php - 制作条件语句以发送电子邮件警报

Question

我正在尝试在调用 fail.php 时做出条件语句来停止电子邮件警报。现在，我收到一封电子邮件提醒，告知结果好坏。

如果结果失败，我不想收到电子邮件。我应该制作两个脚本还是有办法让它一起工作？

谢谢

这是我所指的部分以及整个脚本。

if (mysql_affected_rows($result) > 0) {
mail($to, $subject, $msg, $headers);  
$reg =          $_REQUEST['reg'] ; 
$first_name =   $_REQUEST['first_name']; 
header("location: reg_add_success.php?reg=" . urlencode($reg) . "&first_name=" . urlencode($first_name)); 
} 
else { 
header("location: reg_add_fail.php"); 
exit(); // as sugested by John Conde
}

---

<?

$to = 'newreg@41q.org';
$subject = 'New Homeless Connection';
$msg = "<html>
<head>
<title>New Homeless Connection</title>
</head>

<body>
<table cellspacing=\"0\" cellpadding=\"10\" border=\"1\" align=\"left\">
<tr>
<td align=\"left\" width=\"150px\">Registery No.:</td>
<td align=\"left\"> $reg</td>
</tr>
<tr>
<td align=\"left\">First Name:</td>
<td align=\"left\">$first_name </td>
</tr>
<tr>
<td align=\"left\">Connection Date:</td>
<td align=\"left\"$>$connect_date</td>
</tr>
 <tr>
<td align=\"left\" colspan=\"2\">http://www.41q.org/admin/</td>
</tr>
</table>
<br>
<br>
</body>
</html>
";

// Make sure to escape quotes

$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: Homeless' . "\r\n";

mail($to, $subject, $msg, $headers);

date_default_timezone_set('America/Los_Angeles');
$submit_date = date("m/d/y g:i A") ; 

$order = "INSERT INTO reg_add (submit_date, 
connect_date, 
reg, 
first_name, 
)

VALUES

('$submit_date',
'$_POST[connect_date]', 
'{$_POST[reg]}nv', 
'$_POST[first_name]')";

$result = mysql_query($order);

if (mysql_affected_rows($result) > 0) {
mail($to, $subject, $msg, $headers);  
$reg =          $_REQUEST['reg'] ; 
$first_name =   $_REQUEST['first_name']; 
header("location: reg_add_success.php?reg=" . urlencode($reg) . "&first_name=" . urlencode($first_name)); 
} 
else { 
header("location: reg_add_fail.php"); 
exit(); // as sugested by John Conde
}
?>

Answer 1

Remove the first instance of mail($to, $subject, $msg, $headers);.

Then, for good measure, check the number of rows affected, rather than true/false (although both should work).

if (mysql_affected_rows($result) > 0) {

}

Answer 2

如果你检查你的代码

// Make sure to escape quotes

$headers  = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: Homeless' . "\r\n";

mail($to, $subject, $msg, $headers);

date_default_timezone_set('America/Los_Angeles');

此代码已经在发送邮件而不考虑结果。

您只需要从顶部代码中删除此行

mail($to, $subject, $msg, $headers);

你的代码会正常工作。

Answer 3

最终代码，请测试ite

<?

$to = 'newreg@41q.org';
$subject = 'New Homeless Connection';
$msg = "<html>
<head>
<title>New Homeless Connection</title>
</head>

<body>
<table cellspacing=\"0\" cellpadding=\"10\" border=\"1\" align=\"left\">
<tr>
<td align=\"left\" width=\"150px\">Registery No.:</td>
<td align=\"left\"> $reg</td>
</tr>
<tr>
<td align=\"left\">First Name:</td>
<td align=\"left\">$first_name </td>
</tr>
<tr>
<td align=\"left\">Connection Date:</td>
<td align=\"left\"$>$connect_date</td>
</tr>
 <tr>
<td align=\"left\" colspan=\"2\">http://www.41q.org/admin/</td>
</tr>
</table>
<br>
<br>
</body>
</html>
";

// Make sure to escape quotes

$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: Homeless' . "\r\n";

date_default_timezone_set('America/Los_Angeles');
$submit_date = date("m/d/y g:i A") ; 

$order = "INSERT INTO reg_add (submit_date, 
connect_date, 
reg, 
first_name, 
)

VALUES

('$submit_date',
'$_POST[connect_date]', 
'{$_POST[reg]}nv', 
'$_POST[first_name]')";

$result = mysql_query($order);

if (mysql_affected_rows($result) > 0) {
mail($to, $subject, $msg, $headers);  
$reg =          $_REQUEST['reg'] ; 
$first_name =   $_REQUEST['first_name']; 
header("location: reg_add_success.php?reg=" . urlencode($reg) . "&first_name=" . urlencode($first_name)); 
} 
else { 
header("location: reg_add_fail.php"); 
exit(); // as sugested by John Conde
}
?>

Answer 4

我目前看到一些 sql 注入以及最后的无效查询， first_name,posts,数组键中使用的常量，请求和 post 的混合，大型 html 代码块，并且没有检查传递的值的有效性。

如果您检查有效值，那么您可以确定脚本是否应该继续发送邮件并更新数据库部分：

这是您的代码清理，希望对您有所帮助：

<?php 

$to = 'newreg@41q.org';
$subject = 'New Homeless Connection';

if($_SERVER['REQUEST_METHOD']=='POST'){

    if(isset($_POST['first_name']) && strlen($_POST['first_name'])>1){
        $first_name=$_POST['first_name'];
    }

    if(isset($_POST['reg']) && strlen($_POST['reg'])>1){
        $reg=$_POST['reg'];
    }

    if(isset($_POST['connect_date']) && strlen($_POST['connect_date'])>1){
        $connect_date=$_POST['connect_date'];
    }

    if(!isset($first_name) || !isset($reg) || !isset($connect_date)){
        header("location: reg_add_fail.php");
        exit();
    }
}else{
//the page the post from
header("location: reg_form.php");
exit();
}

$msg=<<<EMAIL
<html>
<head>
<title>New Homeless Connection</title>
</head>

<body>
<table cellspacing="0" cellpadding="10" border="1" align="left">
<tr>
<td align="left" width="150px">Registery No.:</td>
<td align="left">$reg</td>
</tr>
<tr>
<td align="left">First Name:</td>
<td align="left">$first_name </td>
</tr>
<tr>
<td align="left">Connection Date:</td>
<td align="left">$connect_date</td>
</tr>
 <tr>
<td align="left" colspan="2">http://www.41q.org/admin/</td>
</tr>
</table>
<br>
<br>
</body>
</html>
EMAIL;

// Make sure to escape quotes
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: Homeless' . "\r\n";

mail($to, $subject, $msg, $headers);

date_default_timezone_set('America/Los_Angeles');
$submit_date = date("m/d/y g:i A") ;

$order = "INSERT INTO reg_add (submit_date,connect_date, reg, first_name)
          VALUES ('{$submit_date}',".mysql_real_escape_string($connect_date)."','".mysql_real_escape_string($reg)."nv','".mysql_real_escape_string($first_name)."')";

$result = mysql_query($order);

header("Location: ./reg_add_success.php?reg=".urlencode($reg)."&first_name=".urlencode($first_name));
die;
?>