Questions that are too localized (such as syntax errors, code with restricted access, hacked sites, hosting or support issues) are not in scope. See how do I ask a good question?

Closed 4 years ago.

I know that there is a very old answer that details unidentified index but using the methods there I can not figure out how to make isset work with the code I have. It is below but doesnt solve the issue.

Plus it my error is paired with the PREPARE error AND the fact that my understanding is that answer with ISSET is NOT a safe way anymore to prevent SQL injections. Someone please correct me if I am wrong. As per request I have also included the entire error message.

I am getting a couple of errors with the code below and am not sure why it thinks this isnt prepared properly. Can anyone shed light on this for me? Thanks.

for each line that has a $POST, it is telling me that the "Notice: Undefined index"

     if (!empty($_POST)) {
        global $wpdb;
        $table = "mytablenameplaceholder";
            if(isset($_POST['name']) && isset($_POST['emailaddress'])){
  $number1 = $_POST['name']; 
  $message = $_POST['emailaddress']; 
  $message = urlencode($message); 
        $data = array(
            'name' => $_POST['name'],
            'emailaddress'    => $_POST['emailaddress'],
            'phonenumber'    => $_POST['phonenumber']
        );
        $format = array(
            '%s',
            '%s'
        );
        $success=$wpdb->insert( $table, $data, $format );
        if($success){
            echo 'data has been saved' ; 
        }
    } else {
?>
    <form action="" method="post" >
        <input type="text"  id="name" name="name" value="John">
        <input type="text" name="email">
        <input type="text" name="phonenumber">
        <input type="submit">
    </form>
<?php
    }

I am also receiving a "Notice: wpdb::prepare was called incorrectly." notice despite not having a prepare statement currently in the code. I know I need to add it.

Questions that are too localized (such as syntax errors, code with restricted access, hacked sites, hosting or support issues) are not in scope. See how do I ask a good question?

Closed 4 years ago.

I know that there is a very old answer that details unidentified index but using the methods there I can not figure out how to make isset work with the code I have. It is below but doesnt solve the issue.

Plus it my error is paired with the PREPARE error AND the fact that my understanding is that answer with ISSET is NOT a safe way anymore to prevent SQL injections. Someone please correct me if I am wrong. As per request I have also included the entire error message.

I am getting a couple of errors with the code below and am not sure why it thinks this isnt prepared properly. Can anyone shed light on this for me? Thanks.

for each line that has a $POST, it is telling me that the "Notice: Undefined index"

     if (!empty($_POST)) {
        global $wpdb;
        $table = "mytablenameplaceholder";
            if(isset($_POST['name']) && isset($_POST['emailaddress'])){
  $number1 = $_POST['name']; 
  $message = $_POST['emailaddress']; 
  $message = urlencode($message); 
        $data = array(
            'name' => $_POST['name'],
            'emailaddress'    => $_POST['emailaddress'],
            'phonenumber'    => $_POST['phonenumber']
        );
        $format = array(
            '%s',
            '%s'
        );
        $success=$wpdb->insert( $table, $data, $format );
        if($success){
            echo 'data has been saved' ; 
        }
    } else {
?>
    <form action="" method="post" >
        <input type="text"  id="name" name="name" value="John">
        <input type="text" name="email">
        <input type="text" name="phonenumber">
        <input type="submit">
    </form>
<?php
    }

I am also receiving a "Notice: wpdb::prepare was called incorrectly." notice despite not having a prepare statement currently in the code. I know I need to add it.

• php
• posts
• mysql

• The error messages are about a different code. You can tell that by the index partysize that isn't even in there. – fuxia ♦ Commented Sep 23, 2020 at 5:09

1 Answer 1

I saw in your code the $_POST['phonenumber'] doesn't check isset so may be this is an error you try to find. I think you can try this

if (!empty($_POST)) {
        global $wpdb;
        $table = "mytablenameplaceholder";
            if(isset($_POST['name']) && isset($_POST['emailaddress'])){
  $number1 = $_POST['name']; 
  $message = $_POST['emailaddress']; 
  $message = urlencode($message); 

  //process phonenumber
  $phonenumber= '';
  if(isset($_POST['phonenumber'])){
    $phonenumber = $_POST['phonenumber'];
  }
  //END - process phonenumber

        $data = array(
            'name' => $_POST['name'],
            'emailaddress'    => $_POST['emailaddress'],
            'phonenumber'    => $phonenumber
        );
        $format = array(
            '%s',
            '%s'
        );
        $success=$wpdb->insert( $table, $data, $format );
        if($success){
            echo 'data has been saved' ; 
        }
    } else {
?>
    <form action="" method="post" >
        <input type="text"  id="name" name="name" value="John">
        <input type="text" name="email">
        <input type="text" name="phonenumber">
        <input type="submit">
    </form>
<?php
    }