The previous post is as always, very informative, but a bit dense for me.

These "errors" will spring up when your hosting upgrades your php: as php evolves it gets more strict and complains about code trying to process things that do not exist, as in this case.

Hence new "errors" appear suddenly when you have made no changes to the code. If it's a problem to fix in the moment, you can always revert to the previous version of php temporarily.

A lot of work has gone into 157 and onwards to trap these things before php points them out and to be honest there should not be any now.

When I come across these things, the first thing I do is look at the same file in the Zencart Github and see if it has already been trapped in the next version, and copy that code.

Generally, you can just prevent the reason for the warning with
$telephone = empty($_POST['telephone']) ? '' : zen_db_prepare_input($_POST['telephone']);
which just checks if the parameter exists, and if not, create it with an empty string.

But, a conscientious user would go a bit futher back and see why this variable was not set by the form in the first place:
includes\templates\YOUR_TEMPLATE\templates\tpl_contact_us_default.php

as maybe you have found a hole that needs plugging.

But no, testing this form with no data in the telephone fieldshows it is passed as an empty string:

Name:  Clipboard01.jpg
Views: 251
Size:  17.4 KB


So, why does it not exist when the parameters are processed by the header?

Does YOUR contact_us have a telephone field?

Maybe a spambot is using the contact form link?

This is why having a vanilla copy of ZC on the same server is useful to see if you can manually trigger the same error and look at the parameters passed by the form to check this parameter does exist.

If the errors continue and you cannot cause them manually, look at the ip that triggers the error, is it always the same one? If so, block it.