Using sql values as email addresses

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
wright67uk
Forum Newbie
Posts: 7
Joined: Fri Jan 01, 2010 4:09 pm

Using sql values as email addresses

Post by wright67uk »

Im having a little trouble with the script below. I get my three sql values returned fine, without a problem.
The problem is that Im not sending any emails with it.

Wether this is a problem with my syntax, headers, code ??? i dont know.
Please go easy on my scripts, im a learning newbie.

Code: Select all

<html><body>
<?php
mysql_connect("***","***","***"); 
mysql_select_db("***") or die("Unable to select database"); 

$code = $_GET['postcode'];
$message = $_GET['message'];
$shortcode = substr($code,0,2);
$subject = "subject here";
$result = mysql_query("SELECT email FROM treesurgeons WHERE postcode like '%" . $shortcode . "%' ORDER BY companyName LIMIT 3")
or die(mysql_error());  
echo "<h2>Business Names:</h2>";                     
while($row = mysql_fetch_assoc($result)) 
{$message .= "\r\n". $row['email'] ;}
{$value = $row['email'].',';}
rtrim($row, ',');
$i = 0;
{$i++; switch($i)
{case 0:$value1 = $row['email']; break;
 case 1:$value2 =$row['email']; break;
 case 2:$value3 =$row['email']; break; }}
$to = "$value1, $value2, $value3";
echo nl2br ($message); 
$headers = 'From: me@me.com' . "\r\n" .
    'Reply-To: me@me.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();
mail( "$to", "$subject","$message", "$headers");
echo "<br>" . "Thank you for using our mail form.";
?></body></html>
User avatar
mecha_godzilla
Forum Contributor
Posts: 375
Joined: Wed Apr 14, 2010 4:45 pm
Location: UK

Re: Using sql values as email addresses

Post by mecha_godzilla »

Hi,

While you're writing your script it would be a good idea to echo() out all your values to make sure that they contain the information you expect in the right format.

I've rewritten part of your script below - this might make it easier for you to see what's happening. Please note that I haven't tested any of this code so if you get any error messages please let me know:

Code: Select all

$result = mysql_query("SELECT email FROM treesurgeons WHERE postcode like '%" . $shortcode . "%' ORDER BY companyName LIMIT 3") or die(mysql_error());  

$number_of_results = mysql_num_rows($result);

$results_counter = 0;

if ($number_of_results != 0) {

	while ($array = mysql_fetch_array($result)) {

		$email = $array['email'];
		
		$results_counter++;
		
		if ($results_counter >= $number_of_results) {
			$to .= $email;
		} else {
			$to .= $email . ',';
		}
		
	}

} else {

	// No results found - display some kind of message

}
You could also check and make sure your mail set-up is working properly; I normally use the following code for this purpose:

Code: Select all

$to = 'first_recipient@test.com,second_recipient@test.com';
$subject = 'Mailer Test';
$message = 'Just Testing!';
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: do_not_reply@test.com' . "\r\n";
$headers .= 'Reply-To: do_not_reply@test.com' . "\r\n";
$headers .= 'X-Mailer: PHP Mailer Gateway';

mail($to, $subject, $message, $headers);
Note that this will send an HTML message - sending plaintext/HTML is a bit more complicated but I can post the code if you want it.

A couple of other points:

You should be using mysql_real_escape_string() to make sure that someone doesn't try to break your query with a misplaced single quote (') character (either deliberately or on purpose). There's lots of information about this function on this forum and the web generally but the format is:

Code: Select all

$my_safe_and_escaped_value = mysql_real_escape_string($unsafe_and_untrustworthy_form_value);
If you're going to use mysql_real_escape_string() you need to check whether magic_quotes is on or off - what this does is automatically 'escape' single quotes with a slash but doesn't offer all the capabilities that mysql_real_escape_string does. To find out whether magic_quotes is enabled, try this:

Code: Select all

if (!get_magic_quotes_gpc()) {
echo 'Magic quotes are disabled';
} else {
echo 'Magic quotes are enabled';
}
You should also sanitise the values you receive from your form to make sure they're in the correct format (e.g. integer, string, etc.), that they're the correct length and they don't contain any odd characters - there are lots of PHP functions to help you sanitise values if needed.

HTH,

Mecha Godzilla
wright67uk
Forum Newbie
Posts: 7
Joined: Fri Jan 01, 2010 4:09 pm

Re: Using sql values as email addresses

Post by wright67uk »

Thankyou very much! my code now looks like this;

Code: Select all

<html><body>
<?php
mysql_connect("###,###,###"); 
mysql_select_db("treesurgery") or die("Unable to select database"); 

$code = $_GET['postcode'];
$message = $_GET['message'];
$shortcode = substr($code,0,2);
$subject = "subject here";
$result = mysql_query("SELECT email FROM treesurgeons WHERE postcode like '%" . $shortcode . "%' ORDER BY companyName LIMIT 3")
or die(mysql_error());  
echo "<h2>Business Names:</h2>";
$number_of_results = mysql_num_rows($result);
$results_counter = 0;
if ($number_of_results != 0) 
{while ($array = mysql_fetch_array($result)) 
{$email = $array['email'];
$results_counter++;
if ($results_counter >= $number_of_results) {$to .= $email;} 
else {$to .= $email . ',';}}}
$headers = 'From: me@me.com' . "\r\n" .
    'Reply-To: me@me.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();
{$message .= "\r\n". $row['email'] ;}
echo nl2br ($message);
mail( "$to", "$subject","$message", "$headers");
echo "<br>" . "Thank you for using our mail form.";
?></body></html>
This is great as it send an email to each of the returned sql values. I have somehow caused my message not to display the returned values though?
I used to click submit on my form and get a list of email addresses ive just emailed. (this list would appear in my sent email too.) do you know the best way to factor that in?

I thought where I put

Code: Select all

{$message .= "\r\n". $row['email'] ;}
echo nl2br ($message);
would display my values for users to see?

Many thanks by the way.
User avatar
mecha_godzilla
Forum Contributor
Posts: 375
Joined: Wed Apr 14, 2010 4:45 pm
Location: UK

Re: Using sql values as email addresses

Post by mecha_godzilla »

If you need to include the list of email addresses in the message itself you can just put the following code in the while() loop:

Code: Select all

$message .= $email . "\r\n";
If you want to display these email addresses in the web page you just need to add the following code towards the end of your script:

Code: Select all

echo 'Email addresses: ' . $to . '<br />'; 
If you want to display these on individual lines (rather than as a list separated by commas) you can put the same code in the while() loop like this:

Code: Select all

echo $email . '<br />';
Anything you ECHO out will be displayed to the web page, and every you append to $message will appear in your email.

Is that what you want to do?

M_G
Post Reply