Same code different PHP builds-->problems

Hi all.

I am having a bit of trouble with my site on two different hosting
platforms.

Here at work, I am running Mandrake10 Official, but Speakeasy is running
PHP with different compile options. I've already had to add "_COOKIE"
and "HTTP_POST_VARS" to my code to allow for this, but something else is
apparently amiss as well.

Everything looks fine when testing locally, but from the speakeasy site,
I get this in all my textboxes:
<br /><b>Notice</b>: Undefined index: CompFax in
<b>/mnt/webhosting/sites/d/deluxestitcher.com/order.php</b> on line
<b>157</b><br />

It apparently only appears in boxes for which no cookie has been stored
in the browser.

Here's the page with problems:
http://www.deluxestitcher.com/order.php

Could someone please tell me the hopefully quick & easy solution to this?

Thanks.

--john

Here's a small code snippet:
<font size="2"
face="Arial,Helvetica,Geneva,Sans-serif,sans-serif"><b>Company
Fax:</b></font></div></td>
<td colspan="8"><div align="right"><table width="100%" border="0"
cellspacing="0" cellpadding="0">
<tr><td align="left"><input id="CompanyFax" value="<?php echo
$_COOKIE["CompFax"] ?>" type="text" name="CompanyFax" size="34"
maxlength="70">
</td></tr>

Speakeasy's info.php can be found here:
http://www.deluxestitcher.com/info.php

My local info.php can be found here:
http://www.deluxestitcher.com/localinfo.html

john wrote:
> Everything looks fine when testing locally, but from the speakeasy site,
> I get this in all my textboxes:
> <br /><b>Notice</b>: Undefined index: CompFax in
> <b>/mnt/webhosting/sites/d/deluxestitcher.com/order.php</b> on line
> <b>157</b><br />
[snip]
> Could someone please tell me the hopefully quick & easy solution to this?

You can use isset() or empty() to make sure that the variables are set
before using them. Alternatively if you know this is okay you can simply
disable the notices -- see http://www.php.net/error_reporting

> <tr><td align="left"><input id="CompanyFax" value="<?php echo
> $_COOKIE["CompFax"] ?>" type="text" name="CompanyFax" size="34"
> maxlength="70">

Be careful here too; if the cookie is set from user-supplied data it
could break your HTML output if a double-quote or other special
character is typed. (Consider also the possibilities of malicious
attacks inserting arbitrary HTML via your forms.) Consider using
htmlspecialchars() to escape output.

-- brion vibber (brion @ pobox.com)

Brion Vibber wrote:
> john wrote:
>
>> Everything looks fine when testing locally, but from the speakeasy
>> site, I get this in all my textboxes:
>> <br /><b>Notice</b>: Undefined index: CompFax in
>> <b>/mnt/webhosting/sites/d/deluxestitcher.com/order.php</b> on line
>> <b>157</b><br />
>
> [snip]
>
>> Could someone please tell me the hopefully quick & easy solution to this?
>
>
> You can use isset() or empty() to make sure that the variables are set
> before using them. Alternatively if you know this is okay you can simply
> disable the notices -- see http://www.php.net/error_reporting

That did it. I just added an "if (!empty())" to each $_COOKIE[""] instance.

>> <tr><td align="left"><input id="CompanyFax" value="<?php echo
>> $_COOKIE["CompFax"] ?>" type="text" name="CompanyFax" size="34"
>> maxlength="70">
>
>
> Be careful here too; if the cookie is set from user-supplied data it
> could break your HTML output if a double-quote or other special
> character is typed. (Consider also the possibilities of malicious
> attacks inserting arbitrary HTML via your forms.) Consider using
> htmlspecialchars() to escape output.

Actually, just did that as a matter of fact. :) Found a removeEvilTags
function on the php site.

Thanks,
john