-----Mensaje original----- De: Richard [mailto:inbound-lists-php@xxxxxxxxxxxxxxxxxxxxx] Enviado el: miércoles, 28 de marzo de 2018 11:30 a. m. Para: php-general@xxxxxxxxxxxxx Asunto: Re: error Undefined index: > Date: Wednesday, March 28, 2018 14:13:22 +0000 > From: Alejandro Michelin Salomon <amichelins@xxxxxxxxxxx> > > Hi. > > > Change FROM > > $empresa = $_POST['empresa']; > > > TO > > // To have a default value > > $empresa = ( isset( $_POST['empresa'] ) ) ? $_POST['empresa'] : ''; > >> >> if ( $_POST ) { >> $result=pg_query("SELECT empresa, sum(valor) valor FROM trabajos >> WHERE empresa='$empresa' and to_char(fecha, 'TMMONTH')::varchar = >> '$mes' and date_part('year', fecha)= '$anio' >> group by empresa"); >> $registros= pg_num_rows($result); >> Do not ignore that using a $_POST value, without sanitizing it first is, as has been pointed out, a very serious sql injection vulnerability vector. You might have fixed the "Undefined index" issue, but this code (as previously presented) isn't something that should be put into use. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I solved it by adding the imput: <select name = "empresa" onchange="fun_lista();"> Thank you all -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
