Undefined index: b in /path/file.php relating to querystring parameters

2 Views

I am getting errors in the server log for cformsII plugin but don’t understand why. 

PHP Notice:  Undefined index: b in /var/www/wordpressmu/wp-content/plugins/cforms/cforms-captcha.php on line 12
[Tue Jul 12 15:02:26 2011] [error] [client 172.18.30.81] PHP Notice:  Undefined index: f in /var/www/wordpressmu/wp-content/plugins/cforms/cforms-captcha.php on line 15
[Tue Jul 12 15:02:26 2011] [error] [client 172.18.30.81] PHP Notice:  Undefined index: f1 in /var/www/wordpressmu/wp-content/plugins/cforms/cforms-captcha.php on line 18
[Tue Jul 12 15:02:26 2011] [error] [client 172.18.30.81] PHP Notice:  Undefined index: f2 in /var/www/wordpressmu/wp-content/plugins/cforms/cforms-captcha.php on line 19
[Tue Jul 12 15:02:26 2011] [error] [client 172.18.30.81] PHP Notice:  Undefined index: a1 in /var/www/wordpressmu/wp-content/plugins/cforms/cforms-captcha.php on line 21
[Tue Jul 12 15:02:26 2011] [error] [client 172.18.30.81] PHP Notice:  Undefined index: a2 in /var/www/wordpressmu/wp-content/plugins/cforms/cforms-captcha.php on line 22
[Tue Jul 12 15:02:26 2011] [error] [client 172.18.30.81] PHP Notice:  Undefined index: l in /var/www/wordpressmu/wp-content/plugins/cforms/cforms-captcha.php on line 30

The url to the captcha image is
http://mysite/wp-content/plugins/cforms/cforms-captcha.php?ts=3&c1=4&c2=5&ac=abcdefghijkmnpqrstuvwxyz23456789&i=i&w=115&h=25&c=#A6BEA4&l=000066&f=font4.ttf&a1=-20&a2=11&f1=17&f2=19&b=12.gif&rnd=448710

Read More

As you can see the variables throwing errors are included in the querystring.

The error is happening against this statement (prep being a function which strips slashes): 

$im_bg_url      = 'captchabg/' . ( prep($_REQUEST['b'],'1.gif') );
Post Views: 2

Related posts

Leave a Reply

1 comment

  1. The cforms WordPress Plugin you’re using is not properly sanitizing input variables prior use, that’s why you get the warnings.

    You can either fix the problem your own if you’re a coder, or report the issue to the plugin author and discuss if she can fix it.

    But from what I googled, there is another version of that plugin, called cfomsII (WordPress Plugin). It will probably have this issue already fixed so perhaps changing the plugin to the new version is the best suggestion to give.