2

I've inherited a site from a previous (no longer available for help) developer and I'm not much of a PHP coder to begin with so, bear with me.

I keep getting an error that some variables are undefined and the CMS Admin toolbar keeps showing up at the top of the page even though I'm not logged in.

Important Note This only happens in my local development environment.

The error:

Notice: Undefined variable: buttons in /Users/shortname/Sites/sitename.com/public_html/admin/editable.class.php on line 275

Edit Here's the complete file:

Pastebin of editable.class.php

In my page, I've got an include 

<?php
    include_once 'admin/editable.class.php';

    $page = new page(6, 2, 0);
    echo $page->get();
?>

It's job is to grab all the page elements from the DB and throw it on the page.

The include appears later in the page as well (in the footer)

<?
include_once "admin/editable.class.php";
$login = new dynamic;

if($login->isAdmin())
{
    echo '
    <div id="adminBar">
        <div>
            <h3>Admin Menu</h3> <span class="editable">Editable Pages: <a href="/company/media.php">In The Media</a> | <a href="/company/faq_about.php">FAQ</a> | <a href="/company/tradeshows.php">Tradeshows</a></span> <a class="logout" href="/admin">Logout</a>
        </div>
    </div>
    ';
}
?>

Which I assume is what shows the CMS info bar and buttons if you're an authenticated user. The trouble is, I can't authenticate and I can't get the warnings to go away. Here's the authentication functions in editable.class.php:

function isAdmin()
    {
        if (isset($_COOKIE["admin"]) && $_COOKIE["admin"] === sha1("username".$this->salt.$this->users["username"]))
        {
            $this->admin = true;

            return true;
        }
        else
        {
            $this->admin = false;

            return false;
        }
    }

    function login()
    {
        if($this->isAdmin())
        {
            return true;
        }

        if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($this->users[$_SERVER['PHP_AUTH_USER']]) || $this->users[$_SERVER['PHP_AUTH_USER']] !== $_SERVER['PHP_AUTH_PW']) 
        {
            header('WWW-Authenticate: Basic realm="Administration"');
            header('HTTP/1.0 401 Unauthorized');
            echo 'Authorization Required';
            exit;
        }
        else
        {           
            setcookie("admin", sha1("username".$this->salt.$this->users["username"]), 0, "/", ".sitename.com");
            $this->admin = true;

            return true;
        }
    }

    function logout()
    {
        header('HTTP/1.0 401 Unauthorized');
        setcookie("username", "", time() - 1, "/", ".sitename.com");
    }

I tried adding <?php setcookie("username", "", time() - 1, "/", ".sitename.com"); ?> to see if I could clear out the cookie data and remove the admin tools but, that didn't work either. What am I missing on my local development environment that would cause these errors?

Improve this question

2 Answers 2

Reset to default
3

It is giving you a notice because when you define the buttons variable, it is out of scope. So, just change your code from:

if($this->admin)
{
    $buttons =  $this->editButtons;
}
else
{
    $butons = "";
}

to this:

$buttons = '';
if($this->admin)
    $buttons = $this->editButtons;

This is shorthand code, you can add the brackets if you like.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

My apologies for leaving the mod relevant part out.
that did indeed fix the variable warning but I still have the CMS admin bar showing up on the page even though I'm not authenticated... Even when I log in and log out, the CMS tools still appear. And, the variables work fine in the production environment without the fix you outlined above.
can you add a check where it displays the cms tools to ensure it is not empty rather than is not set?
1

I suspect the dev environment has the warning level turned on which is why you are getting this.

Go to the file in question and before line 275 define the variable 'buttons' as a blank string. You just need to initialise the variable before it is used.

$buttons = '';

added after viewing codebin:

try changing

$item["buttons"] = $buttons;

to

if (isset($buttons)) {
  $item["buttons"] = $buttons;
}
else {
  $item['buttons'] = '';
}

that way it only calls $buttons if it's been set already, you need to set $item['buttons'] to a blank string or it'll throw a similar error when used later otherwise

Improve this answer

1 Comment

But the variable should only be available if you're a logged in user. This happens when I load the page without any login of any kind in my local environment.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.