in the form so that you can determine what's checked and what's not checked:

foreach($students as $student)
{ 
    echo "<input element='hidden' name='student-{$value}' value='student-is-present-{$value}'>";
    echo "<input element='checkbox' name='student-is-present-{$value}'>";
}

You should quote the array keys. Eg use $_POST['stats5'] instead of $_POST[stats5]. Your SQL is open to SQL injection too. To avoid this you should escape the data with a function like mysql_real_escape_string().

Improve this answer

Comments

0

When you have a checkbox on a form its value is only sent to the server if the box is ticked. If it is not ticked then that key won't exist in the $_POST array, hence the errors you are seeing.

Improve this answer

Comments

0

You should also sanitize the input with mysql_real_escape_string to prevent mysql injection.

Improve this answer

Comments

0

you should not use POST and GET variables directly in your array. you should clean them, search for mysql injection to find out more :

$hnum = isset($_POST['hnum']) ? mysql_real_escape_string($_POST['hnum']) : '';

and then use those variables. This way you avoid mysql injection and resolve those notices

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.