When I log in with a user that is not 'admin', a form should appear to update the total_expense. Well, when I put the data, and I give the submit, I get two errors
Notice: Undefined index: user in C:\xampp\htdocs\exam\validar_client.php on line 5 Notice: Undefined index: password in C:\xampp\htdocs\exam\validar_client.php on line 6
Why do I get these two errors? I do not understand, what is it that I get the username and password.
This is the repository https://github.com/blugnomeXD/exam
<?php
include('biblioteca.php');
$usuario =$_POST['usuario'];
$password =$_POST['password'];
$consulta ="SELECT usuario,pass FROM clientes WHERE usuario ='$usuario' AND pass ='$password'";
$allusers = "SELECT * FROM clientes";
$showUser ="SELECT * FROM clientes WHERE usuario ='$usuario' AND pass ='$password'";
$rest_consulta =mysqli_query($conexion,$consulta);
$fila = mysqli_fetch_array($rest_consulta,MYSQLI_ASSOC);
//Modificar
if($fila==true){
if($usuario=='admin'){
echo "<h1>Tus datos de cuenta</h1>";
$show_users =mysqli_query($conexion,$allusers);
while($fila_registro = mysqli_fetch_array($show_users,MYSQLI_ASSOC)){
echo '<table> ';
echo '<tr>';
echo '<th>'. $fila_registro['usuario'] . '</th>' ;
echo '<th>'. $fila_registro['pass'] . '</th>' ;
echo '<th>'. $fila_registro['nombre'] . '</th>' ;
echo '<th>'. $fila_registro['apellido1'] . '</th>' ;
echo '<th>'. $fila_registro['apellido2'] . '</th>' ;
echo '<th>'. $fila_registro['telefono'] . '</th>' ;
echo '<th>'. $fila_registro['total_gastado'] . '</th>' ;
echo '<tr>';
echo '</table>';
}
}else{
$show_user =mysqli_query($conexion,$showUser);
while($fila_registro = mysqli_fetch_array($show_user,MYSQLI_ASSOC)){
echo "<h1>Tus datos de cuenta</h1>";
echo '<table> ';
echo '<tr>';
echo '<th>'. $fila_registro['usuario'] . '</th>' ;
echo '<th>'. $fila_registro['pass'] . '</th>' ;
echo '<th>'. $fila_registro['nombre'] . '</th>' ;
echo '<th>'. $fila_registro['apellido1'] . '</th>' ;
echo '<th>'. $fila_registro['apellido2'] . '</th>' ;
echo '<th>'. $fila_registro['telefono'] . '</th>' ;
echo '<th>'. $fila_registro['total_gastado'] . '</th>' ;
echo '<tr>';
echo '</table>';
}
echo "<hr>";
echo "<form method='POST' action='validar_cliente.php'>
<label for='dinero'>Dinero:</label><input type='text' name='dinero'>
<input type='submit' value='Actualizar'> </form>";
}
}
/*
if($fila<=0){
//modificar
echo 'modificar';
}*/
mysqli_close($conexion);
?>
---
El formulario donde ingreso la información del usuario es el siguiente
<form action="validar_cliente.php" method="POST">
<label for="usuario">Usuario: </label><input type="text" name="usuario"> <br>
<label for="password">Contraseña: </label><input type="text" name="password"> <br>
<input type="submit" value="Ingresar">
</form>
Ahi hay algún error?
Por que por ejemplo, cuando voy a ingresar un login, funciona bien me sale todo como yo quiero.
Hay otra cosa que me pasa, y es en este formulario que lo hago atraves de PHP, me salta el error Notice: Undefined variable: dinero in C:\xampp\htdocs\examen\validar_cliente.php on line 75
Por qué sale como que no lo tengo definido, si lo he puesto en el formulario?
````
echo "<form name='formulario' method='post' action='validar_cliente.php'>
Dinero <input type='text' name='dinero' >
<input type='submit'></form>";
$dinero=$_POST['dinero'];
$update = "UPDATE clientes SET total_gastado = total_gastado+($dinero) WHERE usuario ='$usuario' AND pass='$password'";
Add this code before the
include:The error you mention appears because, probably, you are not sending the data correctly from the form that asks for your credentials and you are using variables that have not yet been created. Try it like this and let me know.
I simply check that the variable has been initialized, and if not, display the form that will generate it when the web calls itself. By default the
actiondel attributeformis directed to the same php script.In order for us to help you, remember that it is better to select the code snippets that do not work as you expect. This way you will receive an answer much sooner. Please note that there are many things in your code that we cannot test, such as library.php or the database.
Warning : Pay close attention to code injection vulnerabilities. In successive versions, you should at least parameterize the queries.
(To complete @david JP's answer)
The problem you have in your code is that, once the total_expense form appears, you put the value and send, it turns out that you are sending that message (only the money field) to the SAME PHP. In your case, the first thing you do is validate the user/pass, and since this last form ONLY sends the money field, the error "undefined index" appears in the $_POST variable.
To fix it, you have several options. @david JP's solution is correct. (add a check and put an exit)
Another solution would be for you to send the form (change the action="validar_cliente.php") to another php file that would actually manage the expense issue. For example, you could make a "validar_gastos.php" that would do the corresponding update.
If you realize, you are mixing logic to validate the user (this should be done by a specific file) and logic of expenses (which will be an accounting thing, not related to the logic of validating user). You must be careful of those things (apart from the fact that you are mixing process logic with presentation. I recommend that you review MVC and some framework, so you can see how these issues are solved.