Jump to content

[SOLVED] My code runs upon page "loading" rather than button pressed

SirChick

By SirChick
in PHP Coding Help

Recommended Posts

SirChick Advanced Member

SirChick

Posted
Posted

Ok basically when the page loads the script is running when it shouldn't be. Now i have a check for if the button in the form is pressed "then" do the processing but for some unknown reason its doing it straight away.

 

I'm totally stumped I had problems with this earlier with if statements being ignore and the guy who took a look who managed to fix it really didn't have an explanation on why it was ignoring so theres something dodgy with the script and now this new problem has arisen. Which i must admit has never happened until just now (and i ain't even edited it)!

 

So i guess i need pro's to see why the page is not doing the if statements and just inserting in to my DB anyway.

 

This is the html info that is important to know:

<form name="" method="POST" action="composeletter.php" enctype="multipart/form-data" id="Form1" onsubmit="return ValidateForm1(this)">

 

and the buttons:

<input type="submit" id="Button1" name="SendInputLetter" value="Send Letter By Username Or ID" style="position:absolute;left:10px;top:700px;width:210px;height:24px;z-index:13">

<input type="submit" id="Button2" name="SendAddressLetter" value="Send Letter By Address" style="position:absolute;left:340px;top:700px;width:170px;height:24px;z-index:13">

 

If (isset($_POST['SendInputLetter']))
{
	$Selection = $_POST['UserID'];
	If ($Selection == 1 ) 
		{

$Sender = $_SESSION['Current_User'];
$MessageText = mysql_real_escape_string($_POST['Letter']);
$Username = mysql_real_escape_string($_POST['Username']);
$Date = date("Y-m-d H:i:s",time());
$Subject = mysql_real_escape_string($_POST['Subject']);

$query = "SELECT * FROM userregistration WHERE Username='$Username'";
$GetUserName = mysql_query($query) or die("Error: ". mysql_error(). " with query ". $query);
					if (!($row = mysql_fetch_assoc($GetUserName))) 
					{
						die('This Username does not exist!');
					}

					$UserID = $row["UserID"];					


					If ($UserID == $_SESSION['Current_User'])
					{
							die('You cannot send messages to yourself');
					}
				Else
					{
							$query = "INSERT INTO `messages` (Reciever, Sender, Senttime, MessageText, Subject)
							Values ('$UserID', '$Sender', '$Date', '$MessageText', '$Subject')";
							mysql_query($query) or die(mysql_error(). " with query ". $query); // get useful error message
	header("Location: letterbox.php");
					}

		}

	ElseIf ($Selection == 2 ) 
		{
			$Sender = $_SESSION['Current_User'];
			$UserID = mysql_real_escape_string($_POST['UserIDInput']);
			$Date = date("Y-m-d H:i:s",time());
			$Subject = mysql_real_escape_string($_POST['Subject']);
			$MessageText = mysql_real_escape_string($_POST['Letter']);

					$CheckUserID = mysql_query("SELECT * FROM userregistration WHERE UserID='$UserID'") or die(mysql_error());

				If (!($row = mysql_fetch_assoc($CheckUserID))) 
						{
							die('This Username does not exist!');
						}



				If ($UserID == $Sender)
						{
							die('You cannot send messages to yourself!');
						}
				Else 
						{

							$secondquery = "INSERT INTO `messages` (Reciever, Sender, Senttime, MessageText, Subject)
							Values ('$UserID', '$Sender', '$Date', '$MessageText', '$Subject')";
							mysql_query($secondquery) or die(mysql_error(). " with query ". $secondquery); // get useful error message
					header("Location: letterbox.php");			
					}


		}

ElseIf ($Selection == 0 ) 
	{
		die('Please click the selection of Username OR User ID');
	}

}


ElseIf (isset($_POST['SendAddressLetter']))
{

	$Area = $_POST['Region'];
	$StreetName = $_POST['StreetName'];
	$HouseNumber = mysql_real_escape_string($_POST['HouseNumber']);
	$Subject = mysql_real_escape_string($_POST['Subject']);
	$MessageText = mysql_real_escape_string($_POST['Letter']);
	$Date = date("Y-m-d H:i:s",time());

			If ($Area == "")
			{
				die('You must choose a region!');
			}
				ElseIf ($StreetName == "")
			{
				die('You must choose a street name!');
			}
				ElseIf ($StreetName && $Area == "")
			{
				die('You must choose a street name and region!');
			}
				ElseIf ($HouseNumber == "")
			{
				die('You must choose a house number that exists!');
			}
				Else
			{
				$CheckHouseExists = mysql_query("SELECT * FROM houses WHERE Area ='$Area' AND StreetName = '$StreetName' AND HouseNumber = '$HouseNumber'") or die(mysql_error());
				If (!($row = mysql_fetch_assoc($CheckHouseExists))) 
						{
							die('This house does not exist!');
						}
			}

}
Else
{


	$FindUser = mysql_query("SELECT UserID FROM houses
                    WHERE Area='$Area', StreetName='$StreetName', HouseNumber='$HouseNumber'");

	$Sender = $_SESSION['Current_User'];

	If ($UserID == $_SESSION['Current_User'])
				{
					die('You cannot send messages to yourself!');
				}
	Else{

	$query = "INSERT INTO `messages` (Reciever, Sender, Senttime, MessageText, Subject)
			Values ('$FindUser', '$Sender', '$Date', '$MessageText', '$Subject')";
			mysql_query($query) or die(mysql_error());
		}
}
?>

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.