PHP Error _Line 6

#1

Hi,
I am getting the Error in Line 6 can you guys Please let me know what is the error and how can I solve it.

image

<?php
require('../functions_select.php');
require '../../admin/config.php';

if (isset($_POST['option'])) {
    if (isset($_POST['item'])) $item = $_POST['item'];
    if (isset($_POST['item2'])) $item2 = $_POST['item2'];
    else $item2 = "null";
    if (isset($_POST['item3'])) $item3 = $_POST['item3'];
    else $item3 = "null";
    if (isset($_POST['item4'])) $item4 = $_POST['item4'];
    else $item4 = "null";
    $option = $_POST['option'];
    tblsyntom($bd_config, $item, $item2, $item3, $item4, $option);
}

function tblsyntom($bd_config, $item, $item2, $item3, $item4, $option)
{
    $conexion = conexion_cat($bd_config);
    if (!$conexion) {
        return false;
    } else {
        $html = "";
        switch ($option) {
            case 'tblsyntom':
                $query = "SELECT * FROM `tblsyntom` WHERE `idMRC` LIKE '" . $item . "' ";
                $statement = $conexion->prepare($query);
                $statement->execute();
                $data = $statement->fetchall();
                $html = "<option value='0'> -- Syntom Option -- </option>\n";
                foreach ($data as $post) {
                    $html .= "<option value='" . $post['idSyntom'] . "|" . $post['descr'] . "' >" . $post['descr'] . "</option>\n";
                }
                break;
            case 'tblrootcause':
                $query = "SELECT * FROM `tblrootcause` WHERE `idMRC` LIKE " . $item2 . "  AND `idSyntom` LIKE " . $item . " ";
                echo $query;
                $statement = $conexion->prepare($query);
                $statement->execute();
                $data = $statement->fetchall();
                $html = "<option value='0'> -- RootCause Option -- </option>\n";
                foreach ($data as $post) {
                    $html .= "<option value='" . $post['idRootC'] . "|" . $post['descr'] . "' >" . $post['descr'] . "</option>\n";
                }
                break;
            case 'tblproposal':
                $query = "SELECT * FROM `tblproposal` WHERE `idMRC` LIKE " . $item2 . " AND `idSyntom` LIKE " . $item3 . " AND `idRootC` LIKE " . $item . " ";
                echo $query;
                $statement = $conexion->prepare($query);
                $statement->execute();
                $data = $statement->fetchall();
                $html = "<option value='0'> -- Proposal Option -- </option>\n";
                foreach ($data as $post) {
                    $html .= "<option value='" . $post['idProposal'] . "|" . $post['descr'] . "' >" . $post['descr'] . "</option>\n";
                }
                break;
            case 'tbldepto':
                $query = "SELECT * FROM `tbldepto` WHERE  `idMRC` LIKE " . $item2 . " AND `idSyntom` LIKE " . $item3 . " AND `idRootC` LIKE " . $item4 . " AND `idProposal` LIKE " . $item . " ";
                $statement = $conexion->prepare($query);
                $statement->execute();
                $data = $statement->fetchall();
                $html = "<option value='0'> -- Depto Option -- </option>\n";
                foreach ($data as $post) {
                    $html .= "<option value='" . $post['idDepto'] . "|" . $post['descr'] . "' >" . $post['descr'] . "</option>\n";
                }
                break;
        }
        echo $html;
    }
}


?>
#2

You have well over 50% more code than you need. I would start with cleaning that up and using prepared statements.

1 Like
#3

Please add proper braces to avoid confusions

#4
if (isset($_POST['option'])) {
    if (isset($_POST['item'])){
     $item = $_POST['item'];
     }
    if (isset($_POST['item2'])) {
    $item2 = $_POST['item2'];
   }
    else {
   $item2 = "null";
     }
    if (isset($_POST['item3'])) {
     $item3 = $_POST['item3'];
    }
    else 
   { 
    $item3 = "null";
   }
    if (isset($_POST['item4'])) 
     {
       $item4 = $_POST['item4'];
     }
      else {
       $item4 = "null";
      }
    $option = $_POST['option'];
    tblsyntom($bd_config, $item, $item2, $item3, $item4, $option);
}
1 Like
#5

It’s actually common for one liners to not have brackets and is cleaner, reduces lines in files, and is easier to read.

However, all of that is is error prone,

if (isset($_POST['item'])) $item = $_POST['item'];
...
tblsyntom($bd_config, $item, $item2, $item3, $item4, $option);
function tblsyntom($bd_config, $item, $item2, $item3, $item4, $option)

Now you have a variable that was never declared.

And on the method signature, you see a huge issue whenever variables are named, 1,2,3,4. That is a clear code smell and shows that an array should be used instead.

function tblsyntom($bd_config, $itemArray, $option)

Granted the switch statement is convoluted as well, and shows poor database design on top of poor code design.

I mean the tester used was specifically for SQL Injection and the code shows rampant allowance for that specific attack vector.

1 Like