PostCard Script Help

[MarkP]

This script used to work fine. I know it may be a little messy. Can anyone let me know what I am missing?

 

<?php
if (is_numeric($_GET['id'])AND! empty($_GET['id']))
{
?>
<p class="center rightTxt1">
    <span>Send Postcard</span>
    <a href="./index.php?page=upload" class="cssbutton">Upload Photos</a>
    <a href="./index.php" class="cssbutton">Search Photos</a>
</p>
<?php
$photoID = $_GET['id'];
$qP = mysql_query("SELECT * FROM gallery_photos WHERE pid = '".$photoID."' AND screened = '1'");
if (mysql_num_rows($qP) == 1)
{
    $qR = mysql_fetch_array($qP);
    if (! empty($_POST['preview'])OR! empty($_POST['submit']))
    {
        if ( empty($_POST['yourName']))
        {
            $errors[] = 'You didn\'t enter your name.';
        }
        if (!ereg("^[a-zA-Z0-9._]+@[a-zA-Z0-9\-]+\.[a-zA-Z\-\.]+$", $_POST['yourEmail']))
        {
            $errors[] = 'The email adress you\'ve entered as your email is incorrect.';
        }
        if ( empty($_POST['recName']))
        {
            $errors[] = 'You didn\'t enter the recipient\'s name.';
        }
        if (!ereg("^[a-zA-Z0-9._]+@[a-zA-Z0-9\-]+\.[a-zA-Z\-\.]+$", $_POST['recEmail']))
        {
            $errors[] = 'The email adress you\'ve entered as the recipient\'s email is incorrect.';
        }
        if ( empty($_POST['message']))
        {
            $errors[] = 'You didn\'t write a message.';
        }
	if($_POST['chtsum']!=2)
	{
		$errors[] = 'You didn\'t fill in the sum correctly.';
	}
    }
    if ( empty($_POST['submit'])  OR  count($errors) > 0)
    {
        $yourName = str_replace("\\r\\n", "\n", $_POST['yourName']);
        while (strstr($yourName, "\'") OR strstr($yourName, '\"'))$yourName = stripslashes($yourName);
        $yourEmail = str_replace("\\r\\n", "\n", $_POST['yourEmail']);
        while (strstr($yourEmail, "\'") OR strstr($yourEmail, '\"'))$yourEmail = stripslashes($yourEmail);
        $recName = str_replace("\\r\\n", "\n", $_POST['recName']);
        while (strstr($recName, "\'") OR strstr($recName, '\"'))$recName = stripslashes($recName);
        $recEmail = str_replace("\\r\\n", "\n", $_POST['recEmail']);
        while (strstr($recEmail, "\'") OR strstr($recEmail, '\"'))$recEmail = stripslashes($recEmail);
        $message = str_replace("\\r\\n", "\n", $_POST['message']);
        while (strstr($message, "\'") OR strstr($message, '\"'))$message = stripslashes($message);
        echo ' 			<div style="width: 945px;"> 				<div style="float: right;"> 				    <img src="./includes/photo.php?id='.$qR['pid'].'&size=393" style="border: 5px solid white;"><br /> 				    <img src="./includes/postcard.php?message='.base64_encode($message).'&recName='.base64_encode($recName).'&recEmail='.base64_encode($recEmail).'" style="clear: both; margin-top: 10px;"> 				</div> 				 				<form method="post" action="" style="margin-top: 0; padding: 10px; width: 500px;"> 				';
        if (count($errors) > 0)
        {
            echo 'The following errors occured:<ol>';
            foreach ($errors AS $val)
            {
                echo '<li>'.$val.'</li>';
            }
            echo '</ol>';
        }
        echo ' 					<table> 						<tr> 							<td style="width: 120px;"><strong>Your name</strong></td> 							<td><input type="text" name="yourName" value="'.$yourName.'" style="width: 250px;" /></td> 						</tr> 						 						<tr> 							<td><strong>Your email</strong></td> 							<td><input type="text" name="yourEmail" value="'.$yourEmail.'" style="width: 250px;" /></td> 						</tr> 						 						<tr> 							<td><strong>Recipient\'s name</strong></td> 							<td><input type="text" name="recName" value="'.$recName.'" style="width: 250px;" /></td> 						</tr> 						 						<tr> 							<td><strong>Recipient\'s email</strong></td> 							<td><input type="text" name="recEmail" value="'.$recEmail.'" style="width: 250px;" /></td> 						</tr> 						 			<tr><td valign="top"><strong>Sum: <em>1 and 1 =</em></strong></td><td><input type="text" name="chtsum" value="'.$_POST['chtsum'].'" size="2" /></td></tr>		<tr> 							<td valign="top"><strong>Message</strong></td> 							<td><textarea cols="5" rows="10" name="message" style="height: 110px; width: 250px;">'.$message.'</textarea></td> 						</tr> 						 						<tr> 							<td> </td> 							<td> 								';
        if (! empty($_POST['preview']) AND count($errors) == 0)
        {
            echo '<input type="submit" name="submit" value="Send!" onclick="if(!confirm(\'Are you sure you want to send the postcard?\')) { return false; }" style="float: right;" />';
        }
        echo ' 								<input type="submit" name="preview" value="Preview" /> 							</td> 						</tr> 					</table> 				</form> 			</div> 			';
    } else
    {
        $yourName = str_replace("\\r\\n", "\n", $_POST['yourName']);
        $yourEmail = str_replace("\\r\\n", "\n", $_POST['yourEmail']);
        $recName = str_replace("\\r\\n", "\n", $_POST['recName']);
        $recEmail = str_replace("\\r\\n", "\n", $_POST['recEmail']);
        $message = str_replace("\\r\\n", "\n", $_POST['message']);
        mysql_query(" 			INSERT INTO 				gallery_postcards 				( 					sendName,			sendEmail,			recName,			recEmail, 					message,			pid,				date,				uid 				) 			VALUES 				( 					'".$yourName."',	'".$yourEmail."',	'".$recName."',		'".$recEmail."', 					'".$message."',		'".$photoID."',		'".date('U')."',	'".$_SESSION['uid']."' 				) 			");
        $insID = mysql_insert_id();
        while (strstr($yourName, "\'") OR strstr($yourName, '\"'))$yourName = stripslashes($yourName);
        while (strstr($yourEmail, "\'") OR strstr($yourEmail, '\"'))$yourEmail = stripslashes($yourEmail);
        while (strstr($recName, "\'") OR strstr($recName, '\"'))$recName = stripslashes($recName);
        while (strstr($recEmail, "\'") OR strstr($recEmail, '\"'))$recEmail = stripslashes($recEmail);
        while (strstr($message, "\'") OR strstr($message, '\"'))$message = stripslashes($message);
        mail($_POST['recEmail'], 'OPShots.net Postcard from '.$yourName, 'Hi '.$recName.',

You have been sent a OPShots.net Postcard! You are receiving this email because '.$yourName.' was viewing photos on http://www.opshots.net and came across one you may like.

To view your personalized postcard, with your personalized message, click the following link: http://www.opshots.net/gallery2/index.php?page=postcard&rid='.$insID.'&hash='.date('U').' ', 'From: OPShots.net Postcard Service <noreply@opshots.net>');
        echo ' 			<p> 				<strong>Your postcard was sucessfully sent.</strong> 			</p> 			';
    }
} else
{
    echo ' 			<p> 				<strong>No photo found.</strong> 			</p> 		';
}
}
if (is_numeric($_GET['rid']) AND !empty($_GET['rid']) AND is_numeric($_GET['hash']) AND !empty($_GET['hash']))
{
?>
<h1>View <span class="green">Postcard</span></h1>
<a href="./index.php?page=upload"><img src="images/upload_photos.png"></a><a href="./index.php"><img src="images/search_photos.png"></a>
<?php
$qC = mysql_query("SELECT * FROM gallery_postcards WHERE postid = '".$_GET['rid']."' AND date = '".$_GET['hash']."'");
if (mysql_num_rows($qC) == 1)
{
    $qR = mysql_fetch_array($qC);
    while (strstr($qR['sendName'], "\'") OR strstr($qR['sendName'], '\"'))$qR['sendName'] = stripslashes($qR['sendName']);
    while (strstr($qR['sendEmail'], "\'") OR strstr($qR['sendEmail'], '\"'))$qR['sendEmail'] = stripslashes($qR['sendEmail']);
    while (strstr($qR['recName'], "\'") OR strstr($qR['recName'], '\"'))$qR['recName'] = stripslashes($qR['recName']);
    while (strstr($qR['recEmail'], "\'") OR strstr($qR['recEmail'], '\"'))$qR['recEmail'] = stripslashes($qR['recEmail']);
    while (strstr($qR['message'], "\'") OR strstr($qR['message'], '\"'))$qR['message'] = stripslashes($qR['message']);
    echo '		 		<div style="text-align: center; width: 945px;"> 			<p> 				<strong>Hello '.htmlspecialchars($qR['recName']).'!</strong> 			</p> 			 			<p> 				You have received a postcard from '.htmlspecialchars($qR['sendName']).'. You can take a look at the postcard below. 			</p> 			 			<img src="./includes/photo.php?id='.$qR['pid'].'&size=393" onclick="window.location=\'./index.php?page=photos&id='.$qR['pid'].'\';" style="border: 5px solid white; cursor: pointer;" /> 				<br /> 		    <img src="./includes/postcard.php?message='.base64_encode($qR['message']).'&recName='.base64_encode($qR['recName']).'&recEmail='.base64_encode($qR['recEmail']).'" style="clear: both; margin-top: 10px;"> 			 			<form method="post" action="./index.php?page=postcard&id='.$qR['pid'].'" style="background-color: transparent; border: 0;"> 				<input type="hidden" name="yourName" value="'.$qR['recName'].'" /> 				<input type="hidden" name="yourEmail" value="'.$qR['recEmail'].'" /> 				<input type="hidden" name="recName" value="'.$qR['sendName'].'" /> 				<input type="hidden" name="recEmail" value="'.$qR['sendEmail'].'" /> 				 				<input type="submit" name="goto" value="Respond to '.htmlspecialchars($qR['sendName']).'" /> 			</form> 		</div> 		';
} else
{
    echo ' 			<p> 				<strong>No postcard found.</strong> 			</p> 		';
}
}
?>

 

Everything works great accept when you send a postcard to someone the message they wrote in the postcard is not included.

[premiso]

Well what changed to break the script? Did you add some code? Did you change hosts? Did your host upgrade?

 

However, my suspicion is it could be in your query on this line:

$qC = mysql_query("SELECT * FROM gallery_postcards WHERE postid = '".$_GET['rid']."' AND date = '".$_GET['hash']."'");

 

As "Date" is a reserved word in mysql, either encapsulate in backticks (`) or change the name. I also fail to see where you actually try send the postcard to someone.

[MarkP]

Nothing changed that I know of. Our host did move us to another server a bit back. I cannot tie an exact date. The message is being saved in the database. The script does send the postcard. I am a little new to coding as I inherited the code from someone else and cannot get a hold of this person to assist so I am a little stuck. I tried your suggestion with the date and that did not change anything.

 

The code does call this additional piece from the original code posted though. I am unsure if this has anything to do with it though.

 

<?php

header("Content-type: image/jpeg");



/* S:Functions */

function makeTextBlock($text, $fontfile, $fontsize, $width) 

{    

    $words = explode(' ', $text); 

    $lines = array($words[0]); 

    $currentLine = 0; 

    for($i = 1; $i < count($words); $i++) 

    { 

        $lineSize = imagettfbbox($fontsize, 0, $fontfile, $lines[$currentLine] . ' ' . $words[$i]); 

        if($lineSize[2] - $lineSize[0] < $width) 

        { 

            $lines[$currentLine] .= ' ' . $words[$i]; 

        } 

        else 

        { 

            $currentLine++; 

            $lines[$currentLine] = $words[$i]; 

        } 

    } 

    

    return implode("\n", $lines); 

}

/* E:Functions */



$src_img = ImageCreateFromJPEG('../images/postcard.jpg');



$font	= 'JamesAlmacen.ttf';

$black	= imagecolorallocate($src_img, 0, 0, 0);



ImageTTFText($src_img, 12, 0, 5, 25, $black, $font, 

makeTextBlock(base64_decode($_GET['message']), $font, 16, 200)

);



ImageTTFText($src_img, 10, 0, 216, 83, $black, $font, base64_decode($_GET['recName']));

ImageTTFText($src_img, 10, 0, 216, 104, $black, $font, base64_decode($_GET['recEmail']));



ImageJPEG($src_img, null, 100);

?>

[MarkP]

I also tried the encapsulate suggestion around date and the message does not show still. I just realized I may have posted this in the wrong area in the forums. I see there is a third party category. My apologies. Should the post stay here?

[MarkP]

I tried some more things. I thought it might have something to do with the postcard image itself. There is a postcard background that shows but it has not been showing either. The text was written on the postcard. So I messed around with changing jpg to jpeg and JPG and it did not help. Is there any hope with this?

[MarkP]

Any ideas?