I'm now posting it all to a *.php file.
So when there is a success, it does all the email and DB stuff, then it's meant to clear the session and return.
It does return. But when I echo the current Session ID on screen, it's the same sessionid that was apparently just destoyed, cleared and unset.
Code: Select all
<?php
session_start();
include "dbconn.php";
if (isset($_SESSION["sessionid"]))
{
$success = isset($_GET['success']) ? $_GET['success'] : null;
if (isset($success))
{
$sessionid = $_SESSION["sessionid"];
$id = isset($_GET['id']) ? $_GET['id'] : null;
}
if ($success == "po")
{
if ($id == $sessionid)
{
mysql_query("UPDATE register SET paid = 'po' WHERE sessionid = '$sessionid'") or die(mysql_error());
$to = "test@hotmail.com";
$subject = "site Purchase Order Request";
$headers = "From: info@site.com";
$body = "Please submit a purchase order for the following:
Purchase Order (Session ID): $sessionid";
$result = mysql_query ("SELECT * FROM register WHERE sessionid = '$sessionid'");
while ($row = mysql_fetch_object($result))
{
if ($row->attending == "yes")
{
$body .= "Leader attending: $row->attending";
}
$body .= "
$row->title $row->firstname $row->lastname
$row->telephone
$row->mobiletelephone
$row->email
Company (if applicable): $row->company
$row->address1
$row->address2
$row->town
$row->postcode
$row->country
Special Needs (if applicable: $row->specialneeds
Where did they hear about site: $row->wheredidyouhear
$row->datebooked
$row->dateofbooking
-----------------";
}
mysql_free_result($result);
$body .= "
--------------------------------------------
";
mail ($to, $subject, $body, $headers);
session_unset();
session_destroy();
session_write_close();
session_regenerate_id(true);
echo "
<script>
window.location.replace('/register_c&success=po')
</script>";
}
else
{
echo "Sorry there is a problem with your request. Please complete details again, or contact us.";
}
}
if ($success == "yes")
{
if ($id == NULL)
{
mysql_query("UPDATE register SET paid = 'yes' WHERE sessionid = '$sessionid'") or die(mysql_error());
$to = "test@hotmail.com";
$subject = "site Booking";
$headers = "From: info@site.com";
$body = "";
$result = mysql_query ("SELECT * FROM register WHERE sessionid = '$sessionid' AND paid = 'yes'");
while ($row = mysql_fetch_object($result))
{
if ($row->attending == "yes")
{
$body .= "Leader attending: $row->attending";
}
$body .= "
$row->title $row->firstname $row->lastname
$row->telephone
$row->mobiletelephone
$row->email
Company (if applicable): $row->company
$row->address1
$row->address2
$row->town
$row->postcode
$row->country
Special Needs (if applicable: $row->specialneeds
Where did they hear about site: $row->wheredidyouhear
$row->datebooked
$row->dateofbooking
Paid: $row->paid
-----------------";
}
mysql_free_result($result);
$body .= "
--------------------------------------------
";
mail ($to, $subject, $body, $headers);
$result = mysql_query ("SELECT * FROM register WHERE sessionid = '$sessionid' AND paid = 'yes'");
while ($row = mysql_fetch_object($result))
{
if ($row->attending == "Yes")
{
$attendingtext = "Information only for person registering person or persons. Your invoice will be sent via PayPal, along with number of attendees and fees paid.";
}
else
{
$attendingtext = "";
}
$to = "$row->email";
$subject = "site Booking";
$headers = "From: judith@site.com";
$body = "$attendingtext
Your Booking with site details shown below:
Booking ID: $row->sessionid
$row->title $row->firstname $row->lastname
Special Needs (if applicable): $row->specialneeds
$row->datebooked
$row->dateofbooking
-----------------
Kind regards
site.com";
mail ($to, $subject, $body, $headers);
}
mysql_free_result($result);
session_unset();
session_destroy();
session_write_close();
session_regenerate_id(true);
echo "<script>
window.location.replace('/register_c&success=yes')
</script>";
}
else
{
echo "Sorry there has been a problem with your request. If you have made payment, please contact us to let us check it for you. If you have yet to pay, please re-register.";
}
}
if ($success == "no")
{
mysql_query("DELETE FROM register WHERE sessionid = '$sessionid'");
session_unset();
session_destroy();
session_write_close();
session_regenerate_id(true);
echo "<script>
window.location.replace('/register_c&success=no')
</script>";
}
}
else
{
echo "<script>
window.location.replace('/')
</script>";
}
?>