Notice: Undefined index for all fields in my database-Collection of common programming errors

• Use isset to check if they exist before using any index on $_POST or $_GET.

  if (isset($_GET['id'])) {
    $results->execute(array(
      ':id' => $_GET['id'],
    ));
  }
  
  ...
  
  ':id' => isset($_POST['id']) ? $_POST['id'] : '',
  ':firstname' => isset($_POST['firstname']) ? $_POST['firstname'] : '',
  // and so on
  ...
  

• You code does not make any sense: When $_POST['submit'] ) is set, you redirect to another page so the code that uses the POST variables will run when $_POST['submit'] ) is not set.

  This is what it looks like to php:

  if (isset($_POST['submit'] ))
  {
     header("Location: template/header.php");
  }
  
  $update = $dbh->prepare('UPDATE details SET firstname = :firstname, surname = :surname, houseno = :houseno, street = :street, town= :town,
         county = :county, postcode = :postcode,  mobile = :mobile, nickname = :nickname, website = :website,
         homephone = :homephone WHERE id = :id');
  $update->execute(array(
      ':id' => $_POST['id'],
      ':firstname' => $_POST['firstname'],
      ':surname' => $_POST['surname'],
      ':houseno' => $_POST['houseno'],
      ':street' => $_POST['street'],
      ':town' => $_POST['town'],
      ':county' => $_POST['county'],
      ':postcode' => $_POST['postcode'],
      ':mobile' => $_POST['mobile'],
      ':nickname' => $_POST['nickname'],
      ':website' => $_POST['website'],
      ':homephone' => $_POST['homephone'],    
  ));
  
  $row = $results->fetch();
  

  What exactly is the header call for?

  By the way, you probably want something like this:

  require 'server.php';
  
  if (isset($_POST['submit'] ))
  {
    $update = $dbh->prepare('UPDATE details SET firstname = :firstname, surname = :surname, houseno = :houseno, street = :street, town= :town,
         county = :county, postcode = :postcode,  mobile = :mobile, nickname = :nickname, website = :website,
         homephone = :homephone WHERE id = :id');
    $update->execute(array(
      ':id' => $_POST['id'],
      ':firstname' => $_POST['firstname'],
      ':surname' => $_POST['surname'],
      ':houseno' => $_POST['houseno'],
      ':street' => $_POST['street'],
      ':town' => $_POST['town'],
      ':county' => $_POST['county'],
      ':postcode' => $_POST['postcode'],
      ':mobile' => $_POST['mobile'],
      ':nickname' => $_POST['nickname'],
      ':website' => $_POST['website'],
      ':homephone' => $_POST['homephone'],    
    ));
  
    // show message or something
  }
  else
  {
    // normal get request, nothing posted
    $results = $dbh->prepare('SELECT * FROM details WHERE id = :id');
    $results->execute(array(':id' => $_GET['id'],
       ));
    $row = $results->fetch();
  
    // show rest of the page
  }
  

Originally posted 2013-11-09 23:33:59.