There is an erro when i entered name doestn have in database,

annielee · December 1, 2013, 3:39am

its said
Notice: Undefined variable: sentmail in C:\xampp\htdocs\caliph collection\php_site\forgot_password_process.php on line 41. i cant find the problem

<?php session_start();
include "dbconnect.php"; //connects to the database
if (isset($_POST['username'])){
    $username = $_POST['username'];
    $query="select * from customer where customer_id='$username'";
    
    $result   = mysql_query($query);
    $count=mysql_num_rows($result);
    // If the count is equal to one, we will send message other wise display an error message.
    if($count==1)
    {
        $rows=mysql_fetch_array($result);
        $pass  =  $rows['password'];//FETCHING PASS
        //echo "your pass is ::".($pass)."";
        $to = $rows['email'];
        //echo "your email is ::".$email;
        //Details for sending E-mail
        $from = "CC";
        $url = "http://www.caliphcollection.com/";
        $body  =  " password recovery Script
        -----------------------------------------------
        Url : $url;
        email Details is : $to;
        Here is your password  : $pass;
        Sincerely,
        Caliph Collection";
        $from = "caliphcollection@gmail.com";
        $subject = "Password recovered";
        $headers1 = "From: $from\
";
        $headers1 .= "Content-type: text/html;charset=iso-8859-1\\r\
";
       
        $sentmail = mail ( $to, $subject, $body, $headers1 );
    } else {
    if ($_POST ['username'] != "") {
   echo "<span style='color: #ff0000;'> email not found.</span>";
        }
        }
    //If the message is sent successfully, display sucess message otherwise display an error message.
    if($sentmail==1)
    {
        echo "<span style='color: #ff0000;'> Your Password Has Been Sent To Your Email Address.</span>";
    }
        else
        {
        if($_POST['username']!="")
        echo "<span style='color: #ff0000;'> Cannot send password to your e-mail address.Problem with sending mail...</span>";
    }
}
?>
 
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Home: Webpage</title>
</head>
<body>
<form action="" method="post">
        <label> Enter your User ID : </label>
        <input id="username" type="text" name="username" />
        <input id="button" type="submit" name="button" value="Submit"/ >
        <input id ="reset" type='reset' value='Reset' />
       
    </form>
</body>
</html>

Mittineague · December 1, 2013, 3:59am

Hi annielee, welcome to the forums.

The variable is defined inside the if($count==1), not defined suggests that for some reason $count is not equal to 1
Is customer_id (is this not a numeric?) really equal to the user supplied $username?

annielee · December 1, 2013, 4:24am

yeah since i just want to make it alert that if the email is in the database it will success sent to email
if not just alert not in database.
thats mean

 if($count==1)

change to

 if($count!==1)

i know, it look, weird. but T_T im in hot soup now.

SpacePhoenix · December 1, 2013, 7:23am

Please be aware that the mysql_* extension is now deprecated as of the current version of PHP and will very likely be removed from the next 5.x version and will likely not be in PHP 6.x (when it eventually is released). You should migrate over to either the mysqli_* extension or to PDO. PDO is a better choice as it doesn’t tie you down so much to a particular database server software.

Once you have migrated you should use Prepared Statements to prevent SQL Injection attacks. Have a read of this article from the PHP manual, it shows how to use prepared statements with PDO and also explains the principle.

lorenw · December 1, 2013, 6:45pm

an easy fix would be, change


session_start();

to

session_start();
$count = '';

Your error means the script is looking for $count but it doesn’t exist.
Better yet.


if($count==1)

to

if(isset($count) && $count==1)