What does the PHP error message "Notice: Use of undefined constant" mean?

PHP is writing this error in the logs: "Notice: Use of undefined constant".

Error in logs:

PHP Notice:  Use of undefined constant department - assumed 'department' (line 5)
PHP Notice:  Use of undefined constant name - assumed 'name' (line 6)
PHP Notice:  Use of undefined constant email - assumed 'email' (line 7)
PHP Notice:  Use of undefined constant message - assumed 'message' (line 8)

Relevant lines of code:

$department = mysql_real_escape_string($_POST[department]);
$name = mysql_real_escape_string($_POST[name]);
$email = mysql_real_escape_string($_POST[email]);
$message = mysql_real_escape_string($_POST[message]);

What does it mean and why am I seeing it?

department is meant to be a string (to be used here as array key). Strings in PHP must be enclosed in quotes. In the days of the long past PHP was lax about using quotes for single-word strings but these days are long gone.

Therefore, it must be 'department' or "department".

The same goes for the other errors as well.

As is, it was looking for constants called department, name, email, message, etc. When it doesn't find such a constant, PHP (bizarrely) interprets it as a string ('department', etc) but warns you about that. Obviously, this can easily break if you do defined such a constant later (though it's bad style to have lower-case constants).

The error message is due to the unfortunate fact that PHP will implicitly declare an unknown token as a constant string of the same name.

That is, it's trying to interpret this (note the missing quote marks):

$_POST[department]

The only valid way this would be valid syntax in PHP is if there was previously a constant department defined. So sadly, rather than dying with a Fatal error at this point, it issues this Notice and acts as though a constant had been defined with the same name and value:

// Implicit declaration of constant called department with value 'department'
define('department', 'department');  

There are various ways you can get this error message, but they all have the same root cause - a token that could be a constant.

Strings missing quotes: $my_array[bad_key]

This is what the problem is in your case, and it's because you've got string array keys that haven't been quoted. Fixing the string keys will fix the bug:

Change:

$department = mysql_real_escape_string($_POST[department]);
...(etc)...

To:

$department = mysql_real_escape_string($_POST['department']);
...(etc)...

Variable missing dollar sign: var_without_dollar

Another reason you might see this error message is if you leave off the $ from a variable, or $this-> from a member. Eg, either of the following would cause a similar error message:

my_local;   // should be $my_local
my_member;  // should be $this->my_member

Invalid character in variable name: $bad-variable-name

A similar but more subtle issue can result if you try to use a disallowed character in a variable name - a hyphen (-) instead of an underscore _ would be a common case.

For example, this is OK, since underscores are allowed in variable names:

if (123 === $my_var) {
  do_something();
}

But this isn't:

if (123 === $my-var) {
  do_something();
}

It'll be interpreted the same as this:

if (123 === $my - var) {  // variable $my minus constant 'var'
  do_something();
}

Referring to a class constant without specifying the class scope

In order to refer to a class constant you need to specify the class scope with ::, if you miss this off PHP will think you're talking about a global define().

Eg:

class MyClass {
  const MY_CONST = 123;

  public function my_method() {
    return self::MY_CONST;  // This is fine
  }


  public function my_method() {
    return MyClass::MY_CONST;  // This is fine
  }

  public function my_bad_method() {
    return MY_CONST;  // BUG - need to specify class scope
  }
}

Using a constant that's not defined in this version of PHP, or is defined in an extension that's not installed

There are some system-defined constants that only exist in newer versions of PHP, for example the mode option constants for round() such as PHP_ROUND_HALF_DOWN only exist in PHP 5.3 or later.

So if you tried to use this feature in PHP 5.2, say:

$rounded = round($my_var, 0, PHP_ROUND_HALF_DOWN);

You'd get this error message:

> Use of undefined constant PHP_ROUND_HALF_DOWN - assumed > 'PHP_ROUND_HALF_DOWN' Warning (2): Wrong parameter count for round()

you probably forgot to use "".

For exemple:

$_array[text] = $_var;

change to:

$_array["text"] = $_var;

You missed putting single quotes around your array keys:

> $_POST[email]

should be:

> $_POST['email']

Insert single quotes.

Example

$department = mysql_real_escape_string($_POST['department']);
$name = mysql_real_escape_string($_POST['name']);
$email = mysql_real_escape_string($_POST['email']);
$message = mysql_real_escape_string($_POST['message']); 

Am not sure if there is any difference am using code igniter and i use "" for the names and it works great.

$department = mysql_real_escape_string($_POST["department"]);
$name = mysql_real_escape_string($_POST["name"]);
$email = mysql_real_escape_string($_POST["email"]);
$message = mysql_real_escape_string($_POST["message"]);

regards,

Jorge.

The correct way of using post variables is

<?php

$department = $_POST['department'];

?>

Use single quotation(')

Looks like the predefined fetch constants went away with the MySQL extension, so we need to add them before the first function...

//predifined fetch constants

define('MYSQL_BOTH',MYSQLI_BOTH);
define('MYSQL_NUM',MYSQLI_NUM);
define('MYSQL_ASSOC',MYSQLI_ASSOC);

I tested and succeeded.