need help with reg form

Discussion in 'PHP' started by dougvcd, Sep 23, 2007.

0
  1. #1
    ok i have this reg form which sends the form details to a database
    what i would like it to do also is send me an email telling me that an entry has been made and by who
    is this poss
    here is the form i use

    //This gets all the other information from the form
$region=$_POST['region']; 
$name=$_POST['name'];
$username=$_POST['username'];
$password=$_POST['password'];
$email=$_POST['email'];
$contact=$_POST['contact'];
$parkname=$_POST['parkname'];
$county=$_POST['county'];
$parklocation=$_POST['parklocation'];
$make=$_POST['make'];
$caravandetails=$_POST['caravandetails'];
$smoke=$_POST['smoke'];
$pets=$_POST['pets'];
$kids=$_POST['kids'];
$sex=$_POST['sex'];
$pname=$_POST['pname'];

// Connects to your Database 
mysql_connect("1", "c", "3") or die(mysql_error()); 
mysql_select_db("users") or die(mysql_error()); 

//Writes the information to the database 
mysql_query("INSERT INTO `members` VALUES ('$region', '$name', '$username', '$password', '$email', '$contact' , '$parkname', '$county', '$parklocation', '$make', '$caravandetails', '$smoke', '$pets', '$kids', '$sex', '$pname')");
 
		
?> 
<?php
echo "your information has been added to the directory You will be redirected in three seconds!><br /><br /> 

					<div class='info'>If you don't wish to wait, <a href='index.php'>click here</a>";
					echo'<meta http-equiv="REFRESH" content="2;url=index.php">';
?>
    PHP:
    cheers
    Doug
     
    dougvcd, Sep 23, 2007 IP
  2. luiscardozo

    luiscardozo Peon

    Messages:
    17
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #2
    What if you send a mail to you with PHP's mail() function?

    
        ....
        //Writes the information to the database 
        mysql_query("INSERT INTO `members` VALUES ('$region', '$name', '$username', '$password', '$email', '$contact' , '$parkname', '$county', '$parklocation', '$make', '$caravandetails', '$smoke', '$pets', '$kids', '$sex', '$pname')");
	
        //compose the mail message
	    $msg= "New Record\n Region: $region, Name: $name, Username: $username, Pass: $password, email: $email, Contact: $contact, Parkname: $parkname (and so on...)";
	
       //send the mail
       mail('you@yourdomain.com','New Record',$msg)
    PHP:
     
    luiscardozo, Sep 23, 2007 IP
  3. dougvcd

    dougvcd Peon

    Messages:
    267
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #3
    a big thank you thats just what i needed
    cheers
    Doug
     
    dougvcd, Sep 24, 2007 IP
  4. matthewrobertbell

    matthewrobertbell Peon

    Messages:
    781
    Likes Received:
    35
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Your form is vulnerable to mysql injection attacks, and doesn't validate data on the server side, which is a bad idea.
    Also, you can use $_POST values in a database without putting them in normal variables first.
     
    matthewrobertbell, Sep 24, 2007 IP