PHP Session and Cookie error in my Admin login page

Question

I am working on Admin login page using PHP and MySQL. I am using XAMPP Control Panel v3.2.2 and Chrome browser.

I have used session and cookie in my admin login page but I have found following error

Notice: Undefined index: nam in C:\xampp\htdocs\online_voting\admin\index.php on line 3

Notice: Undefined index: pas in C:\xampp\htdocs\online_voting\admin\index.php on line 4

in my index.php page.

I can not find out cause of this error. What might be the problem?

This is my MySQL database connection page.

connection.php

<?php
error_reporting(1);
mysql_connect('localhost', 'root', '') or die(mysql_error());
mysql_select_db('poll') or die(mysql_error());

?>

For Login :

Email : admin@gmail.com Password : admin

Database name is poll and table name is tbadministrators .

-- Table structure for table `tbadministrators`
--

CREATE TABLE IF NOT EXISTS `tbadministrators` (
  `admin_id` int(5) NOT NULL AUTO_INCREMENT,
  `first_name` varchar(45) NOT NULL,
  `last_name` varchar(45) NOT NULL,
  `email` varchar(45) NOT NULL,
  `password` varchar(45) NOT NULL,
  PRIMARY KEY (`admin_id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;

--
-- Dumping data for table `tbadministrators`
--

INSERT INTO `tbadministrators` (`admin_id`, `first_name`, `last_name`, `email`, `password`) VALUES
(1, 'Md. Rezwanul', 'Haque', 'admin@gmail.com', '21232f297a57a5a743894a0e4a801fc3');

-- --------------------------------------------------------

I have used following pages for admin login .

index.php

<?php
      session_start();
      $myusername = $_SESSION['nam'] ;
      $mypassword = $_SESSION['pas'] ;
?>
<?php
      if(isset($_COOKIE['$email']) && $_COOKIE['$pass']){
          header("Location:admin.php");
          exit;
      }
?>

<!DOCTYPE html>
<html >
<head>
  <meta charset="UTF-8">
  <title>Admin Login Form</title>

  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css">

  <link rel='stylesheet prefetch' href='https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|RobotoDraft:400,100,300,500,700,900'>
<link rel='stylesheet prefetch' href='https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css'>

      <link rel="stylesheet" href="css/style.css">

      <script language="JavaScript" src="js/admin.js">
  </script>


</head>

<body style="background-image:url('images/demo/backgrounds/bCY7Scu.png');">




<div class="pen-title">
  <h1>Admin Login Form</h1>
</div>

<div class="container" >
  <div class="card"></div>

  <div class="card">
    <h1 class="title">Login</h1>
    <form name="form1" action="checklogin.php" method="post" onsubmit="return loginValidate(this)">

      <div class="input-container">
        <input name="myusername" value="<?php echo $myusername  ?>" type="text" required="required"/>
        <label>Email</label>
        <div class="bar"></div>
      </div>
      <div class="input-container">
        <input name="mypassword" value="<?php echo $mypassword ?>" type="password"  required="required"/>
        <label>Password</label>
        <div class="bar"></div>
      </div>

      <center><tr><td colspan="2" align="center"><input type="checkbox" name="remember" value="1"> <font color="blue">Remember Me</font></td></tr></center><br>

      <div class="button-container">

        <button name="Submit"><span>Login</span></button>

      </div>
      <br><br>
    <center>Return to <a href="http://localhost/online_voting/index.php">Voter Panel</a></center>

    </form>
  </div>

</div>


</body>
</html>

checklogin.php

<!DOCTYPE html>
<html>
<body style="background-color:powderblue;">


<?php
//session_start();
ini_set ("display_errors", "1");
error_reporting(E_ALL);

ob_start();
session_start();
require('../connection.php');

$tbl_name="tbAdministrators"; // Table name


/*
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$encrypted_mypassword=md5($mypassword); 

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
*/

$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$encrypted_mypassword=md5($mypassword); 

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE email='$myusername' and password='$encrypted_mypassword'" or die(mysql_error());
$result=mysql_query($sql) or die(mysql_error());


$count=mysql_num_rows($result);


if($count==1){
    // If everything checks out, you will now be forwarded to admin.php
     // $user = mysql_fetch_assoc($result);
     // $_SESSION['admin_id'] = $user['admin_id'];
    // header("location:admin.php");



                if(isset($_POST['remember']))
                {
                    setcookie('$email',$_POST['myusername'], time()+30*24*60*60);
                    setcookie('$pass', $_POST['mypassword'],time()+30*24*60*60);
                    $_SESSION['curname']=$myusername;
                    $_SESSION['curpass']=$mypassword;

                    $user = mysql_fetch_assoc($result);
                    $_SESSION['admin_id'] = $user['admin_id'];

                    header("Location:admin.php");
                    exit;
                }
                else
                {
                    $log1=11;
                    $_SESSION['log1'] = $log1;
                    $_SESSION['curname']=$myusername;
                    $_SESSION['curpass']=$mypassword;

                    $user = mysql_fetch_assoc($result);
                    $_SESSION['admin_id'] = $user['admin_id'];

                    header("Location:admin.php");
                    exit;
                }


}
//If the username or password is wrong, you will receive this message below.
else {
    echo "<br> <br> <br> ";
    echo "<center> <h3>Wrong Username or Password<br><br>Return to <a href=\"index.php\">login</a> </h3></center>";
}

ob_end_flush();

?> 




</body>
</html>

admin.php

<?php
    session_start();
    require('../connection.php');
    $log1 = $_SESSION['log1'];
?>
<?php
      if(isset($_COOKIE['$email']) && $_COOKIE['$pass']){
            $curnam = $_SESSION['curname'];
            $curpas = $_SESSION['curpass'];
        }
        else if($log1 == 11)
        {
            $curnam = $_SESSION['curname'];
            $curpas = $_SESSION['curpass'];
        }
        else 
        {
           echo '<img src="e1.jpg" width="100%" height="100%"  />';  /* here goes the page when destroy the cookies */
           exit;
        }
?>
<!DOCTYPE html>
<html>
<head>
<title>online voting</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">

<link href="layout/styles/layout.css" rel="stylesheet" type="text/css" media="all">
<script language="JavaScript" src="js/user.js">
</script>

</head>
<body id="top">
<div class="wrapper bgded overlay" style="background-image:url('images/demo/backgrounds/background1.jpg');">
  <section id="testimonials" class="hoc container clear"> 

    <h2 class="font-x3 uppercase btmspace-80 underlined"> Online <a href="#">Voting</a></h2>
    <ul class="nospace group">

       <li class="one_third">

          <blockquote>In this page, Admin can set candidates for voting and view results.</blockquote>

      </li> 

    </ul>

  </section>
</div>
<!-- JAVASCRIPTS -->
<script src="layout/scripts/jquery.min.js"></script>
<script src="layout/scripts/jquery.backtotop.js"></script>
<script src="layout/scripts/jquery.mobilemenu.js"></script>
<!-- IE9 Placeholder Support -->
<script src="layout/scripts/jquery.placeholder.min.js"></script>
<!-- / IE9 Placeholder Support -->
</body>
</html>

logout.php

<?php
  session_start();
  //session_destroy();
  /*header("location: index.php");
  exit;*/
  if( isset($_COOKIE['$email']) and isset($_COOKIE['$pass'])){
      setcookie('$email',' ',time()-30*24*60*60);
      setcookie('$pass',' ',time()-30*24*60*60);
      $nam=$_COOKIE['$email'];
      $pas=$_COOKIE['$pass'];
      $_SESSION['nam'] = $nam;
      $_SESSION['pas'] = $pas;
      header("location: index.php");
      exit;
  }
  else
  {
    header("location: index.php");
    exit;
  }
?>

PHP: "Notice: Undefined variable", "Notice: Undefined index", and "Notice: Undefined offset"

From their solutions could not help me properly.

Answer 1

When you first time visit the page at that time your value not set in session. So you have to check first if value is set or not then assign the value. Change the following in index.php:

<?php
      session_start();
      $myusername = isset($_SESSION['nam'])?$_SESSION['nam']:"" ;
      $mypassword = isset($_SESSION['pas'])?$_SESSION['pas']:"" ;
?>