I am developing a web application using php 7 on an IIS web host and I am finding that my web form variables are not available to the php code that is invoked from the form.
The code seems to work when I use Apache as my web server but not in IIS.
I get the “Undefined index” when I use the $_REQUEST[‘variablename’] syntax.
If I use the ISSET function, the variable is not defined.
I’m sure I must be missing something very obvious but would be grateful for some help with how to diagnose the problem.
Login_form.php
SD Login <!--
<style>
body background-image url("norbg.jpg");
</style>
-->
</head>
<body>
<div class="c1">
<!-- <div> -->
<!-- Creating form to post to self<br> -->
<form method="post" action="process_supplier.php">
<p style = "font-family : Arial; font-weight : bold;"><h1>Login to Supplier Declaration Portal</h1></p>
<br>
<table cellpadding="0" cellspacing="0">
<tr>
<td>
<label for="userid" >User id:</label>
</td>
<td>
<input type="text" placeholder="Enter User id" name="userid" required>
</td>
</tr>
<td>
<label for="password">Password:</label>
</td>
<td>
<input type="password" name="supplierpw" required id="supplierpw">
</td>
</tr>
<td>
<!--Reset button?-->
</td>
<td>
<button type="submit" formaction="process_supplier.php">Login</button>
</td>
</tr>
</table>
<?php
// $Query = "SELECT sup_code, sup_name, sup_email_add from suppliers order by sup_code";
// print("The sql query is " .$Query ."\n");
// Debugging line. Uncomment the line above to debug.
?>
</div>
</body>
process_supplier.php
IntroSupplier declarations - Supplier confirmation
<?php
// Get the user input from the login form and save in variables.
// session_start();
/*
if (isset($_POST['userid']) && isset($_POST['supplierpw']) )
{
$sup_code = $_REQUEST['userid'];
$password = $_REQUEST['supplierpw'];
$_SESSION['sup_code'] = $sup_code;
echo "Hello " .$sup_code;
}
else
{
// One or both user id and password were not passed to go back to the login form.
header( "Location: login_form.php");
}
*/
print_r($_REQUEST);
// $sup_code = $_REQUEST['userid'];
// $sup_password = $_REQUEST['supplierpw']; // NOTE: This is the name of the input box not the id.
// 23-OCT-2018 TEMP COMMENTED
// $_SESSION['sup_code'] = $sup_code;
// print("Suppler ID: " .$sup_code ." Password: " .$sup_password ."<br/>");
// Debugging line
// A script to confirm a supplier's authentication.
require_once("Scripts/dbconnectmysqli.php");
// Attempt to connect to the MySQL database called supplier_declarations
// as the user ReportView
try
{
$mysqli = new mysqli($Host, $User, $Password, $DBName, 3306);
}
catch (Exception $e)
{
echo "Failed to connect to the database " .$DBName ." as the user " .$User ." on port 3306.<br/>";
echo "Error message: " .$e->getMessage();
}
if ($mysqli->connect_errno)
{
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
else
{
// Debugging lines
// echo $mysqli->host_info . "\n<br/>";
// echo "Connected to the supplier_declarations database";
}
// print("<br/>Reading data in process_supplier.php<br/>\n");
// Now execute the select query and output some columns to the page.
$sql = "SELECT id,sup_code,sup_name,sup_email_add,password from suppliers where sup_code ='" .$sup_code ."'";
$result = $mysqli->query($sql);
// $row = $result->fetch_assoc();
// $num_rows = $result->num_rows;
// 23-OCT-2018 TEMP COMMENTED
// print("<br>Number of rows returned = " .$num_rows ." .<br/>");
// print($row["id"] ." " .$row["sup_code"] ." " .$row["sup_name"] ." " .$row["sup_email_add"] ." Password = " .$row["password"] ."<br/>");
// print("The password you entered was " .$sup_password ."<br/>" );
// print (" The md5 password is " .md5($sup_password)."<br/>");
// Debugging lines above.
// if ($num_rows == 1)
// {
// Assign a session variable
$_SESSION['sup_code'] = $sup_code;
// Check for a password match.
if ($row["password"] == md5($sup_password))
{
// echo 'ok<br/>';
}
else
{
// echo 'Not OK.<br/>';
header("Location: login_form.php");
// exit();
}
// The supplier has successfully logged in.
// So display the welcome message.
//=========================================
print("<br/><b>Welcome " .$row["sup_name"] .".</b>(" .$sup_code .")<br/>");
print("Email address: " .$row["sup_email_add"] ."<br/><br/>");
// print("The session sup_code is ".$_SESSION['sup_code'] ." which should be the same as the supplier code.<br/><br/>");
// Debugging line.
// mysqli->close();
echo "As an export company Norbar has to comply with statutory provisions on international trade.
This means that, amongst other things, we are obliged to collect and to hold evidence of the origin of goods that we export as we may be asked to show this information to customs authorities.
In addition, in order for us or our customers to claim preferential duty rates on import to countries with which the EU has a preferential trade agreement, we need to know whether the goods you supply to us originate in the European Union and satisfy the rules of origin governing preferential trade with the countries to which we export.";
echo "<br/><br/>
There are two types of origin rules in international trade
<br/>";
echo "<ul>
<li><a href=\"nonpref_origin.htm\">Non-preferential origin </a></li>
<li><a href=\"pref_origin.htm\">Preferential origin </a></li>
</ul>";
echo "In order to make it easier for you to provide us with this information, we have developed this portal.<br/>";
//
// For each part number that you supply to Norbar, please supply BOTH the country of origin of that part from the drop down list provided AND tell us whether or not that part satisfies the rules of origin governing preferential trade between the EU and all the countries listed <a href=“countries.htm”>here.
//
// Click “Edit All” to assign the same country of origin to every part that you supply to Norbar. Alternatively (or in addition to this) you may select a part using the radio button on the right and then click the “Edit” button.
//
// You can stop and SAVE your results at any time. However please do not click SUBMIT until you have completed all the information requested.
//
";
// echo "<!-- <form action=\"process_supplier_parts_v2.php\" method=\"post\">-->;
echo "<form action=\"process_supplier_parts.php\" method=\"post\">";
// print('<input type=\"hidden\" name=\"sup_code\" value="'.htmlentities($sup_code).'\">');
print('<input type="hidden" name="sup_code" value="'.$row["sup_code"] .'">');
print('<input type="hidden" name="sup_name" value="'.$row["sup_name"] .'">');
// Code to check if all parts for the current supplier have been updated with country of origin etc.
$sql = "SELECT id,partcode,supplier,pma_proc_code,EU_Pref,Country_of_Origin from parts where supplier ='" .$sup_code ."' AND Country_of_Origin IS NULL";
$result = $mysqli->query($sql);
// $row = $result->fetch_assoc();
$num_rows = $result->num_rows;
// print("<br/>Number of rows returned = " .$num_rows ." .<br/>");
// Debugging line
if ($num_rows == 0)
{
// No null countries therefore ok to submit
// echo "<br/>There are no outstanding parts to be edited.<br/>";
}
else
{
// One or more parts have not had a country of origin assigned.
// echo "<br/>There are " .$num_rows ." parts that have not been assigned a country of origin.<br/>";
}
echo '<div id="sup_part">';
// echo '<br/>Press Continue if the details are correct.';
// Remove the 'press continue' text, 22-Oct-2018
// if ($num_rows == 0)
// {
// echo '<input type="submit" name="btn_submit" value="SUBMIT" />';
// }
// Removed the SUBMIT button as requested by Catherine Rohll, 22-Oct-2018
echo '<input type="submit" name="btn_submit" value="Continue" />';
echo '</div>';
echo '</form>';
?>
<!-- <form action=\"process_supplier_parts_v2.php\" method=\"post\">-->
<!--
<form action="process_supplier_parts.php" method="post">
-->
<?php
// print('<input type="hidden" name="sup_code" value="'.htmlentities($sup_code).'">');
// print('<input type="hidden" name="sup_code" value="'.$row["sup_code"] .'">');
// print('<input type="hidden" name="sup_name" value="'.$row["sup_name"] .'">');
?>
<!--
<div id="sup_part">
// <br/>Press <b>Continue</b> to declare the countries of origin for each part that you supply to Norbar.
-->
<!-- <input type="submit" name="btn_submit" value="PDF" /> -->
<!--
<input type="submit" name="btn_submit" value="SUBMIT" />
<input type="submit" name="btn_submit" value="Continue" />
</div>
</form>
-->
<!--
// }
// else
// {
// echo "<h1>User ID was not found</h1>";
// }
-->
</div>
</BODY>