necee8483 wrote:I am having a big problem and I don't have any idea what to do to fix it. Here it is :
On my main page for the website I have the button that says : insert agent. When the admin clicks on this button they are redirected to the insert agent page. However before they input any information they receive the confirmation email with all of the fields blank. How do I stop it from sending the email until all fields are filled out and the admin clicks the insert agent button? I have put the code for the insert agent page below
Try this:
Code: Select all
<?php
require_once('../Connections/spartanwisdom.php');
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "admin";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && false) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "adminonly.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "insertagent")) {
$insertSQL = sprintf("INSERT INTO AgentID (agentcode, `First Name`, `Last Name`, `Nick Name`, Upline, UplineRMD, Address1, Address2, City, `State`, Email, Phone, Phone2, Fax, Password) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['Agent_Code'], "text"),
GetSQLValueString($_POST['First_Name'], "text"),
GetSQLValueString($_POST['Last_Name'], "text"),
GetSQLValueString($_POST['Nick_Name'], "text"),
GetSQLValueString($_POST['Direct_Upline'], "text"),
GetSQLValueString($_POST['Upline_RMD'], "text"),
GetSQLValueString($_POST['Address1'], "text"),
GetSQLValueString($_POST['Address2'], "text"),
GetSQLValueString($_POST['City'], "text"),
GetSQLValueString($_POST['State'], "text"),
GetSQLValueString($_POST['Email'], "text"),
GetSQLValueString($_POST['Phone1'], "text"),
GetSQLValueString($_POST['Phone2'], "text"),
GetSQLValueString($_POST['Fax'], "text"),
GetSQLValueString($_POST['Last_Name'], "text"));
mysql_select_db($database_spartanwisdom, $spartanwisdom);
$Result1 = mysql_query($insertSQL, $spartanwisdom) or die(mysql_error());
$insertGoTo = "../agent.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
$adminemail = "deniseadkins83@gmail.com, joeadkinswlg@gmail.com,coreylesage@gmail.com,kathi@msn.com";
$newagentemail = $_POST['email'];
//below is the email we want the email to come from
$from = "From: info@spartanwisdom.com";
//below is the email information that will be going to the admin users
$adminsubject = "new agent added to database";
$adminmessage = "There has been a new agent inserted into the spartanwisdom database. All of the information for that agent is listed below:
";
$adminmessage .= "
Agent Code Number: " . $_POST['Agent_Code'];
$adminmessage .="
First Name: " . $_POST['First_Name '] . $_POST['Last_Name'];
$adminmessage .="
Nick Name: " . $_POST['Nick_Name'] ;
$adminmessage .="
Direct Upline: " . $_POST['Direct_Upline'];
$adminmessage .="
Upline RMD: " . $_POST['Upline_RMD'];
$adminmessage .="
Address Line 1: " . $_POST['Address1'];
$adminmessage .="
Address Line 2: " . $_POST['Address2'];
$adminmessage .="
City: " .$_POST['City'];
$adminmessage .="
State: " .$_POST['State'];
$adminmessage .="
Email: " .$_POST['Email'];
$adminmessage .="
Phone Number 2: " .$_POST['Phone1'];
$adminmessage .="
Phone Number 2: " .$_POST['Phone2'];
$adminmessage .="
Fax Number: " .$_POST['Fax'];
$adminmessage .="
Please make sure that you set up on the automatic email service for training. Also please make the welcome to Global Financial Advisors Call.";
//below is the code for the email that will go to the new agent
$newagentsubject = 'Welcome to Global Financial Advisors';
$agentmessage = " Congratulations on your decision to become part of Global Financial Advisors. Your information has been passed on to our support department and you should start receiving your training emails immediately. If you have any questions there are many ways of reaching us for support. We always want to make sure that in some way we are available to you. Please save this email for future refererence as to the many ways of getting a hold of someone for support.
First off we have email, in which is most likely going to be your fastest response time. If you send a email to the one address it is forwarded to at least 4 back office people you are sure to receive a answer very promptly as we all carry blackberrys in the office. The email address is : info@spartanwisdom.com.
Next we also have live online support. When you go to nearly any page on our webpage there is a little box that says live operator online. Most of the time we have a online operator at a computer to answer any questions that you might have. Simply click on the link, enter your information and you will be directly connected to a operator for live online assistance. (Sometimes the operator is offline and the little box will tell you it will say live operator offline. But if the live operator is offline you can always leave a message).
Next of course we have our main office phone number which is 407-610-1517. Corey works monday through friday 11am-5pm and is there to answer your calls live. In an emergency situation you call call Kathi on her cell phone at 407-310-7524.
Here are a few personal email addresses if you have any questions you want to ask a particular person:
Corey Lesage (Front Desk): CoreyLesage@gmail.com
Kathi Adkins : Kathi@msn.com
Denise Adkins: DeniseAdkins83@gmail.com
Joe Adkins: JoeAdkinswlg@gmail.com
Our Main Website is http://www.SpartanWisdom.com we have new features almost daily added to the website. Now that you have been added as a member you will find your login and password below:
";
$agentmessage .= "Your Spartan Wisdom User Name is: " . $_POST['Agent_Code'];
$agentmessage .="
Your Spartan Wisdom password is : " . $_POST['Last_Name'];
$agentmessage .= "
We have your phone number on file as:" . $_POST['Phone1'] . "if this is not correct please email us and let us know so that we can make sure to keep you up to date on any events or new training classes.";
$agentmessage .="
Congratlations again and we look forward to seeing you in class on Tuesday Nights.";
$agentmessage .="
Joe and Denise Adkins";
$agentmessage .="
Director of Operations";
$agentmessage .="
Global Financial Advisors";
mail($adminemail,$adminsubject,$adminmessage,$from);
mail($agentemail,$newagentsubject,$newagentmessage,$from);
header(sprintf("Location: %s", $insertGoTo));
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Insert Agent</title>
<style type="text/css">
<!--
.style1 {
font-size: 36px;
font-weight: bold;
}
.style2 {font-size: 36}
body {
background-image: url(../Images/Backgrounds/goldblackgradient.png);
}
body,td,th {
color: #FFFFFF;
}
a:link {
color: #FFFFFF;
}
a:visited {
color: #FFFFFF;
}
a:hover {
color: #FFFFFF;
}
a:active {
color: #FFFFFF;
}
.style3 {font-size: 16px}
-->
</style>
</head>
<body>
<form id="insertagent" name="insertagent" method="POST" action="<?php echo $editFormAction; ?>">
<p align="center" class="style1">Insert New Agent<br />
<span class="style3">Admin Please fill this form out completely. All information is necessary. </span><br />
</p>
<table width="646" height="327" border="1" align="center">
<tr>
<td width="200"><span class="style2">Agent Code:</span></td>
<td width="430"><label>
<input type="text" name="Agent_Code" id="Agent_Code" />
</label></td>
</tr>
<tr>
<td><span class="style2">First Name:</span></td>
<td><label>
<input type="text" name="First_Name" id="First_Name" />
</label></td>
</tr>
<tr>
<td><span class="style2">Last Name:</span></td>
<td><label>
<input type="text" name="Last_Name" id="Last_Name" />
</label></td>
</tr>
<tr>
<td><span class="style2">Nick Name:</span></td>
<td><label>
<input type="text" name="Nick_Name" id="Nick_Name" />
</label></td>
</tr>
<tr>
<td><span class="style2">Direct Upline:</span></td>
<td><label>
<input type="text" name="Direct_Upline" id="Direct_Upline" />
</label></td>
</tr>
<tr>
<td><span class="style2">Upline RMD:</span></td>
<td><label>
<input type="text" name="Upline_RMD" id="Upline_RMD" />
</label></td>
</tr>
<tr>
<td><span class="style2">Address 1:</span></td>
<td><label>
<input type="text" name="Address1" id="Address1" />
</label></td>
</tr>
<tr>
<td><span class="style2">Address 2:</span></td>
<td><label>
<input type="text" name="Address2" id="Address2" />
</label></td>
</tr>
<tr>
<td><span class="style2">City:</span></td>
<td><label>
<input type="text" name="City" id="City" />
</label></td>
</tr>
<tr>
<td><span class="style2">State:</span></td>
<td><label>
<input type="text" name="State" id="State" />
</label></td>
</tr>
<tr>
<td><span class="style2">Email:</span></td>
<td><label>
<input type="text" name="Email" id="Email" />
</label></td>
</tr>
<tr>
<td><span class="style2">Phone 1:</span></td>
<td><label>
<input type="text" name="Phone1" id="Phone1" />
</label></td>
</tr>
<tr>
<td><span class="style2">Phone 2:</span></td>
<td><label>
<input type="text" name="Phone2" id="Phone2" />
</label></td>
</tr>
<tr>
<td><span class="style2">Fax:</span></td>
<td><label>
<input type="text" name="Fax" id="Fax" />
</label></td>
</tr>
<tr>
<td> </td>
<td><label>
<input type="submit" name="insert_agent" id="insert_agent" value="Insert Agent" />
</label></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="insertagent" />
</form>
</body>
</html>
if you look, I moved your whole mail operations into the same block where you are checking the $_POST data. In all reality, you should be checking for $_POST['email'], $_POST['first_name'] and anything else that you ABSOLUTELY need for the email too. if the user doesn't enter it, use an else statement, echo out that the field is blank, and show the form.
The problem with where you originally put the mail functions is that there was nothing stopping the mail from happening, so even on a brand new fresh page reload, it would attempt to send an email out as nothing was telling it not to. Putting it inside the condition block tells it "Only when post data exists, send the email out".
Hope this makes sense/helps.
mmj wrote:
IMO, that is overkill.
Unless you are worried about E_NOTICE errors or it makes a difference to your app if the var is set and empty you can just use the former solution.
Well, trying to not show the notice errors was the point unless he just has all error reporting turned off. if that's the case, you are 100% correct.