1. 首頁
  2. 問答
  3. 電子郵件不會根據變量名發送

電子郵件不會根據變量名發送

2012-04-19 66 views
0

只有輸入實際地址而不是使用$ usr_email時,我的電子郵件纔會發送,儘管它表示「發送了消息」。電子郵件地址來自users表中的user_email字段。 這是用 定義的$ id = intval($ _ SESSION ['user_id']);電子郵件不會根據變量名發送

if (isset($_POST['doSend'])) { 


function getTwo($query){ 
    $res = mysql_query($query); 
    if (!$res) { 
     trigger_error("db: ".mysql_error()." in ".$query); 
     return FALSE; 
    } 
    if ($row = mysql_fetch_row($res)) { 
     return $row[0]; 
    } 
} 

$getuserinfo_q = "SELECT user_email AND user_name FROM users WHERE 
id='$_SESSION[user_id]'"; 

$getuserinfo_e=mysql_query($getuserinfo_q); 

if(mysql_num_rows($getuserinfo_e) < 1){ 

    echo "User details not found - User_id is not in DB"; 

    exit(); 

} 

$user_info_val=mysql_fetch_assoc($getuserinfo_e); 

if(empty($user_info_val['user_email'])){ 

    echo "there is no such column name as 'user_email'"; //tell the user about column 

    exit(); //shut off the script 

} 


$usr_email=$user_info_val['user_email']; 
    $user_name=$user_info_val['user_name']; 



$sqltest = "SELECT completed_status From users where id = 
'$_SESSION[user_id]'"; 
$isSending = getTwo($sqltest); 
$isSending === false; 
if($isSending >= 6){ 
    require_once "Mail.php"; 
    require_once "Mail.php"; 



    $from = "<xxx>"; 
    $to = "$usr_email"; 
    $subject = "hi"; 
$body ="Chi "; 

$host = "ssl://smtp.gmail.com"; 
$port = "465"; 
    $username = "xxx"; 
    $password = "xxxx"; 

$headers = array ('From' => $from, 
'To' => $to, 
'Subject' => $subject); 
$smtp = Mail::factory('smtp', 
array ('host' => $host, 
    'port' => $port, 
    'auth' => true, 
    'username' => $username, 
    'password' => $password)); 

$mail = $smtp->send($to, $headers, $body); 

    if (PEAR::isError($mail)) { 
     echo("<p>" . $mail->getMessage() . "</p>"); 
    } else { 
     echo("<p>Message successfully sent!</p>"); 
    } 
} 
else 
    header ("Location: error.php"); 



}

來源

2012-04-19 user1296762

+2

你知道這是你可以用mysql做的最溫暖的事情嗎?從user_email ='$ usr_email'或user_name ='$ user_name'的用戶中選擇count(*)作爲總數。小提示:sql注入 – eav 2012-04-19 09:38:37

+0

你試過回顯'$ data ['usr_email'];'? – 2012-04-19 09:38:45

+0

而且你也容易受到SQL注入的影響。 – 2012-04-19 09:39:38

回答

1

BIG編輯:

好吧,讓希望這個作品-_-

$getuserinfo_q = "SELECT user_email AND user_name FROM users WHERE id =' 
".intval($_SESSION['user_id'])."'"; 

$getuserinfo_e=mysql_query($getuserinfo_q); 

if(mysql_numb_rows($getuserinfo_e) < 1){ 

echo "User details not found - User_id is not in DB"; 

exit(); 

} 

$user_info_val=mysql_fetch_assoc($getuserinfo_e); 

if(empty($user_info_val['user_email'])){ 

echo "there is no such column name as 'user_email'"; //tell the user about column 

exit(); //shut off the script 

} 


$usr_email=$user_info_val['user_email']; 


$sqltest = "SELECT completed_status FROM users WHERE id =' 
".intval($_SESSION['user_id'])."'"; 
$isSending = getTwo($sqltest); 
$isSending === false; 
if($isSending >= 6){ 
    require_once "Mail.php"; 

// Start NEW CLASS (for your weird Mail function) 

$m_class=new Mail; 


    $from = "<xxx>"; 
    $to = "$usr_email"; 
    $subject = "hi"; 
$body ="Chi "; 

$host = "ssl://smtp.gmail.com"; 
$port = "465"; 
    $username = "xxx"; 
    $password = "xxxx"; 

$headers = array ('From' => $from, 
'To' => $to, 
'Subject' => $subject); 


$smtp = $m_class->factory('smtp', 
array ('host' => $host, 
    'port' => $port, 
    'auth' => true, 
    'username' => $username, 
    'password' => $password)); 

$mail = $m_class->send($to, $headers, $body); 

} 
else 
    header ("Location: error.php");

正如你可能已經注意到,我刪除了錯誤檢查(在PEER::isError()東西),只是因爲我我不知道該如何調用這個函數(不是靜態的)。但是,除此之外,上面的代碼應該做的伎倆(希望)。

給它一個去,讓我知道它是如何工作的。

來源

2012-04-19 10:07:12

+0

我擁有的唯一代碼就是我發佈的代碼。那裏沒有其他的'$ _POST'數據,所以我可以刪除它? – user1296762 2012-04-19 10:15:58

+0

沒錯,那是你的問題。你如何期待'$ _POST'沒有把它放在那裏有與「usr_email」有關的任何數據? – 2012-04-19 10:19:46

+0

是的我知道,但只是使用'$ usr_email ='usr_email';'永遠不會收到電子郵件 – user1296762 2012-04-19 10:22:39

相關問題

 相關問題