GroundZeroStudio Posted March 23, 2007 Share Posted March 23, 2007 Mail_Compose.php: <?php /* Program Designation ......Mail_Compose.php Program Specifications....This program is designed to take input from the user and input it into the MySQL Database for viewing by another user. Program Author............Wamboldt, Founder, Ground Zero Studios Program Security..........This program validates all input from the user and removes html tags. Program Version...........1.00 */ ?> <?php session_start(); ****connection data was here**** if (@$_SESSION['auth'] != "yes") /* Checks if the user is logged in*/ { header("Location: login.php"); exit(); } $connection = mysql_connect($***,$***,$***) or die ("Unable to connect to server"); $db = mysql_select_db($***, $connection) or die ("Unable to select a MySQL database"); $date = date("Y-m-d h:m:s"); $sql = "SELECT FirstName,LastName,Password,Title FROM ClientData WHERE LoginName='{$_SESSION['logname']}'"; $result = mysql_query($sql) or die("Unable to execute dynamic query 1"); $row = mysql_fetch_array($result,MYSQL_ASSOC); extract($row); $sql2 = "SELECT Discount,ServiceCount,CourseCount,Admin,Reviews FROM ClientData2 WHERE LoginName='{$_SESSION['logname']}'"; $result2 = mysql_query($sql2) or die("Unable to execute dynamic query 2"); $row2 = mysql_fetch_array($result2,MYSQL_ASSOC); extract($row2); /*Begin Validate Mail Code */ switch (@$_GET['do']) { case "validate": $_GET["do"]; if ($do == "validate") { $sql3 = "SELECT LoginName FROM ClientData WHERE LoginName='$_POST[to_user]'"; //Attempts to select the user the message is going to $result3 = mysql_query($sql3) //Executes query or die("Unable to execute the specified MySQL query 3"); $num3 = mysql_num_rows($result3); //Sets the value of num to the amount of rows found in the above query if ($num3 == 0) { unset($_get['do']); $error = "Sorry, $to_user does not exist."; include("Mail_Compose_Form.html"); exit(); } elseif ($num3 != 0) { $do == "send"; header("Location: Mail_Compose.php?do=send"); } } /*End of Validate Mail Code */ break; //START OF LOGIN REGISTRATION FORM case "send": /* Begin Send Mail Code */ $_GET["do"]; if ($do == "send") //Checks to see if the script has validated all data submitted { $to=$_POST['to_user']; $sql_send = "INSERT INTO Mail (Sender,Reciever,Subject,Body,Date,Opened) VALUES ('{$_SESSION['logname']}','$to','$subject_input','$body_text','$date','n')"; $result_send = mysql_query($sql_send); $error = "You message has been sent to to_user successfully."; //This message will be displayed in Mail_Home header("Location: mail_home.php"); } /*End of Send Mail Code */ break; default: include("Mail_Compose_Form.html"); } ?> Mail_Compose_Form.html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title>Ground Zero Studios; Imagination Technologies PM System</title> <meta name="description" content="Affordable Web and Game design and programming"> <meta name="keywords" content="HTML, XHTML, CSS, JavaScript, PHP, Affordable, Web Design, Freelancers"> </head> <body bgcolor="#00CCFF"> <?php include 'marquee.php'; //Includes the Marquee file?> <?php include 'NavbarAlpha.php'; //Includes the Main Navagation bar ?> <h2 align="center">Welcome <?php echo " $Title $FirstName $LastName\n";//Displays the User's Title, First Name, and Last Name ?> </h2> <?php include 'ClientNavAlpha.php'; //Includes the Client Navagation Bar ?> <table border="0"> <tr><td><?php echo "<font color=red><b>$error</b></font>"; ?></td></tr> </table> <table border="0"> <form action="Mail_Compose.php?do=validate" method="POST"> <tr><td>To:</td><td><input type="text" name="to_user" value="<?php echo @$to_user ?>" size="50" maxlegnth="40"></td></tr> <tr><td>Subject:</td><td><input type="text" name="subject_input" value="<?php echo @$subject_input ?>" size="50" maxlegnth="100"></td></tr></table> <table><tr><td><textarea name="body_text" rows="20" cols="50"><?php echo @$body_text ?></textarea></td></tr> <tr><td><input type="submit" align="center" value="Send"></td></tr> </form> </td> </table> </body> </html> For some reason it only ever inserts the from sender,date, and opened into the database. I spelled everything right, so I have no bloody clue what is wrong. Please help Link to comment https://forums.phpfreaks.com/topic/43986-what-the-bloody-hll-is-wrong-with-this-code/ Share on other sites More sharing options...
Hell Toupee Posted March 23, 2007 Share Posted March 23, 2007 You haven't declared the variables your using in mail_compose.php, try: $sql_send = "INSERT INTO Mail (Sender,Reciever,Subject,Body,Date,Opened) VALUES ('{$_SESSION['logname']}','$to','$_POST[subject_input]','$_POST[body_text]','$date','n')"; $result_send = mysql_query($sql_send); Link to comment https://forums.phpfreaks.com/topic/43986-what-the-bloody-hll-is-wrong-with-this-code/#findComment-213601 Share on other sites More sharing options...
GroundZeroStudio Posted March 23, 2007 Author Share Posted March 23, 2007 It still doesn't work Link to comment https://forums.phpfreaks.com/topic/43986-what-the-bloody-hll-is-wrong-with-this-code/#findComment-213610 Share on other sites More sharing options...
Hell Toupee Posted March 23, 2007 Share Posted March 23, 2007 Remove all the instances of this: value="<?php echo @$to_user ?>", just make them value="" Link to comment https://forums.phpfreaks.com/topic/43986-what-the-bloody-hll-is-wrong-with-this-code/#findComment-213613 Share on other sites More sharing options...
GroundZeroStudio Posted March 23, 2007 Author Share Posted March 23, 2007 that didn't do anything either. Also, in a MySQL query , why can't I select a auto-increment value. In this case index is auto-increment. $sql4 = "SELECT Sender,Date,Subject,Index FROM Mail WHERE Reciever='{$_SESSION['logname']}'"; $result4 = mysql_query($sql4) or die("Unable to execute dynamic query 4"); $num4 = mysql_num_rows($result4); Link to comment https://forums.phpfreaks.com/topic/43986-what-the-bloody-hll-is-wrong-with-this-code/#findComment-213634 Share on other sites More sharing options...
AndyB Posted March 23, 2007 Share Posted March 23, 2007 http://dev.mysql.com/doc/refman/5.0/en/reserved-words.html Here's a tip. Don't use reserved words to name database tables or database record fields. 'index' is a reserved word (as are some others you've used). Link to comment https://forums.phpfreaks.com/topic/43986-what-the-bloody-hll-is-wrong-with-this-code/#findComment-213640 Share on other sites More sharing options...
Warptweet Posted March 23, 2007 Share Posted March 23, 2007 Remove all the instances of this: value="<?php echo @$to_user ?>", just make them value="" Try this... <?php $users = @$to_user; ?> Then make the field value $users Make sure your form is inside the php inside an echo. Variables wont carry on php outside of the <?php ?> Link to comment https://forums.phpfreaks.com/topic/43986-what-the-bloody-hll-is-wrong-with-this-code/#findComment-213647 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.