PHP/MYSQL-Undefined index:

Hey, first time posting here :slight_smile:
I am somewhat new to PHP and I am trying to make a basic login for a web app using PHP session. The login checks the userid and pw against a mysql table and if the user is valid it will bring up a menu. The table also has a boolean value called privileged which will determine if the user has access to certain options. I am trying to create a $_SESSION variable to store that value however I am getting an error “Notice: Undefined index: privileged in /opt/lampp/htdocs/pos/possession.php on line 12”
Here is where I check the table and create session variables:


<?php 
if (!(ctype_digit($user) && ctype_alnum($pass)))
	die("User ID and Password must be alphanumeric");
$pass=sha1($pass);
session_start();
require ("connect.php");
$dbselect=mysql_select_db("pos",$con);
if (!$dbselect)
	die ("Database not found".mysql_error());
$query="SELECT userid FROM user";
$query="SELECT userid FROM user
WHERE userid='$user' AND password='$pass'";
$result=mysql_query($query);
if (mysql_num_rows($result)){
	$query="SELECT firstName FROM user WHERE userid='$user'";
	$result=mysql_query($query);
	$row=mysql_fetch_array($result);
	$_SESSION['user']=$row['firstName'];
	$query="SELECT privileged FROM user WHERE userid='$user'";
	$result=mysql_query($query);
	$row=mysql_fetch_array($result);
	$_SESSION['privileged']=$row['privileged'] // <---- here is where I create the $_SESSION variable in question
	header("location:menu.php");}
else{
	echo "Invalid User ID/Password combonation";
	session_destroy();}
?>

And this is the SESSION script which I will be including on all my pages that require login


<?php
session_start();
if (!isset($_SESSION['user']))
	{
	header("location:logIn.php");
	die;
	}
else
	{
	$user=$_SESSION['user'];
	$privileged=$_SESSION['privileged']; //<--- this is line 12 which is generating the error
	}
?>

I can’t seem to figure out what is causing this. I have made sure the the name of the value in the table matches with what I have in the script including case sensitive. Any help would be appreciated.

Hello kyle32288,

1.) you are missing a semicolon at this line:

$_SESSION['privileged']=$row['privileged'] // <---- here is where I create the $_SESSION variable in question

2.) you can replace:

$query="SELECT firstName FROM user WHERE userid='$user'";
$query="SELECT privileged FROM user WHERE userid='$user'";

with one query, it could be:

$query="SELECT privileged, firstName FROM user WHERE userid='$user'";

3.) try to write

var_dump($row);

right before

$_SESSION['privileged']=$row['privileged']

and tell us, what it displays on your screen.

Jake

Something you can put in your script to help with troubleshooting is:


// use the next two lines for troubleshooting
 ini_set('display_errors',1);
 error_reporting(E_ALL | E_STRICT);

You will not want this running on your live system, but it will be a help is running down errors during your development phase.

The semicolon was the problem, seems to work as intended now thank you very much :). Thank you both for the tips I have consolidated the 2 queries into one as you suggested and I will try out the error reporting tip in the near future. Does the code look reasonably solid/well written for the most part? Do I have any big no-no’s in there?