undefined Variable PHP

[bunny16]

<?php


if(isset($_POST["login"])){

function validate($input){
	
	$input = trim(stripslashes(htmlspecialchars($input)));
		
	
	return $input;
	}
	
	
$formuser = validate($_POST["username"]);
$formpass = validate($_POST["password"]);
	


}

include("conn.php");



$sql = "SELECT username,email,password FROM login WHERE username='$formuser'";

$result = mysqli_query($conn,$sql);


if(mysqli_num_rows($result) > 0){
	

while($row = mysqli_fetch_assoc($result)){
	
	$user =  $row["username"];
	$email = $row["email"];
	$hashpass =  $row["password"];
	
	}
}
	
	
	if( password_verify($formpass,$hashpass)){
		
		session_start();
		
		$_SERVER['loggeduser'] = $user;
		$_SERVER['loggedemail'] = $email;
		
		
		header("Location:profile.php");		
		
		}else{
        
        $logginError = "<div class='alert alert-danger'> UserName / Password  Donot match  <a class='close' data-dismiss='alert'></a></div>  ";
        
    }
	






    mysqli_close($conn);








?>






<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>


<link rel="stylesheet"  href="main.css">

</head>
<body>
<div class="box">



<form action="<?php htmlspecialchars($_SERVER["PHP_SELF"])?>" method="post">
    

<label> Username </label>
<input type="text" name="username" placeholder="username">

<label> Password </label>
<input type="password" name="password" placeholder="Password">

<input type="submit" name="login" value="Submit"> <input type="reset" value="Reset">

    </form>
</div>




</body>
</html>

Notice: Undefined variable: formuser in C:\xampp\htdocs\DIWE php\DIWE 20 Dec\form\index1.php on line 26

Notice: Undefined variable: formpass in C:\xampp\htdocs\DIWE php\DIWE 20 Dec\form\index1.php on line 44

Notice: Undefined variable: hashpass in C:\xampp\htdocs\DIWE php\DIWE 20 Dec\form\index1.php on line 44


Kiyala Error ekak enawa Form Eka wada Login wenawa But Mata dana ganna oni Ay Mehema wenne kiyala

Mama udin Isset Ekakuth gahalane tiyenne

Mekata solution eka mokakda?


Me error eka enne udin form eka yatin display wenawa

page load karaddima me variables wenama set welaa nathi nisai me error eka enne


What is the solution

 

[vdilshan]

<?php
if(isset($_POST["login"])){

	function validate($input){
		$input = trim(stripslashes(htmlspecialchars($input)));
		return $input;
	}
		
	$formuser = validate($_POST["username"]);
	$formpass = validate($_POST["password"]);

	include("conn.php");

	$sql = "SELECT username,email,password FROM login WHERE username='$formuser'";
	$result = mysqli_query($conn,$sql);
	if(mysqli_num_rows($result) > 0){
		while($row = mysqli_fetch_assoc($result)){
			$user =  $row["username"];
			$email = $row["email"];
			$hashpass =  $row["password"];
		}
	}
		
	if(password_verify($formpass,$hashpass)){
	
		session_start();
		$_SERVER['loggeduser'] = $user;
		$_SERVER['loggedemail'] = $email;
		header("Location:profile.php");		
		
	}else{
		$logginError = "<div class='alert alert-danger'> UserName / Password  Donot match  <a class='close' data-dismiss='alert'></a></div>  ";
	}
	mysqli_close($conn);
	
}
?>
<!doctype html>
<html>
<head>
	<meta charset="utf-8">
	<title>Untitled Document</title>
	<link rel="stylesheet"  href="main.css">
</head>
<body>
	<div class="box">
		<form action="<?php htmlspecialchars($_SERVER["PHP_SELF"])?>" method="post">
			<label> Username </label>
			<input type="text" name="username" placeholder="username">
			<label> Password </label>
			<input type="password" name="password" placeholder="Password">
			
			<input type="submit" name="login" value="Submit"> <input type="reset" value="Reset">
		</form>
	</div>
</body>
</html>

 

[bunny16]

Help

 

[vdilshan]

Ai man uda dala thiyena eka wada karanne nadda?

 

[bunny16]

Ai man uda dala thiyena eka wada karanne nadda?

Mage code ekama neda daala tiyenne

Change kale kothanada ?

 

[CustomerSupport]

Dude just throw out your application and start over.

- SQL injection vulnerable. mysqli use karanawanam hariyata placeholders dala usr karanna.
- Error message eka enne $_POST values empty nisa. stripslashes, trim anan manan dagena dagalanna one na parameters use kara nam.
- DIWE = Diploma In Web Engineering ne da? E Soft eke? Oya course eka karanna epa ban hariyata kiyala denne na. Kohe branch eka da?

 

[bunny16]

Dude just throw out your application and start over.

- SQL injection vulnerable. mysqli use karanawanam hariyata placeholders dala usr karanna.
- Error message eka enne $_POST values empty nisa. stripslashes, trim anan manan dagena dagalanna one na parameters use kara nam.
- DIWE = Diploma In Web Engineering ne da? E Soft eke? Oya course eka karanna epa ban hariyata kiyala denne na. Kohe branch eka da?

Nop. Meka class example ekak neme

Man Esoft eke course eka karanawa bun

Gampaha branch

 

[bunny16]

Dude just throw out your application and start over.

- SQL injection vulnerable. mysqli use karanawanam hariyata placeholders dala usr karanna.
- Error message eka enne $_POST values empty nisa. stripslashes, trim anan manan dagena dagalanna one na parameters use kara nam.
- DIWE = Diploma In Web Engineering ne da? E Soft eke? Oya course eka karanna epa ban hariyata kiyala denne na. Kohe branch eka da?

Meka mama self study karala kale bun

Uba kiyanne function ekak hadala

Ekata username pass kiyala param dalaa ethanin validate karanna kiyalane ?