Easy varibles not working...
Posted: Wed Apr 13, 2005 6:58 am
Ok, this is what I'm trying to do. I have a db set up with all the clients in there with and id number and a randomly generated xcode which is codesql in the mysql db. I have jangomail that gets all the info from my db and sends out mass emails. And in the email there is a link that looks similar to this...
https://www.serasfinancial.com/pgspro/? ... code=36029
The id and the xcode HAVE to match whats currently in the db to view the webpage. After they click submit, the xcode changes so they can't click their link again and change their answer.
What I'm trying to do is get the $xcode variable from the link and put it into the link that goes to the processing page.
Line 57 is the part that is giving me problems... I've tryed everything I could think of
Getting the id works perfectly fine, but not for the xcode.
Here is the full script...
https://www.serasfinancial.com/pgspro/? ... code=36029
The id and the xcode HAVE to match whats currently in the db to view the webpage. After they click submit, the xcode changes so they can't click their link again and change their answer.
What I'm trying to do is get the $xcode variable from the link and put it into the link that goes to the processing page.
Line 57 is the part that is giving me problems... I've tryed everything I could think of
Getting the id works perfectly fine, but not for the xcode.
Here is the full script...
Code: Select all
<?
include_once ( 'config.php' );
$id = $_GET['id'];
$xcode = $_GET['xcode'];
$query = "select codesql
from pgspro
where id = $id";
$result = mysql_query($query);
$xcodemysql=mysql_fetch_assoc($result);
if ( ( $xcode ) != ( $xcodemysql['codesql'] ) ) {
$errmsg = require ( 'error.php' );
die ( '<? $errmsg; ?> <font face=verdana size=3><p align=center><b>Error 112x</b></p></font>' );
} else {
if ( isset ( $_REQUEST['id'] ) && ! empty ( $_REQUEST['id'] ) )
{
if ( strtolower ( $_SERVER['REQUEST_METHOD'] ) == 'post' )
{
$query = array ();
if ( isset ( $_POST['firstname'] ) && ! empty ( $_POST['firstname'] ) )
{
$query[] = "firstname = '" . mysql_real_escape_string ( $_POST['firstname'] ) . "'";
}
if ( isset ( $_POST['lastname'] ) && ! empty ( $_POST['lastname'] ) )
{
$query[] = "lastname = '" . mysql_real_escape_string ( $_POST['lastname'] ) . "'";
}
if ( isset ( $_POST['email'] ) && ! empty ( $_POST['email'] ) )
{
$query[] = "email = '" . mysql_real_escape_string ( $_POST['email'] ) . "'";
}
if ( isset ( $_POST['yesno'] ) && ! empty ( $_POST['yesno'] ) )
{
$query[] = "yesno = '" . mysql_real_escape_string ( $_POST['yesno'] ) . "'";
}
if ( ! empty ( $query ) )
{
$result = "UPDATE pgspro SET " . implode ( ', ', $query ) . " WHERE id = '" . mysql_real_escape_string ( $_REQUEST['id'] ) . "'";
mysql_query ( $result ) or die ( 'UPDATE ERROR: ' . mysql_error () );
$id2 = (int)$_REQUEST['id'];
$xcode3 = $_GET['xcode'];
echo "<meta http-equiv=Refresh content=0;url='processing.php?id=$id2&xcode=$xcode3'>";
}
else
{
echo 'This error should not come up, if it does, then there are some serious problems!';
echo '<meta http-equiv=Refresh content=2;url=' . $SERVER['PHP_SELF'] . '?id=' . $_REQUEST['id'] .'>';
}
}
else
{
$result = "SELECT firstname, lastname, email, yesno FROM pgspro WHERE id = " . (int)$_REQUEST['id'];
$r = mysql_query ( $result ) or die ( 'SELECT ERROR: ' . mysql_error () );
if ( mysql_num_rows ( $r ) > 0 )
{
$form = mysql_fetch_assoc ( $r );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>SerasFinancial.com - PGS Pro</title>
<script language="JavaScript">
<!--
function confirmSubmit()
{
var agree=confirm("Please confirm your selection. Is this correct?");
if (agree)
return true ;
else
return false ;
}
</script>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
<meta http-equiv="Content-Language" content="en-us">
</head>
<body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div align="center">
<center>
<table id="Table_01" width="600" height="672" border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111">
<tr>
<td align="center" valign="top" height="470">
<font face="Verdana" size="2">
<img src="images/pgspro_top.jpg" width="600" height="224" alt=""></font><p class="MsoBodyText">
</p>
<p align="left"><font face="Verdana" size="2">Hello <b><?=htmlentities($form['firstname']);?>
<?=htmlentities($form['lastname']);?></b>. <br>
<br>
The PGS analysis has recommended that the following actions be taken:</font></p>
<p align="left"><font face="Verdana" size="2"><? include ( 'recommendation.txt' ); ?></font></p>
<p class="MsoBodyText"></p>
<p> </p>
<form method="post" action="<?=$_SERVER['PHP_SELF'];?>">
<font face="Verdana" size="2"><? $id = (int)$_REQUEST['id']; ?>
<input type="hidden" name="id" value="<?=$id?>">Please indicate
your decision by clicking on either “YES” or “NO” below. <br>
<br>
<p align="left">
<input type="radio" value="Accept" checked name="yesno"><font size="4"><b>YES,</b></font>
please make the recommended move.<br>
<br>
<input type="radio" value="Decline" name="yesno"><font size="4"><b>NO,</b></font>
please make sure I am in a cash position or cash equivient. </p>
<br>
<br>
<input type="submit" onclick="return confirmSubmit()" name="submit" value="Submit --->">
<br>
<br>
<br>
</form>
</font></td>
</tr>
<tr>
<td align="center" height="34" bgcolor="#000066">
<font face="Verdana" color="#FF9933" size="1">Recommendations are based
on the Protective Growth Strategy analysis, which is provided through
a contracted source. Clients are under no obligation to follow recommendations,
and must make their own determination as to which, if any, they will
approve of or apply to their respective investments. Although the Protective
Growth Strategy strives to protect capital while still seeking growth,
there are no guarantees for future results. The Protective Growth Strategy
analysis model attempts to manage risk but will not eliminate risk.
All information received from the Protective Growth Analysis is believed
to be reliable but its reliability cannot be guaranteed. You may lose
money with this investment style. Both the principle value and return
of investments will fluctuate over time, so an investor’s shares, when
redeemed, may be worth more or less than their original value.</font></td>
</tr>
</table>
</center></div>
</body>
</html>
<?
}
else
{
$errmsg = require ( 'error.php' );
die ( '<? $errmsg; ?> <font face=verdana size=3><p align=center><b>Error 113id</b></p></font>' );
}
}
}
else
{
$errmsg = require ( 'error.php' );
echo '<? $errmsg; ?> <font face=verdana size=3><p align=center><b>Error 114</b></p></font>';
}
}
?>