php mail form - can't make id stick

[adriscoll]

Hello.

 

I have a mail form (volunteer_send.php) for a site administrator to contact people associated with a certain activity (identified by the event_id variable). The variable is passed via URL from a preceeding page (as a variable called 'id'). I have spent crazy hours trying to figure out if i have a syntax error or something because I cannot get the variable to pass. If I hard code the event_id in the select statement, then it works fine.

 

Also, I changed the syntax of the select statement to event_id = event_id and it emailed everyone in the list while I was testing. woops.

 

any insight would be great.

 

 

<?php

include('dbconfig.php');

// Make a MySQL Connection
mysql_connect("localhost", "$user", "$password") or die(mysql_error());
mysql_select_db("$database") or die(mysql_error());

$adminmail="event@xxxxxxxx.com";
// Pass the event id variable
$event_id=$_GET['id'];

if(isset($_POST['submit']))
{
  $subject=$_POST['subject'];
  $nletter=$_POST['nletter'];
  if(strlen($subject)<1)
  {
     print "You did not enter a subject.";
  }
  else if(strlen($nletter)<1)
  {
    print "You did not enter a message.";
  } 
  else
  {
  
  $nletter=$_POST['nletter'];
      $subject=$_POST['subject'];
      $nletter=stripslashes($nletter);
      $subject=stripslashes($subject);
      $lists=$_POST['lists'];
      $nletter=str_replace("rn","<br>",$nletter);
      //the block above formats the letter so it will send correctly.
      
  
  $getlist="SELECT * from volunteer WHERE event_id = '$event_id' "; //select e-mails in ABC order
      $getlist2=mysql_query($getlist) or die("Could not get list");
  
  while($getlist3=mysql_fetch_array($getlist2))
      {
         $headers = "From: $adminmail \r\n";   //unlock adminmail above and insert $adminmail for email address
         $headers.= "Content-Type: text/html; charset=ISO-8859-1 ";  //send HTML enabled mail
         $headers .= "MIME-Version: 1.0 ";     
         mail("$getlist3[email]","$subject","$nletter",$headers);
      }
      print "Your Message Has Been Sent.";
   }
}
else
{
   print "<form action='volunteer_send.php' method='post'>";
   print "Subject:<br>";
   print "<input type='text' name='subject' size='20'><br>";
   print "Message:<br>";
   print "<textarea name='nletter' cols='50' rows='6'></textarea><br>";
   print "<input type='submit' name='submit' value='submit'></form>";


}
?>

[GrooN]

first of all, please don't use quote every time you pass a variable, definitely no need to recast your variables to strings twice.

This leads me to your mistake, you write:

mail("$getlist3[email]","$subject","$nletter",$headers);

it should be:

mail($getlist3['email'],$subject,$nletter,$headers);

 

[GrooN]

Okay, fail, why the fuck is PHP so freaking flexible!? - it would still work... anyway, you should still change what I told you, just prettier, at least in my opinion.

[adriscoll]

GrooN,

 

thanks for the input on cleaning it up.  I will do so.  I still don't understand why if I setup the _GET it won't pass the variable, but if I hard code it then it works fine.

 

Could it be the placement of the event_id GET statement in code?  If i strip all of the if(isset statement and echo the select statement then it appears to work

[mattal999]

It doesn't work because you don't pass the event_id variable when submitting the form. Use this:

 

print "<form action='volunteer_send.php?id=".$event_id."' method='post'>";

[adriscoll]

Metal,

 

thank you for the response.  I pass the [id] variable from the preceeding file and then am using the $event_id = _GET['id] to translate it.

 

Is that not the correct method?

 

[mattal999]

Yes, that seems correct. Can we see the code for the form please?

[adriscoll]

<?php
include('dbconfig.php');

/* INSERT into db */
// Make a MySQL Connection
mysql_connect("localhost", "$user", "$password") or die(mysql_error());
mysql_select_db("$database") or die(mysql_error());


echo "<table border='1' cellpadding='1'>
<tr>
<th><pre>Date</pre></th>
<th><pre>Park</pre></th>
<th><pre>Time</pre></th>
<th><pre>Description</pre></th>
<th><pre>View</pre></th>
<th><pre>Contact</pre></th>";

// Define your colors for the alternating rows 
$color1 = '#FFFFFF';  
$color2 = '#CCCCCC';  
$row_count = 0; 

// Perform an statndard SQL query: 
$sql_events = mysql_query("SELECT * FROM event_schedule ORDER BY orderdate ASC") or die (mysql_error()); 

// We are going to use the "$row" method for this query. This is just my preference.
while ($row = mysql_fetch_array($sql_events)) { 
    $id = $row['id']; 

    /* Now we do this small line which is basically going to tell 
    PHP to alternate the colors between the two colors we defined above. */ 
    $row_color = ($row_count % 2) ? $color1 : $color2;  


echo "<tr><td bgcolor='$row_color' nowrap>";
echo $row['orderdate'];
echo "</td><td bgcolor='$row_color'>";
echo $row['park'];
echo "</td><td bgcolor='$row_color'>";
echo $row['hour'];
    echo ":";
echo $row['min'];
    echo $row['ampm'];
echo "</td><td bgcolor='$row_color'>";
    echo $row['description'];
    echo "</td><td bgcolor='$row_color'>";
         echo "<a href=\"/administrator/db/volunteer_display.php?id=$row[id]\">View Volunteers</a>";
         echo "</td><td bgcolor='$row_color'>";
	 echo "<a href=\"/administrator/db/volunteer_send.php?id=$row[id]\">Contact Volunteers</a>";
	 echo "</td></tr>";
   $row_count++; 
}
echo "</table>";

?>

[mattal999]

Ah, it's as I expected. You link the user to the form appending the id to the url - that's good. But then, on the volunteer_send.php page that you have posted first, you echo the form (if $_POST has not been set). When you echo the form, you set the action to go back to the same page, but you do not have the id appended to the url again, which is causing the problem.

 

Here's the fixed code for the first page:

 

<?php

include('dbconfig.php');

// Make a MySQL Connection
mysql_connect("localhost", "$user", "$password") or die(mysql_error());
mysql_select_db("$database") or die(mysql_error());

$adminmail="event@xxxxxxxx.com";
// Pass the event id variable
$event_id=$_GET['id'];

if(isset($_POST['submit']))
{
  $subject=$_POST['subject'];
  $nletter=$_POST['nletter'];
  if(strlen($subject)<1)
  {
     print "You did not enter a subject.";
  }
  else if(strlen($nletter)<1)
  {
    print "You did not enter a message.";
  } 
  else
  {
  
  $nletter=$_POST['nletter'];
      $subject=$_POST['subject'];
      $nletter=stripslashes($nletter);
      $subject=stripslashes($subject);
      $lists=$_POST['lists'];
      $nletter=str_replace("rn","<br>",$nletter);
      //the block above formats the letter so it will send correctly.
      
  
  $getlist="SELECT * from volunteer WHERE event_id = '$event_id' "; //select e-mails in ABC order
      $getlist2=mysql_query($getlist) or die("Could not get list");
  
  while($getlist3=mysql_fetch_array($getlist2))
      {
         $headers = "From: $adminmail \r\n";   //unlock adminmail above and insert $adminmail for email address
         $headers.= "Content-Type: text/html; charset=ISO-8859-1 ";  //send HTML enabled mail
         $headers .= "MIME-Version: 1.0 ";     
         mail("$getlist3[email]","$subject","$nletter",$headers);
      }
      print "Your Message Has Been Sent.";
   }
}
else
{
   print "<form action='volunteer_send.php?id=".$event_id."' method='post'>";
   print "Subject:<br>";
   print "<input type='text' name='subject' size='20'><br>";
   print "Message:<br>";
   print "<textarea name='nletter' cols='50' rows='6'></textarea><br>";
   print "<input type='submit' name='submit' value='submit'></form>";


}
?>

[adriscoll]

Metal,

 

That worked perfectly.  I thought it was an issue with the else statements or syntax, but I didn't even recognize it could be an issue in the submission.

 

Thanks a ton