Jump to content

[SOLVED] My code runs upon page "loading" rather than button pressed

SirChick

By SirChick
in PHP Coding Help

 Share

Recommended Posts

SirChick Advanced Member

SirChick

Posted
Posted

Ok basically when the page loads the script is running when it shouldn't be. Now i have a check for if the button in the form is pressed "then" do the processing but for some unknown reason its doing it straight away.

 

I'm totally stumped I had problems with this earlier with if statements being ignore and the guy who took a look who managed to fix it really didn't have an explanation on why it was ignoring so theres something dodgy with the script and now this new problem has arisen. Which i must admit has never happened until just now (and i ain't even edited it)!

 

So i guess i need pro's to see why the page is not doing the if statements and just inserting in to my DB anyway.

 

This is the html info that is important to know:

<form name="" method="POST" action="composeletter.php" enctype="multipart/form-data" id="Form1" onsubmit="return ValidateForm1(this)">

 

and the buttons:

<input type="submit" id="Button1" name="SendInputLetter" value="Send Letter By Username Or ID" style="position:absolute;left:10px;top:700px;width:210px;height:24px;z-index:13">

<input type="submit" id="Button2" name="SendAddressLetter" value="Send Letter By Address" style="position:absolute;left:340px;top:700px;width:170px;height:24px;z-index:13">

 

If (isset($_POST['SendInputLetter']))
{
	$Selection = $_POST['UserID'];
	If ($Selection == 1 ) 
		{

$Sender = $_SESSION['Current_User'];
$MessageText = mysql_real_escape_string($_POST['Letter']);
$Username = mysql_real_escape_string($_POST['Username']);
$Date = date("Y-m-d H:i:s",time());
$Subject = mysql_real_escape_string($_POST['Subject']);

$query = "SELECT * FROM userregistration WHERE Username='$Username'";
$GetUserName = mysql_query($query) or die("Error: ". mysql_error(). " with query ". $query);
					if (!($row = mysql_fetch_assoc($GetUserName))) 
					{
						die('This Username does not exist!');
					}

					$UserID = $row["UserID"];					


					If ($UserID == $_SESSION['Current_User'])
					{
							die('You cannot send messages to yourself');
					}
				Else
					{
							$query = "INSERT INTO `messages` (Reciever, Sender, Senttime, MessageText, Subject)
							Values ('$UserID', '$Sender', '$Date', '$MessageText', '$Subject')";
							mysql_query($query) or die(mysql_error(). " with query ". $query); // get useful error message
	header("Location: letterbox.php");
					}

		}

	ElseIf ($Selection == 2 ) 
		{
			$Sender = $_SESSION['Current_User'];
			$UserID = mysql_real_escape_string($_POST['UserIDInput']);
			$Date = date("Y-m-d H:i:s",time());
			$Subject = mysql_real_escape_string($_POST['Subject']);
			$MessageText = mysql_real_escape_string($_POST['Letter']);

					$CheckUserID = mysql_query("SELECT * FROM userregistration WHERE UserID='$UserID'") or die(mysql_error());

				If (!($row = mysql_fetch_assoc($CheckUserID))) 
						{
							die('This Username does not exist!');
						}



				If ($UserID == $Sender)
						{
							die('You cannot send messages to yourself!');
						}
				Else 
						{

							$secondquery = "INSERT INTO `messages` (Reciever, Sender, Senttime, MessageText, Subject)
							Values ('$UserID', '$Sender', '$Date', '$MessageText', '$Subject')";
							mysql_query($secondquery) or die(mysql_error(). " with query ". $secondquery); // get useful error message
					header("Location: letterbox.php");			
					}


		}

ElseIf ($Selection == 0 ) 
	{
		die('Please click the selection of Username OR User ID');
	}

}


ElseIf (isset($_POST['SendAddressLetter']))
{

	$Area = $_POST['Region'];
	$StreetName = $_POST['StreetName'];
	$HouseNumber = mysql_real_escape_string($_POST['HouseNumber']);
	$Subject = mysql_real_escape_string($_POST['Subject']);
	$MessageText = mysql_real_escape_string($_POST['Letter']);
	$Date = date("Y-m-d H:i:s",time());

			If ($Area == "")
			{
				die('You must choose a region!');
			}
				ElseIf ($StreetName == "")
			{
				die('You must choose a street name!');
			}
				ElseIf ($StreetName && $Area == "")
			{
				die('You must choose a street name and region!');
			}
				ElseIf ($HouseNumber == "")
			{
				die('You must choose a house number that exists!');
			}
				Else
			{
				$CheckHouseExists = mysql_query("SELECT * FROM houses WHERE Area ='$Area' AND StreetName = '$StreetName' AND HouseNumber = '$HouseNumber'") or die(mysql_error());
				If (!($row = mysql_fetch_assoc($CheckHouseExists))) 
						{
							die('This house does not exist!');
						}
			}

}
Else
{


	$FindUser = mysql_query("SELECT UserID FROM houses
                    WHERE Area='$Area', StreetName='$StreetName', HouseNumber='$HouseNumber'");

	$Sender = $_SESSION['Current_User'];

	If ($UserID == $_SESSION['Current_User'])
				{
					die('You cannot send messages to yourself!');
				}
	Else{

	$query = "INSERT INTO `messages` (Reciever, Sender, Senttime, MessageText, Subject)
			Values ('$FindUser', '$Sender', '$Date', '$MessageText', '$Subject')";
			mysql_query($query) or die(mysql_error());
		}
}
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.