alexwdesigns
11-08-2008, 08:54 PM
I'm trying to build a newsletter function that you can subscribe and unsubscribe to. I can subscribe fine, and receive an email that tells me how to unsubscribe. When you click that link, it's supposed to determine the email assigned to your ID and tell you that email on the page. When I click on the link and go to the unsubscribe page, the email doesn't show up, and I can' complete the unsubscribe. Any help is greatly appreciated!
<?php require_once('../Connections/connSubscribe.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
if ((isset($_POST['theid'])) && ($_POST['theid'] != "")) {
$deleteSQL = sprintf("DELETE FROM Address WHERE id=%s",
GetSQLValueString($_POST['theid'], "int"));
mysql_select_db($database_connSubscribe, $connSubscribe);
$Result1 = mysql_query($deleteSQL, $connSubscribe) or die(mysql_error());
$deleteGoTo = "unsubscribe_complete.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}
$colname_rsUnsub = "-1";
if (isset($_GET['id'])) {
$colname_rsUnsub = $_GET['id'];
}
mysql_select_db($database_connSubscribe, $connSubscribe);
$query_rsUnsub = sprintf("SELECT * FROM Address WHERE id = %s", GetSQLValueString($colname_rsUnsub, "int"));
$rsUnsub = mysql_query($query_rsUnsub, $connSubscribe) or die(mysql_error());
$row_rsUnsub = mysql_fetch_assoc($rsUnsub);
$totalRows_rsUnsub = mysql_num_rows($rsUnsub);
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Unsubscribe</title>
</head>
<body>
<div id="wrapper">
<h1>Sorry to lose you!</h1>
<form method="POST" enctype="multipart/form-data" name="form1" id="form1">
<table width="500" border="0">
<tr>
<td width="119" class="formLabel"><label for="label">Email Address: </label></td>
<td width="371"><?php echo $row_rsUnsub['email']; ?></td>
</tr>
<tr>
<td><input name="theID" type="hidden" id="theID" /><?php echo $_GET['id']; ?></td>
<td><input type="submit" name="btnUnsubscribe" id="btnUnsubscribe" value="Unsubscribe" /></td>
</tr>
</table>
</form>
</div>
</body>
</html>
<?php
mysql_free_result($rsUnsub);
?>
<?php require_once('../Connections/connSubscribe.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
if ((isset($_POST['theid'])) && ($_POST['theid'] != "")) {
$deleteSQL = sprintf("DELETE FROM Address WHERE id=%s",
GetSQLValueString($_POST['theid'], "int"));
mysql_select_db($database_connSubscribe, $connSubscribe);
$Result1 = mysql_query($deleteSQL, $connSubscribe) or die(mysql_error());
$deleteGoTo = "unsubscribe_complete.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}
$colname_rsUnsub = "-1";
if (isset($_GET['id'])) {
$colname_rsUnsub = $_GET['id'];
}
mysql_select_db($database_connSubscribe, $connSubscribe);
$query_rsUnsub = sprintf("SELECT * FROM Address WHERE id = %s", GetSQLValueString($colname_rsUnsub, "int"));
$rsUnsub = mysql_query($query_rsUnsub, $connSubscribe) or die(mysql_error());
$row_rsUnsub = mysql_fetch_assoc($rsUnsub);
$totalRows_rsUnsub = mysql_num_rows($rsUnsub);
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Unsubscribe</title>
</head>
<body>
<div id="wrapper">
<h1>Sorry to lose you!</h1>
<form method="POST" enctype="multipart/form-data" name="form1" id="form1">
<table width="500" border="0">
<tr>
<td width="119" class="formLabel"><label for="label">Email Address: </label></td>
<td width="371"><?php echo $row_rsUnsub['email']; ?></td>
</tr>
<tr>
<td><input name="theID" type="hidden" id="theID" /><?php echo $_GET['id']; ?></td>
<td><input type="submit" name="btnUnsubscribe" id="btnUnsubscribe" value="Unsubscribe" /></td>
</tr>
</table>
</form>
</div>
</body>
</html>
<?php
mysql_free_result($rsUnsub);
?>