i have a script, that sends email to me when someone submits a site.. the code to send email is: // send emails $admin_query = mysql_query("SELECT adminemail FROM tbl_admin"); $admin_email = mysql_fetch_assoc($admin_query); $adminemail = $admin_email['adminemail']; $sys_url = $config['url']; $reply_to = $config['replyto']; $sys_email = $config['sysemail']; $message_admin = $config['email_admin']; $sname = $_POST['linkname']; $surl = $_POST['linkurl']; sendemail_admin($adminemail, $sys_email, $sname, $surl, $sys_url, $reply_to, $message_admin); PHP: i included a file above that code content of file : <?php // Send email to Admin function sendemail_admin($adminemail, $from, $name, $url, $systemurl, $replyto, $msg) { $to = "$adminemail"; $subject = 'Proxy Submission Request'; $message = "$msg"; $headers = "From: $from\n"; $headers .= "Reply-to: $replyto\n"; $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; $mailSent = mail($to, $subject, $message, $headers); } ?> PHP: it is sending emails ok, but there is a problem with emails, as you can see that i have defined the message as $message = "$msg"; and $msg is defined in the funtion as the last array which refers to $message_admin = $config['email_admin']; $config['email_admin'] is a row of table config , in this row, i have You have a new Link Submission Request from $name for his Link $url\r\nPlease have a look at his submission at $systemurl/admin/login.php\r\n Code (markup): in this code, $name is defined in above function as $sname and $url is defined as $surl and $systemurl as $sys_url . now comes the hard part, when i use the message as : You have a new Link Submission Request from $name for his Link $url\r\nPlease have a look at his submission at $systemurl/admin/login.php\r\n Code (markup): without using mysql table, it emails me correct details i.e name of submitter, his link etc according to function, but when i use mysql database... it doesnt email me the details, but instead , it emails me the content of mysql row i.e You have a new Link Submission Request from $name for his Link $url Please have a look at his submission at $systemurl/admin/login.php Code (markup): you noticed that it didnt parse $name and $url etc?? if you can give me answer, then please do it quick. Help me solving my problem. i want to use mysql database + want to parse the variables too . Please help.. Thanks in advance
example $message = "".$msg.""; $string="Text and ".$sting2." a string"; PHP: or with the /, but i prefere the double "
In order to parse PHP code stored in a database, you have to pass it through eval() first. For example: $message=eval($msg); PHP: Putting that in your function would fix your problem, however use of eval() is discouraged since it takes longer to eval() script than to run it directly. I don't think this will hurt you much considering what you are using it for as long as you properly filter the input before running it through eval(). Code injection is always a possibility when passing user input through eval(), so pass $name and $url through a regex if you don't already (which you should anyway).
msn that eval is too slow, it sent me email alright , but after 5 minute of submission, while without eval , it sends instantly..
Five minutes is way longer than it should take to evaluate a small string like that. Looking at the code in detail, it seems like you could save yourself a headache by just simplifying everything. You could forego the function altogether and cut out some redundancy: $admin_query = mysql_query("SELECT adminemail FROM tbl_admin"); $admin_email = mysql_fetch_assoc($admin_query); $systemurl = $config['url']; $name = $_POST['linkname']; $url = $_POST['linkurl']; $to = $admin_email['adminemail']; $subject = 'Proxy Submission Request'; $message = eval($config['email_admin']); $headers = "From: {$config['sysemail']}\n"; $headers .= "Reply-to: {$config['replyto']}\n"; $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; mail($to, $subject, $message, $headers); PHP: or you could wrap everything in the function if you only need that information within a limited scope: //The function function sendemail_admin($name,$url,$config) { $admin_query = mysql_query("SELECT adminemail FROM tbl_admin"); $admin_email = mysql_fetch_assoc($admin_query); $systemurl = $config['url']; $to = $admin_email['adminemail']; $subject = 'Proxy Submission Request'; $message = eval($config['email_admin']); $headers = "From: {$config['sysemail']}\n"; $headers .= "Reply-to: {$config['replyto']}\n"; $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; mail($to, $subject, $message, $headers); } PHP: //The code $name = $_POST['linkname']; $url = $_POST['linkurl']; sendemail_admin($name,$url,$config); PHP: I'm assuming that the $config array is taken from the db automatically and used on the whole page, otherwise you could put that in the function as well and limit the parameters to $name and $url. It would probably be easier and cleaner to just make a class out of it, but one step at a time. This is just an example based off of existing code. You will absolutely want to sanitize the name and url before sending it in an email, otherwise you take a huge security risk. For example, if you want to limit the name to numbers, letters, space, and underscores with a max length of 20 characters: //The function function check_name($str) { $length=strlen($str); if(preg_match("/[^A-Za-z0-9 _]/",$str)||$length>20){return false;} else{return true;} } PHP: //Usage $name = $_POST['linkname']; $url = $_POST['linkurl']; if(!check_name($name)){ die("Your link name must be under 20 characters and may only contain letters, numbers, spaces, and underscores"); } sendemail_admin($name,$url,$config); PHP: Obviously you would want to add a check for the url as well and you probably would just want to echo a warning instead of exiting the script, but it should give you an idea of usage.
cannot use this one, i want function. $admin_query = mysql_query("SELECT adminemail FROM tbl_admin"); $admin_email = mysql_fetch_assoc($admin_query); $systemurl = $config['url']; $name = $_POST['linkname']; $url = $_POST['linkurl']; $to = $admin_email['adminemail']; $subject = 'Proxy Submission Request'; $message = eval($config['email_admin']); $headers = "From: {$config['sysemail']}\n"; $headers .= "Reply-to: {$config['replyto']}\n"; $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; mail($to, $subject, $message, $headers); PHP: cannot use this one, these variables are also being used on other email functions , like sendemail_user(); but we are not discussing that one, point is, I cannot use this code: //The function function sendemail_admin($name,$url,$config) { $admin_query = mysql_query("SELECT adminemail FROM tbl_admin"); $admin_email = mysql_fetch_assoc($admin_query); $systemurl = $config['url']; $to = $admin_email['adminemail']; $subject = 'Proxy Submission Request'; $message = eval($config['email_admin']); $headers = "From: {$config['sysemail']}\n"; $headers .= "Reply-to: {$config['replyto']}\n"; $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; mail($to, $subject, $message, $headers); } PHP: useless code, i already have username,linktitle checking function.. //The function function check_name($str) { $length=strlen($str); if(preg_match("/[^A-Za-z0-9 _]/",$str)||$length>20){return false;} else{return true;} } PHP: so, any other help ??
Passing the same half dozen parameters to different functions on a page isn't the best way to get things done. Make a class, pass the parameters to it when it's instantiated or using a method designed for that purpose (or do it manually, if you're a masochist: $obj->variable=$var), then use methods to accomplish the same thing you were doing before, minus all parameters. It makes for cleaner code and is easier to modify. class exampleClass { public $name; public $url; ... public $whatever; function __construct($param1,$param2,...,[$paramN]) { $this->whatever=$param1; ... } function sendAdminEmail() { //Send admin email as before but using the values you've already stored in the class variables } function sendUserEmail() { //Send user email as before but using the values you've already stored in the class variables } function whatever() { //Do whatever else you want with the class variables //Global variables such as $_POST are also within this scope (of course) and accessible } } PHP: Hey, you asked.
Looks to me that you retrieve the message text somewhere from a configuration variable where $name is a part of the string. if that's the case, you could add a str_replace() to replace $name with the name etc. example: str_replace("$name",$name,"$msg"); not sure if the $name in the message will give problems with the same $name parameter in your function. check www.php.net for this function for more details