Jump to content

[SOLVED] Email to variable

karenn1

By karenn1
in PHP Coding Help

 Share

Recommended Posts

karenn1 Member

karenn1

Posted
Posted

Hey everyone!

 

I have a contact form on my site and it links to an external PHP file to send an email. The code for that page is included below. On the form there is a dynamic dropdown for a person to select the area they live in. The area is pulled from the areas table in my database. In that same table, there is an email address field attached to each area. What I want to do is this. When a person selects their area and clicks submit, I want the email to go to the address that's attached to that area. The SQL coding below looks right to me but I get an error page when I hit submit. The "enc" variables are to do with an authentication question and validation so please ignore that. I'm concerned about the SQL coding and the email "to" variable.

 

Can anyone please help?

 

Thanks,

Karen

 

 

<?php

include '../inc/config_contact_pub.php';
include("../includes/conn.inc.php");
include("../includes/error_report.inc.php");



$sql = "SELECT * FROM $db.areas WHERE area = ".$_REQUEST['area'];
$result = mysql_query($sql) or die(error_report("Mysql Error", mysql_error()."\n\n$sql", $_SERVER['REMOTE_ADDR'])); 
$rs = mysql_fetch_array($result);



if(isset($_POST['enc'])) {
/* email validation checker */
$the_email = false;    
if(eregi("^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", $_POST['email'])) {
$the_email = true;
} else {
$the_email = false;
}


if(!$the_email || !isset($_POST['email'])) {
    exit(header("Location: http://www.mysite.co.za/public/eng/error.htm"));
}


/* validate the encrypted strings */
$dec = false;
$valid = false;

$dec = valEncStr(trim($_POST['enc']), $mkMine);
if($dec == true) {
    $valid = true;   
} else {
  echo "error: $dec <br />";
  header("Location: http://www.mysite.co.za/public/eng/error.htm");  
}

// check the spam question has the correct answer
$ans_one = $_POST['answer_out'];
$ans_two = mkDecStr($_POST['answer_p']);

if($ans_one === $ans_two) {
    $valid = true;
} else {
    $valid = false;
}





if($valid) {



$email_to = $rs['admin_email'];
$email_from = $_POST['email'];

$email_message = "Name and Surname: ".stripslashes($_POST['name'])."\n";
$email_message .= "Telephone Number: ".stripslashes($_POST['number'])."\n";
$email_message .= "Area: ".stripslashes($_POST['area'])."\n";
$email_message .= "Email: ".stripslashes($_POST['email'])."\n";
$email_message .= "Comments: ".stripslashes($_POST['comments']);



$headers = 'From: '.$email_from."\r\n" .
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();

@mail($email_to, $email_subject_pre, $email_message, $headers);

header("Location: http://www.mysite.co.za/public/eng/success.htm");
die();

}
else {
header("Location: http://www.mysite.co.za/public/eng/error.htm"); 
}

}
?>

Link to comment
Share on other sites
Dragen Advanced Member

Dragen

Posted
Posted

That's because you've probably got the directory for one of your pages wrong.. I've also noticed your first include should be this:

include ('../inc/config_contact_pub.php');

you'd missed out the brackets.

 

check that the following pages exist and are at the correct locations:

http://www.mysite.co.za/public/eng/error.htm
http://www.mysite.co.za/public/eng/success.htm

I'm presuming they're the pages which can't be found.

Link to comment
Share on other sites
karenn1 Member

karenn1

Posted
  • Author
Posted

Both those pages are there. As soon as I take this code out, it works fine.

 

$sql = "SELECT * FROM $db.areas WHERE area = ".$_REQUEST['area'];
$result = mysql_query($sql) or die(error_report("Mysql Error", mysql_error()."\n\n$sql", $_SERVER['REMOTE_ADDR'])); 
$rs = mysql_fetch_array($result);

 

When this SQL bit is not there, it works fine. It also has been working even without the brackets around that first includes file, so that's not the problem either. I'm thinking my SQL query is incorrect.

 

Any suggestions?

Link to comment
Share on other sites
Dragen Advanced Member

Dragen

Posted
Posted 

$sql = "SELECT * FROM $db.areas WHERE area = ".$_REQUEST['area'];

I don't think $db.area is valid. you should also surround table names with `. Trust me I found out the hard way... although I don't think that's your problem..

$sql = "SELECT * FROM `$db.areas` WHERE `area` = ".$_REQUEST['area'];

 

I'm presuming error_report is a function of yours as I've not heard of it.

I don't see what that sql statement has to do with a page not found error.

What page can't be found?

Link to comment
Share on other sites
karenn1 Member

karenn1

Posted
  • Author
Posted

The error report is one of my functions. When it finds an error, it logs it to the "errors" table and kicks out to a error 404 page. I've checked the error log table and it gives the following error as the last entry: 

 

Unknown column 'boston' in 'where clause'

SELECT * FROM neigha_db1.areas WHERE area = boston

 

Boston is the area that was selected on the form on the area dropdown list. The column is called "area" though and not "boston". It registers that I selected Boston, all I now what it to do is the the form to the email attached to Boston.

 

Does this make sense?

Link to comment
Share on other sites
Dragen Advanced Member

Dragen

Posted
Posted

try switching the sql statement with this:

$sql = "SELECT * FROM `" . $db . "areas` WHERE `area` = '" . $_REQUEST['area'] . "'";

 

 

also I'd say that throwing up a 404 error page is a bad idea. It would be better to display an error message to the user that makes sense. Such as what the problem was.

Link to comment
Share on other sites
karenn1 Member

karenn1

Posted
  • Author
Posted

Dragen, that piece of code you gave me doesn't work. I'll make a plan though with the 404 page. For now, I just want the form to be sent to the correct address.

 

Does anybody have any suggestions??

 

 

Thanks,

Karen

Link to comment
Share on other sites
karenn1 Member

karenn1

Posted
  • Author
Posted

The first bit is just to specify which table in my database it should use. $db is a variable that's specified in my connection includes file. The second bit is to get the area that was selected in the contact form. I'm not sure if that's right though. The contact form has a normal dropdown menu for area. That area is the value I want to bring across to this file. Although I'm thinking $_REQUEST might not be the right option. I've tried POST and GET, both don't work. Below is the coding for my contact form. The SQL_CAT bit is just to get the area info for the dynamic dropdown menu. Config_contact_pub is the configuration file for the authentication question and parse_contact_pub.php is the one I published in my first post in this thread. Conn.inc.php is my file that connects the page to my database. I've deleted certain non essential parts of the code for privacy sake:

 

<?php
include '../../inc/config_contact_pub.php'; 
include("../../includes/conn.inc.php");


$sql_cat = "SELECT * FROM $db.areas ORDER BY area asc";
$result_cat = mysql_query($sql_cat) or die(error_report("Mysql Error", mysql_error()."\n\n$sql_cat", $_SERVER['REMOTE_ADDR']));

?>
<head>
<title></title>
<meta name="keywords" content="">
<meta name="description" content="">
</head>

<body>

<td>
  </tr>
  <tr>
    <td width="584" height="513" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">
      <!--DWLayoutTable-->
      <tr><!-- InstanceBeginEditable name="headers" --><td width="584" height="45" valign="top"><img src="../../images/eng/headers/contact.jpg" width="584" height="45" /></td>
      <!-- InstanceEndEditable --></tr>
      <tr>
        <td height="435" valign="top" background="../../images/eng/text_bg.jpg"><!-- InstanceBeginEditable name="body-text" -->
          <form method="post" action="../../inc/parse_contact_pub.php"
            <p class="body-text"> </p>
            <table width="549" height="455" align="center" cellpadding="0" cellspacing="0">
              <tr>
                <td height="23" colspan="2" valign="top" class="body-text-np"><strong>For
                      any enquiries relating to becoming part of this on-line
                      community, or if you have suggestions for us, please fill
                  in the following Form:<br>
                </strong></td>
              </tr>
              <tr>
                <td valign="middle" class="body-text-np"><div align="left">Name and Surname: </div></td>
                <td valign="middle" class="body-text-np"><input name="name" type="text" id="name" size="17" /></td>
              </tr>
              <tr>
                <td width="177" valign="middle" class="body-text-np"><div align="left">Contact Number: </div></td>
                <td width="180" valign="middle" class="body-text-np"><input name="number" type="text" id="number" size="17" /></td>
              </tr>
              <tr>
                <td valign="middle" class="body-text-np">Area:</td>
                <td valign="middle" class="body-text-np"><select name="area">
				  <?php
					while ($rs_cat = mysql_fetch_array($result_cat))	{
						print "<option value=\"".$rs_cat["area"]."\">".ucwords($rs_cat["area"])."</option>";
					}
	  			?>
                      </select></td>
              </tr>
              <tr>
                <td valign="middle" class="body-text-np"><div align="left">Email Address:<span class="style1"><strong>*</strong></span> </div></td>
                <td valign="middle" class="body-text-np"><input name="email" type="text" id="email" size="17" /></td>
              </tr>
              <tr>
                <td height="35" valign="middle" class="body-text-np">Comments:</td>
                <td valign="middle" class="body-text-np"><textarea name="comments" cols="17" id="comments"></textarea></td>
              </tr>
              <tr>
                <td height="229" colspan="2" valign="middle" class="body-text-nopadding"><table width="540" height="142" border="0" align="center">
                  <tr>
                    <td bgcolor="#E4EAEF"><p class="body-text-np"><br />
                      In order to assist us in preventing
                      spam and to make sure that your email is legitimate,
                      please ensure that a valid email address is entered above,
                      then answer the following simple question to activate the Form
                      Submission Procedure: </p>
                        <p align="center"><span class="body-text-np"><?php echo $question; ?> = 
                            <input name="answer_out" type="text" size="10" />
                              <input type="hidden" name="answer_p" value="<?php echo $answer_pass; ?>" />
                              <input type="hidden" name="enc" value="<?php echo $enc; ?>" />
                        </span></p>
                        <p align="center">
                          <input name="Submit" type="submit" id="Submit" value="Submit" />
                        </p></td>
                  </tr>
                </table>                </td>
              </tr>
            </table>
          </form>

Link to comment
Share on other sites
karenn1 Member

karenn1

Posted
  • Author
Posted

Nope. It logs the following error in my error log table

 

Table 'neigha_db1.neigha_db1areas' doesn't exist

 

"neigha_db1" is my database name. And yes, it does exist. I'm really frustrated with this one. Here's my complete SQL query:

 

$sql = "SELECT * FROM `" . $db . "areas` WHERE `area` = '" . $_POST['area'] . "'";
$result = mysql_query($sql) or die(error_report("Mysql Error", mysql_error()."\n\n$sql", $_SERVER['REMOTE_ADDR']));
$rs = mysql_fetch_array($result);

 

Remember error_report is one of my functions. Does anybody else have any ideas?? I have no clue.

 

 

 

Karen

Link to comment
Share on other sites
karenn1 Member

karenn1

Posted
  • Author
Posted

I didn't understand that either so I went back to the code I originally had. I played around with it and placed the SQL code this this:

 

if($valid) {

$sql = "SELECT * FROM $db.areas WHERE area = '".$_POST['area']. "' ORDER BY area asc";
$result = mysql_query($sql) or die(error_report("Mysql Error", mysql_error()."\n\n$sql", $_SERVER['REMOTE_ADDR']));
$rs = mysql_fetch_array($result);


$email_to = $rs['admin_email'];
$email_from = $_POST['email'];


$email_message = "Name and Surname: ".stripslashes($_POST['name'])."\n";
$email_message .= "Telephone Number: ".stripslashes($_POST['number'])."\n";
$email_message .= "Area: ".stripslashes($_POST['area'])."\n";
$email_message .= "Email: ".stripslashes($_POST['email'])."\n";
$email_message .= "Comments: ".stripslashes($_POST['comments']);



$headers = 'From: '.$email_from."\r\n" .
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();

@mail($email_to, $email_subject_pre, $email_message, $headers); }

 

Now it works. Seems the email headers needed the query code to be within the If statement for it to fetch that variable. It does now exactly what I wanted it to do in the first place.

 

Thanks guys, for all the help anyway,

 

Karen

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.