php - help me to resolve the below error

Question

Notice: Undefined index: subject in /var/www/mailer.php on line 12 Notice: Undefined index: message in /var/www/mailer.php on line 13 Notice: Undefined index: from in /var/www/mailer.php on line 14 Notice: Undefined index: verif_box in /var/www/mailer.php on line 15 Notice: Undefined index: tntcon in /var/www/mailer.php on line 23 no variables received, this page cannot be accessed directly

BELOW IS THE CODE

<?php

ini_set('display_errors',1);
error_reporting(E_ALL|E_STRICT);

// -----------------------------------------
//  The Web Help .com
// -----------------------------------------
// remember to replace [email protected] with your own email address lower in this code.

// load the variables form address bar
$subject = $_POST["subject"];
$message = $_POST["message"];
$from = $_POST["from"];
$verif_box = $_POST["verif_box"];

// remove the backslashes that normally appears when entering " or '
$message = stripslashes($message);
$subject = stripslashes($subject);
$from = stripslashes($from);

// check to see if verificaton code was correct
if(md5($verif_box).'a4xn' == $_COOKIE['tntcon']){
    // if verification code was correct send the message and show this page
    mail("[email protected]", 'TheWebHelp.com Form: '.$subject, $_SERVER['REMOTE_ADDR']."\n\n".$message, "From: $from");
    // delete the cookie so it cannot sent again by refreshing this page
    setcookie('tntcon','');
} else if(isset($message) and $message!=""){
    // if verification code was incorrect then return to contact page and show error
    header("Location:".$_SERVER['HTTP_REFERER']."?subject=$subject&from=$from&message=$message&wrong_code=true");
    exit;
} else {
    echo "no variables received, this page cannot be accessed directly";
    exit;
    }
?>

Answer 1

The error is simply because the message $_POST array does not have a key called 'message'. It probably comes from the fact that the form has not been submitted. The error is only a notice and won't stop the program from working.

Answer 2

You should check what $_POST contains before you address some particular fields, take a look at the isset function. Or simply turn off display_errors ;)

Answer 3

Check user-submitted data

$subject = (isset($_POST["subject"]) ? $_POST["subject"] : '');
$message = (isset($_POST["message"]) ? $_POST["message"] : '');
$from = (isset($_POST["from"]) ? $_POST["from"] : '');
$verif_box = (isset($_POST["verif_box"]) ? $_POST["verif_box"] : '');

You can even make your own function to do that

function checkPost($fieldname)
{
  return (isset($_POST[$fieldname]) ? $_POST[$fieldname] : '');
}

And then do

$subject = checkPost("subject");

I recommend as well that you check required POST fields

if (!isset($_POST["xxx"]) || trim($_POST["xxx"]) == '')
{
  // throw exception, display error...
}

etc.

FYI, instead of using stripslashes() to avoid "magic_quotes", you can use a simple function such as this one http://snippets.dzone.com/posts/show/5256 which will do the job for all fields.

Answer 4

It seems that you call this PHP file without submitting a form via the POST method. Make sure that your mailing form has the proper method set:

<form method="POST" action="yourfile.php">
etc.
</form>

You should also sanitize the user input before calling mail() (i. e. remove newlines and tags), otherwise you are calling for trouble.

Answer 5

Your $_POST and $_COOKIE arrays do not contain those indexes.

Do:

print_r($_POST);
print_r($_COOKIE);

to see what is contained in those arrays

Answer 6

Are you sending the required variables to this script?

Answer 7

foreach(array('subject', 'message', 'from', 'verif_box') as $val)
{
    if (isset($_POST[$val]))
    {
        $$val = trim($_POST[$val]);
        continue;
    }

    // some sort of error checking, like telling the end user that
    // not all fields were correctly given
}