PHP form code

[eaglelegend]

whats wrong with my PHP/Form code?  ???

 

		print "<h2>Send Message</h2><p>
	<form action='/mail2.php?action=sendmsg' method='post'>
	<input type='radio' name='type' value='1' class='text_box'> Email<br>
	<input type='radio' name='type' value='2' checked class='text_box'> Private Message<br>
	To<br>
	<input type='text' name='to' class='text_box'><p>
	From<br>
	<select name='from' size='1' class='text_box'>";
	<?php
	$sql = mysql_query("SELECT * FROM `members` WHERE `site`=\"$Z\" ORDER BY `username`='".mysql_escape_string($username). ASC");
	while($row = mysql_fetch_array($sql)) {
	 	$us = $row["username"];

	 	print "<option value=\"$us\">$us</option>
	 	<option value=\"[email protected]\">[email protected]</option>";
	}
	?>

	print "</select><p>

[unidox]

Whats the error?

[eaglelegend]

parse:

Parse error: syntax error, unexpected '<' in /misc/39/000/171/334/2/user/web/eaglelegend.com/mail2.php on line 80

 

line 80 is the start of <?php

[unidox]

Try this:

 

print "<h2>Send Message</h2><p>
	<form action='/mail2.php?action=sendmsg' method='post'>
	<input type='radio' name='type' value='1' class='text_box'> Email<br>
	<input type='radio' name='type' value='2' checked class='text_box'> Private Message<br>
	To<br>
	<input type='text' name='to' class='text_box'><p>
	From<br>
	<select name='from' size='1' class='text_box'>";
	<?php
	$sql = mysql_query("SELECT * FROM `members` WHERE `site`=\"$Z\" ORDER BY `username`='".mysql_escape_string($username). ASC");
	while($row = mysql_fetch_array($sql)) {
	 	$us = $row["username"];

	 	print "<option value=" . $us . ">" . $us . "</option>
	 	<option value=\"" . $us . "@eaglelegend.com\">" . $us . "@eaglelegend.com</option>";
	}
	?>

	print "</select><p>";

[trq]

You have a parse error in your query, not to mention the fact that is is invalid sql.

[unidox]

Here, I cleaned up your code:

 

<?
echo "<h2>Send Message</h2><p>
	<form action=\"mail2.php?action=sendmsg\" method=\"post\">
	<input type=\"radio\" name=\"type\" value=\"1\" class=\"text_box\"> Email<br />
	<input type='radio' name='type' value='2' checked class='text_box'> Private Message<br />
	To<br />
	<input type=\"text\" name=\"to\" class=\"text_box\"><p>
	From<br />
	<select name=\"from\" size=\"1\" class=\"text_box\">";
	$sql = mysql_query("SELECT * FROM `members` WHERE site = '$Z' ORDER BY `username` = '" . mysql_escape_string($username) . "' ASC");
	while($row = mysql_fetch_array($sql)) {
	 	$us = $row["username"];
	 	print "<option value=\"" . $us . "\">" . $us . "</option>
	 	<option value=\"" . $us . "@eaglelegend.com\">" . $us . "@eaglelegend.com</option>";
	}
	print "</select><p>";
?>

[eaglelegend]

thanks unidox, unfortunately, well maybe because it werent all the form im afraid, here is the full form, which includes what you fixed:

 

<?php
echo "<h2>Send Message</h2><p>
	<form action=\"mail2.php?action=sendmsg\" method=\"post\">
	<input type=\"radio\" name=\"type\" value=\"1\" class=\"text_box\"> Email<br />
	<input type='radio' name='type' value='2' checked class='text_box'> Private Message<br />
	To<br />
	<input type=\"text\" name=\"to\" class=\"text_box\"><p>
	From<br />
	<select name=\"from\" size=\"1\" class=\"text_box\">";
	$sql = mysql_query("SELECT * FROM `members` WHERE site = '$Z' ORDER BY `username` = '" . mysql_escape_string($username) . "' ASC");
	while($row = mysql_fetch_array($sql)) {
	 	$us = $row["username"];
	 	print "<option value=\"" . $us . "\">" . $us . "</option>
	 	<option value=\"" . $us . "@eaglelegend.com\">" . $us . "@eaglelegend.com</option>";
	}
	print "</select><p>		
	Subject<br>
	<input type='text' name='subject' size='30' class='text_box'><p>
	Message<br>
	<textarea rows=6 cols=60 nowrap name='message' class='text_box'></textarea><p>
	<input type='submit' value=' Send Message ' class='text_box'></form>";	 
}
?>

[unidox]

Here:

 

<?php
echo "<h2>Send Message</h2><p>
	<form action=\"mail2.php?action=sendmsg\" method=\"post\">
	<input type=\"radio\" name=\"type\" value=\"1\" class=\"text_box\"> Email<br />
	<input type=\"radio\" name=\"type\" value=\"2\" checked class=\"text_box\"> Private Message<br />
	To<br />
	<input type=\"text\" name=\"to\" class=\"text_box\"><p>
	From<br />
	<select name=\"from\" size=\"1\" class=\"text_box\">";
	$sql = mysql_query("SELECT * FROM `members` WHERE site = '$Z' ORDER BY `username` = '" . mysql_escape_string($username) . "' ASC");
	while($row = mysql_fetch_array($sql)) {
	 	$us = $row["username"];
	 	print "<option value=\"" . $us . "\">" . $us . "</option>
	 	<option value=\"" . $us . "@eaglelegend.com\">" . $us . "@eaglelegend.com</option>";
	}
	print "</select><p>		
	Subject<br />
	<input type=\"text\" name=\"subject\" size=\"30\" class=\"text_box\"><p>
	Message<br />
	<textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"></textarea><p>
	<input type=\"submit\" value=\" Send Message \" class=\"text_box\"></form>";	 
?>

 

You didnt need the ending }

[eaglelegend]

Ok, thank you I did that but still

Parse error: syntax error, unexpected '<' in /misc/39/000/171/334/2/user/web/eaglelegend.com/mail2.php on line 72

 

line 72 is the start of <?php

[unidox]

I need to see the full code, of both pages.

[eaglelegend]

its actually 1 page, I just put "2" as it the original one is their and I don't want to chance having a not complete mail system publicly available for people to abuse you know? thanks!

[unidox]

How would people abuse it?

 

Just use ** to block out any emails you dont want public.

 

The code I gave you comes with no errors, I need to see it all otherwise I cant help.

[eaglelegend]

I mean it is a PM & Email thing, it could be abused as the "from" you could change..

[unidox]

Well PM me it you would like. I am trying to help, but you have to come 50% also.

[trq]

The error your getting would be caused by already being in php then using the <?php tags again. If your already witjhin php you don't need nested <?php ?> tags.

 

Once you fix that though, your query is invalid also.

[eaglelegend]

ok, how comes is sql have a problem?