Jump to content

Recommended Posts

So this is a bit of a puzzler for me? I have a code that takes a form submit and chucks it to a DB that all works fine but the second part is it also takes the submit and sends it to a email. now this is the crazy part it works fine 80% of the time but some times it sends back a blank email or one that is only hafe there, but still all shows fine in the DB and I have been trying to work this out for 5 days now and ..... nothing worked and I am lost for any ideas on what it could be  :shrug:

here is the code for anyone that wants to look at it

 

<?php
$breed = $_POST['breed'];
$whelpdate = $_POST['whelpdate'];
$matedate = $_POST['matedate'];
$nummale = $_POST['nummale'];
$numfemale = $_POST['numfemale'];
$sirname = $_POST['sirename'];
$sirnum = $_POST['sirenum'];
if($_FILES['file']['name'] != ""){
		copy($_FILES['file']['tmp_name'], "upload/" . $_FILES['file']['name']) or die("Could not copy file");
		$file = $_FILES['file']['name'];
		}
if($_FILES['file1']['name'] != ""){
		copy($_FILES['file1']['tmp_name'], "upload/" . $_FILES['file1']['name']) or die("Could not copy file");
		$file1 = $_FILES['file1']['name'];
		}
if($_FILES['file2']['name'] != ""){
		copy($_FILES['file2']['tmp_name'], "upload/" . $_FILES['file2']['name']) or die("Could not copy file");
		$file2 = $_FILES['file2']['name'];
		}
if($_FILES['file3']['name'] != ""){
		copy($_FILES['file3']['tmp_name'], "upload/" . $_FILES['file3']['name']) or die("Could not copy file");
		$file3 = $_FILES['file3']['name'];
		}
$damname = $_POST['damname'];
$damnum = $_POST['damnum'];
if (isset($_POST['4Gen'])) {
    $gen = "yes";
} else {
    $gen = "no";
}
if (isset($_POST['exp'])) {
    $exp = "yes";
} else {
    $exp = "no";
}
$pname = $_POST['name'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$country = $_POST['country'];
$zipcode = $_POST['postcode'];
$cardtype = $_POST['cardtype'];
$cardnum = $_POST['cardnum'];
$secure = $_POST['secure'];
$namecard = $_POST['namecard'];
$emails = $_POST['emails'];

$con = mysql_connect("localhost", "user","pass");
if(!$con) { die  ('Error:' . mysql_error()); }
mysql_select_db ("ashl", $con);


$query="INSERT INTO table(PRIKEY, DATE_POSTED, BREED_OF_PUPS_WHELPED, WHELPING_DATE_OF_LITTER_MMDDYY, MATING_DATE_OF_LITTER_MMDDYY, NUMBER_OF_MALES, NUMBER_OF_FEMALES, SIRES_REGISTERED_NAME, SIRES_REGISTERED_NUMBER, SIRE_DUAL_REGISTRATION_REQUEST, DAMS_REGISTERED_NAME, DAMS_REGISTERED_NUMBER, DAM_DUAL_REGISTRATION_REQUEST, PEDIGREE_SERVICE, DELIVERY_SERVICE, OWNERS_NAME, ADDRESS_1, ADDRESS_2, CITY, STATE, COUNTRY_IF_OTHER_THAN_USA, POSTAL_CODE, CREDIT_CARD_TYPE, CREDIT_CARD_NUMBER, EXPIRATION_DATE_MMYY, CARDHOLDERS_NAME, EMAILADDR, FILES_UPLOADED, AUTO_IMAGE, AUTO_SECURITY_AUTH, file, file1, file2, file3)

VALUES 

('',now(),'$breed','$whelpdate','$matedate','$nummale','$numfemale','$sirname','$sirnum','','$damname','$damnum','','$gen','$exp','$pname','$address','','$city','$state','$country','$zipcode','$cardtype','$cardnum','$secure','$namecard','$emails','','','','$file','$file1','$file2','File3')";

if (!mysql_query($query,$con)) 
{ 
die ('Error updating database:' . mysql_error()); 
}
else{
	if (isset($file)) 
		{
			$sendfile = "<a style='font-size:12px; text-align:center;' href='http://www.ramdome.com/a_test/upload/".$file."'>View File</a><br /><br />";
		}
		else 
		{
			$sendfile = "no upload<br /><br />";
		}
	if (isset($file1)) 
		{
			$sendfile1 = "<a style='font-size:12px; text-align:center;' href='http://www.ramdome.com/a_test/upload/".$file1."'>View File</a><br /><br />";
		}
		else 
		{
			$sendfile1 = "no upload<br /><br />";
		}
	if (isset($file2)) 
		{
			$sendfile2 = "<a style='font-size:12px; text-align:center;' href='http://www.ramdome.com/a_test/upload".$file2."'>View File</a><br /><br />";
		}
		else 
		{
			$sendfile2 = "no upload<br /><br />";
		}
	if (isset($file3)) 
		{
			$sendfile3 = "<a style='font-size:12px; text-align:center;' href='http://www.ramdome.com/a_test/upload".$file3."'>View File</a><br /><br />";
		}
		else 
		{
			$sendfile3 = "no upload<br /><br />";
		}
	 // EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = "randome@gmail.com";
    $email_subject = "A new submittion ";
     $email_from = " Automated system";
    function clean_string($string) {
      $bad = array("content-type","bcc:","to:","cc:","href");
      return str_replace($bad,"",$string);
    }
     
$email_message .= "Breed of Pups Whelped: ".clean_string($breed)."<br /><br />";
$email_message .= "Whelping Date of Litter: ".clean_string($whelpdate)."<br /><br />";
$email_message .= "Mating Date of Litter: ".clean_string($matedate)."<br /><br />";
$email_message .= "Number of Male's: ".clean_string($nummale)."<br /><br />";
$email_message .= "Number of Female's: ".clean_string($numfemale)."<br /><br />";
$email_message .= "Sire's Registered Name: ".clean_string($sirname)."<br /><br />";
$email_message .= "Sire's Registered Number: ".clean_string($sirnum)."<br /><br />";
$email_message .= "Dam's Registered Name: ".clean_string($damname)."<br /><br />";
$email_message .= "Dam's Registered Number: ".clean_string($damnum)."<br /><br />";
$email_message .= "4 Generation Pedigree: ".clean_string($gen)."<br /><br />";
$email_message .= "Express Delivery Shipping: ".clean_string($exp)."<br /><br />";
    $email_message .= "Name: ".clean_string($pname)."<br /><br />";
$email_message .= "Address: ".clean_string($address)."<br /><br />";
$email_message .= "City: ".clean_string($city)."<br /><br />";
$email_message .= "State: ".clean_string($state)."<br /><br />";
$email_message .= "Country: ".clean_string($country)."<br /><br />";
$email_message .= "Post code: ".clean_string($zipcode)."<br /><br />";
$email_message .= "Card type: ".clean_string($cardtype)."<br /><br />";
$email_message .= "Card number: ".clean_string($cardnum)."<br /><br />";
$email_message .= "Expiration Date: ".clean_string($secure)."<br /><br />";
$email_message .= "Name on card: ".clean_string($namecard)."<br /><br />";
    $email_message .= "Email: ".clean_string($emails)."<br /><br />";    
    $email_message .= "Sire's pedigree upload: ".$sendfile."";
$email_message .= "Sire's Registration upload: ".$sendfile1."";
$email_message .= "Dam's pedigree upload: ".$sendfile2."";
$email_message .= "Dam's Registration upload: ".$sendfile3."";
// create email headers
$headers = 'From: '.$email_from."\r\n".
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, "$headers\nContent-Type: text/html; charset=iso-8859-1"); 



	header ("location:thankyou.php");
	} 

mysql_close($con)
?>

I'm not sure what your issue is, but you appear to be storing credit card info in plain text in your database, and emailing it in plain text. That is badbadbadbadbadbad.

 

not to worry this is not a real live code or system yet i will add to it once i get past the issue im having is that most of the time it works but some times the email is blank or only hafe there  but everything is submitted right in the db

where does teh email body break? is it always at the same point?

try having it echoed out in the page as you debug, it should pinpoint a bit better for you I hope

 

thank you for the idea the email is breaking at random places or is just blank i try to echo out but nothing

The @ before your mail() call suppresses errors.  Perhaps that would help you actually see the errors.

 

also, you should be using paypal or google checkout or something to handle your payment processing.

also, you should be using paypal or google checkout or something to handle your payment processing.

 

I would agree, systems like this scare me, all it takes is one missed sql injection spot and everyone has your user's credit cards, unencrypted and you are responsible for all the damage done. You are asking for a lot of trouble with something like this. 

also, you should be using paypal or google checkout or something to handle your payment processing.

 

I would agree, systems like this scare me, all it takes is one missed sql injection spot and everyone has your user's credit cards, unencrypted and you are responsible for all the damage done. You are asking for a lot of trouble with something like this.

 

I fully understand your concerns for this but like i sad in a few post ago this is just a base phase to a long term bigger system and this is not live on the net I will be using a payment gateway system and not the database when i come to that part for now i just wanted to solve this hiccup that is hindering my progress

 

also thank you ManiacDam for the advice on the @ on the mail() I will try that out

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.