I have an email being generated and sent in one file, a link in that email links to my confirmation page which then should move the users name around database tables according to choices they have made. Problem is i am getting nothing from the confirmation page at all, even when i use just a simple print statement and nothing else. I have been trying to figure it out but to no avail and error reporting is returning blank as well. here at the two files:
email.php (which fully works)
<?php
$link= mysql_connect(...............); //Establish connection to the MySQL server
if (!$link) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db(.....);
$confirm = md5(uniqid(rand()));
$position = $_POST['position'];
$team_name = $_POST['team_name'];
$zip_code = $_POST['zip_code'];
$userId = $_POST['userId'];
$s=mysql_query("SELECT Coach, TeamId FROM TEAM WHERE TEAM.Name = '$team_name' AND TEAM.Zip ='$zip_code'") OR die ("Error 1"); //Get result from query
while($row=mysql_fetch_assoc($s))
{
$coachId = $row['Coach'];
$teamId = $row['TeamId'];
}
$l=mysql_query("SELECT Name, Email FROM USER WHERE USER.UserId = '$userId'") OR die ("Error 3"); //Get result from query
while($row = mysql_fetch_assoc($l))
{
$user_name = $row['Name'];
$user_email = $row['Email'];
}
$q=mysql_query("SELECT Name, Email FROM USER WHERE USER.UserId = '$coachId'") OR die ("Error 4"); //Get result from query
while($coach=mysql_fetch_assoc($q))
{
$to = $coach['Email'];
$name = $user_name;
$subject = "Scoutlet $position Request for The $team_name";
if($position == "Head Coach")
{
$message = "$name has requested to become the Head Coach for the $team_name.";
$message .= "\n\nClick on the following link to give $name permission to be the Head Coach of the $team_name (Located in the ZIP code $zip_code).\n\n";
$message .="Click Here to make $name the Head Coach";
}
else
{
$message = "$name has requested to become a Score Keeper for the $team_name.";
$message .= "\n\nClick on the following link to give $name permission to be a Score Keeper for the $team_name (Located in the ZIP code $zip_code).\n\n";
$message.="http://web.***.***/~***/confirmation.php?key=$confirm"; // way to prevent no spam, dont use txt
}
$headers = "From: ***";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$sent = mail($to, $subject, $message, $headers) ;
if($sent)
{
print "sent";
}
else
{
print "fail";
}
}
$sql=mysql_query("INSERT INTO CONFIRMATION(ConfirmationNumber, UserId, Email, TeamId, TeamName, Position)VALUES('$confirm', '$userId','$user_email','$teamId', '$team_name', '$position')") OR die ("Error 2"); //Get result from query
mysql_close();
?>
confirmation.php
<?
ini_set('display_errors',1);
error_reporting(E_ALL);
$confirm = $_GET['key'];
$link= mysql_connect(***********); //Establish connection to the MySQL server
if (!$link)
{
die('Could not connect: ' . mysql_error());
}
echo "connect4e";
mysql_select_db(**********);
$sql1=mysql_query("SELECT * FROM CONFIRMATION WHERE ConfirmationNumber ='$confirm'") OR die ("Fail 1");
while($row=mysql_fetch_assoc($sql1))
{
$userId= $row['UserId'];
$user_email = $row['Email'];
$teamId = $row['TeamId'];
$team_name = $row['TeamName'];
$position= $row['Position'];
}
$sql2= mysql_query("INSERT INTO USER (Role) VALUES ('$position') WHERE UserId ='$userId'") OR die ("Fail 2");
if($position =="Head Coach")
{
$sql3= mysql_query("INSERT INTO TEAM (Coach) VALUES ('$userId') WHERE TeamId ='$teamId'") OR die ("Fail 3a");
}
else
{ // do a check earlier on to see if the user is already a score keeper for that team
$sql3= mysql_query("INSERT INTO SCOREKEEPS_FOR (ScoreKeeper, Team) VALUES ('$userId', '$teamId')") OR die ("Fail 3b");
}
$to= $user_email;
$subject="Welcome to Our Site";
$headers = "From: ******";
$message="Congratulations, you have been confirmed as a $position for The $team_name.";
$sent = mail($to,$subject,$message,$header);
if(sent)
{
$sql4=mysql_query("DELETE FROM CONFIRMATION WHERE ConfirmationNumber = '$confirm'") OR die ("Fail 5");
}
else
{
print "fail";
}
?>
I've already killed a ton of time just trying to error check which was a waste so hopefully more eyes will help solve it faster. any help or suggestions would be great. thanks in advance
if(sent) >>should be>> if($sent)
Could be your server only executes php with starting tag
<?php
instead of
<?
http://us2.php.net/manual/en/language.basic-syntax.phptags.php
PHP also allows for short tags (which are discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option.
in your confirmation.php you're using short open tags <? ... ?>. Make sure your php short open tags is enable or simply use <?php ... ?> instead.
Related
I have a subscribe using the email button on my website. How do I restrict people subscribing using #gmail, #yahoo emails?
LIST EMAIL ADDRESS
$recipient = "test#test.com";
# SUBJECT (Subscribe/Remove)
$subject = "Subscribe";
# RESULT PAGE
$location = "https://test.com";
## FORM VALUES ##
# SENDER - WE ALSO USE THE RECIPIENT AS SENDER IN THIS SAMPLE
# DON'T INCLUDE UNFILTERED USER INPUT IN THE MAIL HEADER!
$sender = $recipient;
$email = $_POST[‘emailTextBox’];
if (!strpos($email, '#') || !strpos($email, '.')) {
echo "Email is invalid";
} else {
}
# MAIL BODY
$body .= "Email: ".$_REQUEST['Email']." \n";
# add more fields here if required
## SEND MESSGAE ##
mail( $recipient, $subject, $body, "From: $sender" ) or die ("Mail could not be sent.");
## SHOW RESULT PAGE ##
header( "Location: $location" );
?>
// ...
$email = $_POST[‘emailTextBox’];
if (!filter_var($email, FILTER_VALIDATE_EMAIL) || preg_match('/\#(gmail|yahoo|hotmail)/', $email)) {
// Email is invalid
} else {
// Email is valid
}
filter_var, used with the FILTER_VALIDATE_EMAIL filter, will just checks if the email is actually a valid email
preg_match will check now if the email contains the domains you don't want.
If you rather want people to susbcribe ONLY with the specified email, you need to do:
// ...
$email = $_POST[‘emailTextBox’];
if (!filter_var($email, FILTER_VALIDATE_EMAIL) || !preg_match('/\#(gmail|yahoo|hotmail)/', $email)) {
// Email is invalid
} else {
// Email is valid
}
Notice the !preg_match()
Usingfilter_var, you may want to consider this question and its answers too.
I am trying to connect to oracle server with is in the uni. I think it does connect however i cant select from table to check if the login credentials are same in order to login. I have tried other ways as well but this is the closest i got so far. Problem is in the oci_bin part thats where it is showing error but i dunno any other way to solve this.
<?php
session_start();
if(!isset($_POST['username']) || !isset($_POST['password'])) {
header("Location: ../session.php");
}
putenv("ORACLE_SID=teaching");
if ($Connection = oci_connect("w4e09", "melih312")) {
print "Connection OK \n";}
if(isset($_SESSION['loggedin'])) header("Location: ../secret.php");
$Statement = oci_parse($Connection, 'select *
from Company
where address = :un_bv
and email = :pw_bv' );
Oci_bind_by_name($s, ":un_bv", $_POST['username']);
Oci_bind_by_name($s, ":pw_bv", $_POST['password']);
oci_execute($s);
$r = oci_fetch_array($s, OCI_ASSOC);
}
if ($r) {
$_SESSION['loggedin']=TRUE; $_SESSION['username']="admin";
}
else {
// No rows matched so login failed
login_form('Login failed. Valid usernames/passwords ' .
'are "chris/tiger" and "alison/red"');
}
header("Location: secret.php");
?>
oci_bind_by_name, oci_execute and oci_fetch_array have to use the resource returned by oci_parse. In your case, that would be the $Statement variable:
$Statement = oci_parse(
$Connection,
'select * from Company where address = :un_bv and email = :pw_bv'
);
oci_bind_by_name($Statement, ":un_bv", $_POST['username']);
oci_bind_by_name($Statement, ":pw_bv", $_POST['password']);
oci_execute($Statement);
$r = oci_fetch_array($Statement, OCI_ASSOC);
Take a look at the documentation:
http://php.net/manual/en/function.oci-connect.php
http://php.net/manual/en/function.oci-parse.php
Add some error checking:
// During development only
error_reporting(E_ALL); // In PHP 5.3 use E_ALL|E_STRICT
ini_set('display_errors', 'On');
. . .
if ($Connection = oci_connect("w4e09", "melih312")) {
print "Connection OK \n";}
else {
$m = oci_error();
trigger_error('Could not connect to database: '. $m['message'], E_USER_ERROR);
}
Similarly check errors after oci_execute().
See "Handling PHP OCI8 Errors" on p 161 of Oracle's free book http://www.oracle.com/technetwork/topics/php/underground-php-oracle-manual-098250.html
I have a php script:
<?php
header('Content-type: text/plain');
require_once( explode( "wp-content" , __FILE__ )[0] . "wp-load.php" );
require_once("user_details.php");
$GLOBALS['woocommerce'] = WC();
getPostData($woocommerce);
function getPostData($woocommerce){
$user_id;
if(isset($_GET['userName'], $_GET['password'])){
$user = wp_authenticate($_GET['userName'], $_GET['password']);
if (!is_wp_error($user)){
if(filter_var($_GET['userName'], FILTER_VALIDATE_EMAIL)) {
$user_id=getUserByEmail($_GET['userName']);
}
else {
$user_id=getUserByUserName($_GET['userName']);
}
$user_info=getUserInfo($user_id);
$user_info= json_encode(array($user_info));
echo $user_info;
}
else{
$error = $user->get_error_message();
echo '{"RESULT":"ERROR_INVALID_LOGIN_DETAILS"}';
}
}
else{
echo '{"RESULT":"_GET_ERROR"}';
}
}
?>
I am unable to call this script from multiple android/ios devices.. only the first request is handled while others wait in queue forever... someone please help me how to handle this!
the website that im hosting off of is 000webhost.com
this is in the console that is the error,
java.net.MalformedURLException: no protocol: OxidePKz.net63.net/checkvote.php? username=oxide
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
and this is my check vote page code
<?php
$con = mysql_connect("mysql1.000webhost.com", "a5999082_oxidepk", "(put in right passcode)");
if (!$con) {
die("Could not connect to database: " . mysql_error());
}
mysql_select_db("DATABASE_NAME", $con);
$username = mysql_escape_string($_GET['username']);
if (isset($_GET['username'])) {
$result = mysql_query("SELECT * FROM `votes` where username = '$username'") or die(mysql_error());
$row = mysql_fetch_array($result);
if($row['username'] == $username) {
mysql_query("DELETE FROM `votes` where username = '$username'");
echo "true";
} else {
echo "false";
}
}
i made a my admin php thing with the table name votes
and this is the call back page
$rspscoding = gethostbyname("http://www.oxidepkz.net63.net");
if($_SERVER['REMOTE_ADDR'] == $rspscoding) {
$con = mysql_connect("mysql1.000webhost.com", "a5999082_oxidepk", "(put in right passcode)");
if (!$con) {
die("Could not connect to database: " . mysql_error());
}
mysql_select_db("DATABASE_NAME", $con);
$username = mysql_escape_string($_GET['username']);
if (isset($_GET['username'])) {
mysql_query("INSERT INTO `votes` (username) VALUES ('$username')") or die(mysql_error());
}
mysql_close($con);
}
A few things;
I'm wonderinhg why you are getting back a java exception from a php application
Next gethostbyname("http://www.oxidepkz.net63.vote.html") does NOT take a URL, it takes a hostname like "www.oxidepkz.net63.com" for example according to: http://php.net/manual/en/function.gethostbyname.php
Finally, your URL is malformed since there is no ending slash after the domain name.
"http://www.oxidepkz.net63.vote.html" will not work in any browser
Did it get truncated, perhaps?
I am trying to send a POST request to a php file located on a web server. Currently I am successfully sending the request but the headers are not being sent correctly.
Below is my query string I would like to send:
lastName=Jones&title=Android+Game+Programming+2&price=22.99&isbn=9876543210123&year=2012&firstName=Joe&publisher=Android+Press
and this is how I attempt to send them to the server:
if(method.equalsIgnoreCase("POST")){
//Write the http post request to web server
s.getOutputStream().write(("POST " + path + " HTTP/1.0\r\n").getBytes("ASCII"));
s.getOutputStream().write("Host: www.jdiadt.com\r\n\r\n".getBytes("ASCII"));
//Request Headers
String title = "title: "+request.getParameters().get("title") + "\r\n";
String firstName = "firstName: "+request.getParameters().get("firstName") + "\r\n";
String lastName = "lastName: " + request.getParameters().get("lastName") + "\r\n";
String isbn = "isbn: " + request.getParameters().get("isbn") + "\r\n";
String publisher = "publisher: " + request.getParameters().get("publisher") + "\r\n";
String year = "year: " + request.getParameters().get("year") + "\r\n";
String price = "price: " + request.getParameters().get("price") + "\r\n";
s.getOutputStream().write(title.getBytes("ASCII"));
s.getOutputStream().write(firstName.getBytes("ASCII"));
s.getOutputStream().write(lastName.getBytes("ASCII"));
s.getOutputStream().write(isbn.getBytes("ASCII"));
s.getOutputStream().write(publisher.getBytes("ASCII"));
s.getOutputStream().write(year.getBytes("ASCII"));
s.getOutputStream().write(price.getBytes("ASCII"));
//Blank line
String blankline = "\r\n";
s.getOutputStream().write(blankline.getBytes("ASCII"));
//Flush and wait for response...
s.getOutputStream().flush();
When I run the code I get this notice from the script which leads me to believe I am not sending the headers correctly:
Notice: Undefined index: title in C:\wamp\www\bookstore\createBook.php on line 3
It gives above error for every single line where I try to retrieve the variables sent via POST. Here is code:
$title = $_POST['title'];
$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$publisher = $_POST['publisher'];
$isbn = $_POST['isbn'];
$year = $_POST['year'];
$price = $_POST['price'];
Any information as to what might be wrong?
createBook.php
<?php
$title = $_POST['title'];
$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$publisher = $_POST['publisher'];
$isbn = $_POST['isbn'];
$year = $_POST['year'];
$price = $_POST['price'];
try {
require_once 'BookDAO.php';
require_once 'Book.php';
$dao = new BookDAO();
$book = new Book(NULL, $title, $firstName, $lastName,
$publisher, $isbn, $year, $price);
$dao->insert($book);
$books = $dao->findAll();
if (count($books) > 0) {
echo '<table>';
echo '<tr>';
echo ' <th>Title</th>
<th>First name</th>
<th>Last name</th>
<th>Year</th>
<th>Price</th>
<th>Actions</th>';
echo '</tr>';
foreach ($books as $book) {
echo '<tr>';
echo '<td>' . $book->getTitle() . '</td>';
echo '<td>' . $book->getFirstName() . '</td>';
echo '<td>' . $book->getLastName() . '</td>';
echo '<td>' . $book->getYear() . '</td>';
echo '<td>' . $book->getPrice() . '</td>';
echo '<td>';
echo '<a href="editBookForm.php?id=' . $book->getId() . '">';
echo '<img src="images/edit20.png" alt="Edit Book" />';
echo '</a>';
echo '<a href="deleteBook.php?id=' . $book->getId() . '"';
echo ' onclick="return confirm(\'Are you sure you want to delete';
echo ' this book?\');">';
echo '<img src="images/delete20.png" alt="Delete Book" />';
echo '</a>';
echo '</td>';
echo '</tr>';
}
echo '</table>';
}
else {
echo "<p>There are no books in the database.</p>";
}
echo '<p>';
echo '<a href="createBookForm.php">';
echo '<img src="images/new20.png" alt="New Book" /> New Book';
echo '</a>';
echo '</p>';
}
catch (PDOException $e) {
exit("Connection failed: " . $e->getMessage());
}
?>
Why not use a library like HttpClient? It's got a really nice API for performing HTTP GET, POST and other methods. It will allow you to write code that's less fragile and more understandable.
Link: http://hc.apache.org/httpclient-3.x/
You are setting your parameters in a GET-type (querystring) of way and are trying to get them using POST. You should change either of those so that they are the same.
I fixed the problem myself. For anyone wondering what I did here is my solution.
As you can see in the above code I included with my original question I was trying to send the headers one after the other which is the complete wrong thing to do!
I checked out the following two links (the second one particularly) and found them very helpful in explaining the POST request structure.
http://net.tutsplus.com/tutorials/other/http-headers-for-dummies/
http://ruturajv.wordpress.com/2005/12/25/http-post-request/
I then went back to my code and made the following changes to how I constructed my post request:
//POST REQUEST
if(method.equalsIgnoreCase("POST")){
//CONSTRUCT REQUEST
String blankline = "\r\n";
String query = request.getQueryString();
String length = String.valueOf(query.length());
System.out.println(length);
//Write the http post request to web server
s.getOutputStream().write(("POST " + path + " HTTP/1.0" +"\r\n").getBytes("ASCII"));
s.getOutputStream().write(("Host: localhost.com" + "\r\n").getBytes("ASCII"));
s.getOutputStream().write(("Content-Type: application/x-www-form-urlencoded"+"\r\n").getBytes("ASCII"));
s.getOutputStream().write(("Content-Length: " + length + "\r\n").getBytes("ASCII"));
s.getOutputStream().write(blankline.getBytes("ASCII"));
s.getOutputStream().write(query.getBytes("ASCII"));
//Flush and wait for response...
s.getOutputStream().flush();
I then simply read the response back from the server.