PHP mail question
14 posts by 2 authors in: Forums > CMS Builder
Last Post: July 13, 2010 (RSS)
By Jason - July 13, 2010
Hi Jerry,
What you can do is to append variables to the end of the end of the link that you send.
something like this:
Now, this does mean that people can potentially change the email address that they're sending to you, so in the confirmation page, it's a good idea to check to make sure that the email address does exist in your table. Something like this:
Also, you should be fine getting rid of the mysqlStrictMode(false); Just to be careful, comment it out and then give it a try. It should work though.
Hope this helps.
What you can do is to append variables to the end of the end of the link that you send.
something like this:
...please click on this link or paste it into your browser.<br><br> http://www.thecmsbcookbook.com/confirmed.php?submit=1&email='.$_REQUEST['email'];Now, this does mean that people can potentially change the email address that they're sending to you, so in the confirmation page, it's a good idea to check to make sure that the email address does exist in your table. Something like this:
$where = "email='".mysql_escape($_REQUEST['email'])."'";
if(mysql_select_count_from('newsletter',$where)){ //check to ensure that email exists in the table
$query = "UPDATE `{$TABLE_PREFIX}newsletter` SET
hidden = '0',
confirmed = '1',
updatedDate = NOW()
WHERE email = '".mysql_escape( $_REQUEST['email'] )."'";
mysql_query($query) or die("MySQL Error:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
$userNum = mysql_insert_id();
// on success
$errorsAndAlerts = "Thanks, your email address has been succesfully added to our maillist";
}
else{
$errorsAndAlerts= "Sorry, that email has not been added to our newsletter list.<br/>";
}
}Also, you should be fine getting rid of the mysqlStrictMode(false); Just to be careful, comment it out and then give it a try. It should work though.
Hope this helps.
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Re: [Jason] PHP mail question
By gkornbluth - July 13, 2010
Thanks Jason,
So I think that you're saying that it's OK to remove the Email entry field on the form but that they might somehow change the submitted Email address anyway?
Best,
Jerry
So I think that you're saying that it's OK to remove the Email entry field on the form but that they might somehow change the submitted Email address anyway?
Best,
Jerry
The first CMS Builder reference book is now available on-line!
Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php
Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php
By Jason - July 13, 2010
Hi Jerry,
I would keep the email entry form on the confirmation page. Placing the variables at the end of the url in your email is just simulating a form post. However, there is nothing to stop someone from changing the email address when they paste it into the browser (either on purpose, or by accident). The code that I posted does a check to make sure the email in the url string does exist in our table before it tries to update it. If it isn't there, it will display an error message and display the form. This gives the user a chance to type the proper email in, in the case of a mistake. If they fill out the form and submit it, the script will run the same as if they had gotten it from the link.
Hope this makes it a little clearer.
I would keep the email entry form on the confirmation page. Placing the variables at the end of the url in your email is just simulating a form post. However, there is nothing to stop someone from changing the email address when they paste it into the browser (either on purpose, or by accident). The code that I posted does a check to make sure the email in the url string does exist in our table before it tries to update it. If it isn't there, it will display an error message and display the form. This gives the user a chance to type the proper email in, in the case of a mistake. If they fill out the form and submit it, the script will run the same as if they had gotten it from the link.
Hope this makes it a little clearer.
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Re: [Jason] PHP mail question
By gkornbluth - July 13, 2010
So it's kind of a a double check.
Got it
Thanks
Got it
Thanks
The first CMS Builder reference book is now available on-line!
Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php
Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php