I have an online application That is working but I am getting some double database entries. Not every submission creates a double entry but many are. If anyone sees the reason in my code and can tell me It would be appreciated:
<?php
@$upload_Name = $_FILES['Resume']['name'];
@$upload_Size = $_FILES['Resume']['size'];
@$upload_Temp = $_FILES['Resume']['tmp_name'];
@$upload_Mime_Type = $_FILES['Resume']['type'];
function RecursiveMkdir($path)
{
if (!file_exists($path))
{
RecursiveMkdir(dirname($path));
mkdir($path, 0777);
}
}
// Validation
// check only if file
if( $upload_Size > 0)
{
if( $upload_Size == 0)
{
header("Location: error.html");
}
if( $upload_Size >200000)
{
//delete file
unlink($upload_Temp);
header("Location: error.html");
}
if( $upload_Mime_Type != "application/msword" AND $upload_Mime_Type != "application/pdf" AND $upload_Mime_Type != "application/vnd.openxmlformats- officedocument.wordprocessingml.document")
{
unlink($upload_Temp);
header("Location: error.html");
}
}//end wrapper of no file
// Where the file is going to be placed
$target_path = “../../XXXX/uploads/";
/* Add the original filename to our target path.
Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['Resume']['name']);
if(move_uploaded_file($_FILES['Resume']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['Resume']['name']).
" has been uploaded";
} else{
echo "";
}
?><?php
if(isset($_POST['email'])) {
require_once 'Mail.php'; // PEAR Mail package
require_once 'Mail/mime.php';
$email_to = “name@yoursite.com”; //Enter the email you want to send the form to
$email_subject = "Employment Application"; // You can put whatever subject here
$host = "mail.yourdomain.com"; // The name of your mail server. (Commonly mail.yourdomain.com if your mail is hosted with xxx)
$username = "yoursite.com"; // A valid email address you have setup
$from_address = "name@yoursite.com"; // If your mail is hosted with Site this has to match the email address above
$password = “XXX”; // Password for the above email address
$reply_to = “XXX@yoursite.com"; //Enter the email you want customers to reply to
$port = "50"; // This is the default port. Try port 50 if this port gives you issues and your mail is hosted with Site
function died($error) {
// your error code can go here
echo "We are very sorry, but there were error(s) found with the form you submitted. ";
echo "These errors appear below.<br /><br />";
echo $error."<br /><br />";
echo "Please go back and fix these errors.<br /><br />";
die();
}
// Validate expected data exists
if(!isset($_POST['Position_Applying']) || !isset($_POST['Position_type']) || !isset($_POST['First_name']) || !isset($_POST['Last_name']) || !isset($_POST['Street']) || !isset($_POST['City']) || !isset($_POST['email'])) {
died('We are sorry, but there appears to be a problem with the form you submitted.');
}
$hdw_id = $_POST['hdw_id'];
$hdw_Country = $_POST['hdw_Country'];
$hdw_IP = $_POST['hdw_IP'];
$hdw_Referer = $_POST['hdw_Referer'];
$hdw_ServerTime = $_POST['hdw_ServerTime'];
$hdw_Browser = $_POST['hdw_Browser'];
$hdw_UserAgent = $_POST['hdw_UserAgent'];
$Position_Applying = $_POST['Position_Applying'];
$Position_one = $_POST['Position_one'];
$Position_two = $_POST['Position_two'];
$Position_three = $_POST['Position_three'];
$Position_type = $_POST['Position_type'];
$Shift_type = $_POST['Shift_type'];
$First_name =$_POST['First_name'];
$Middle_name = $_POST['Middle_name'];
$Last_name = $_POST['Last_name'];
$Street = $_POST['Street'];
$City = $_POST['City'];
$State = $_POST['State'];
$Zip = $_POST['Zip'];
$One_Phone = $_POST['One_Phone'];
$crlf = "n";
// required
$error_message = "";
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
if(!preg_match($email_exp,$email)) {
$error_message .= 'The Email Address you entered does not appear to be valid. <br />';
}
$string_exp = "/^[A-Za-z .'-]+$/";
if(!preg_match($string_exp,$First_name)) {
$error_message .= 'The Name you entered does not appear to be valid.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Employment Application Details Below.
";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Position Applying: ".clean_string($Position_Applying)."
";
$email_message .= "Position Type: ".clean_string($Position_type)."
";
$email_message .= "
";
$email_message .= "First name: ".clean_string($First_name)."
";
$email_message .= "Last Name: ".clean_string($Last_name)."
";
$email_message .= "
";
$email_message .= "Street: ".clean_string($Street)."
";
$email_message .= "City: ".clean_string($City)."
";
$email_message .= "State: ".clean_string($State)."
";
$email_message .= "email: ".clean_string($email)."
";
$email_message .= "Phone: ".clean_string($One_Phone)."
";
$email_message .= "
";
$email_message .= "Referred By: ".clean_string($Referred_by )."
";
$email_message .= "Older than 18: ".clean_string($eighteen )."
";
$email_message .= "US Citizen: ".clean_string($US_citizen)."
";
$email_message .= "Crime Conviction: ".clean_string($Crime_convict)."
";
$email_message .= "NYS Professional License: ".clean_string($NYS_professional_lic)."
";
$email_message .= "Other License: ".clean_string($Other_professional_lic)."
";
$email_message .= "
";
$mime = new Mail_mime($crlf);
$mime->setTXTBody($text);
$mime->setHTMLBody($html);
$mime->addAttachment($Resume,'application/pdf');
// This section creates the email headers
$auth = array('host' => $host, 'auth' => true, 'username' => $username, 'password' => $password);
$headers = array('From' => $from_address, 'To' => $email_to, 'Subject' => $email_subject, 'Reply-To' => $reply_to);
// This section send the email
$smtp = Mail::factory('smtp', $auth);
$mail = $smtp->send($email_to, $headers, $email_message);
// This section creates the email headers
$auth = array('host' => $host, 'auth' => true, 'username' => $username, 'password' => $password);
$headers = array('From' => $from_address, 'To' => $email, 'Subject' => $email_subject, 'Reply-To' => $reply_to);
// This section send the email
$smtp = Mail::factory('smtp', $auth);
$mail = $smtp->send($email, $headers, $email_message);
if (PEAR::isError($mail)) {?>
<!-- include your own failure message html here -->
Unfortunately, the message could not be sent at this time. Please try again later.
<!-- Uncomment the line below to see errors with sending the message -->
<!-- <?php echo("<p>". $mail->getMessage()."</p>"); ?> -->
<?php } else { ?>
<!-- include your own success message html here -->
<?php } } ?>
<style type="text/css">
<!--
.style2 {font-size: 14px}
.style3 { font-size: 14px;
font-family: Verdana;
}
-->
</style>
<link href=“XXXDatabaseB/js.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
body {
background-image: url(XXXDatabaseB/images/green100px.jpg);
background-color: #FFF09F;
}
.style4 {color: #A20246}
a {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 12px;
color: #FFFFFF;
font-weight: bold;
padding: 10px;
}
a:link {
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #FFFFFF;
}
a:hover {
text-decoration: underline;
color: #FFF09F;
}
a:active {
text-decoration: none;
color: #FFFFFF;
}
.style5 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: small;
color: #FFFFFF;
}
.style6 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 10px;
color: #FFFFFF;
}
-->
</style>
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<!-- ImageReady Slices (xxx_square_slice.psd) -->
<table width="830" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="Table_01">
<tr valign="top">
<td height="258" colspan="2"><?php include 'header.php'; ?></td>
</tr>
<tr>
<td width="100%" valign="top">
<?php
$host = “xxxxx.net";
$username = “xxxxx”;
$password = “xxxxx”;
$dbname = “xxxxxx”;
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$dbname")or die("cannot select DB");
$hdw_id = $_POST['hdw_id'];
$hdw_Country = $_POST['hdw_Country'];
$hdw_IP = $_POST['hdw_IP'];
$hdw_Referer = $_POST['hdw_Referer'];
$hdw_Browser = $_POST['hdw_Browser'];
$hdw_UserAgent = $_POST['hdw_UserAgent'];
$Position_Applying = $_POST['Position_Applying'];
$Position_one = $_POST['Position_one'];
$Position_two = $_POST['Position_two'];
$Position_three = $_POST['Position_three'];
$Position_type = $_POST['Position_type'];
$Shift_type = $_POST['Shift_type'];
$First_name =$_POST['First_name'];
$sql = "INSERT INTO `new_app`(`hdw_id`, `hdw_Country`, `hdw_IP`, `hdw_Referer`, `hdw_ServerTime`, `hdw_Browser`, `hdw_UserAgent`, `Position_Applying`, `Position_one`, `Position_two`, `Position_three`, `Position_type`, `Shift_type`, `First_name`)
VALUES ('$hdw_id', '$hdw_Country', '$hdw_IP', '$hdw_Referer', CURRENT_TIMESTAMP, '$hdw_Browser', '$hdw_UserAgent', '$Position_Applying', '$Position_one', '$Position_two', '$Position_three', '$Position_type', '$Shift_type', '$First_name')";
$result=mysql_query($sql);
if($result){
echo "";
}
else {
echo "ERROR";
}
mysql_close();
?>
<table width="100%" height="508" border="0" align="left" cellpadding="20" cellspacing="5">
<tbody>
<tr>
<td colspan="2" valign="middle">
<h2>Thank you for your Application!</h2>
</p>
</td></tr></tbody></table></td>
</tr>
<tr>
<td colspan="2" valign="top"><?php include 'footer.php'; ?></td>
</tr>
</table>
<!-- End ImageReady Slices -->
</body>
</html>
The code looks ok to me the insert is not executed twice and is no where near a loop of any kind. So it makes me wonder that maybe its user error. I would look at how the file upload section seems to allow the rest of the code to run even if it fails. If it fails the user will change something with the file and resubmit. This happens because you need to exit; after your headers.
I also like to end my insert statements with a LIMIT 1 just because it is limited to one - but I doubt that the problem.
I have made the changes I suggested in the code below:
<?php
@$upload_Name = $_FILES['Resume']['name'];
@$upload_Size = $_FILES['Resume']['size'];
@$upload_Temp = $_FILES['Resume']['tmp_name'];
@$upload_Mime_Type = $_FILES['Resume']['type'];
function RecursiveMkdir($path)
{
if (!file_exists($path))
{
RecursiveMkdir(dirname($path));
mkdir($path, 0777);
}
}
// Validation
// check only if file
if( $upload_Size > 0)
{
if( $upload_Size == 0)
{
header("Location: error.html");
exit;
}
if( $upload_Size >200000)
{
//delete file
unlink($upload_Temp);
header("Location: error.html");
exit;
}
if( $upload_Mime_Type != "application/msword" AND $upload_Mime_Type != "application/pdf" AND $upload_Mime_Type != "application/vnd.openxmlformats- officedocument.wordprocessingml.document")
{
unlink($upload_Temp);
header("Location: error.html");
exit;
}
}//end wrapper of no file
// Where the file is going to be placed
$target_path = “../../XXXX/uploads/";
/* Add the original filename to our target path.
Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['Resume']['name']);
if(move_uploaded_file($_FILES['Resume']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['Resume']['name']).
" has been uploaded";
} else{
echo "";
}
?><?php
if(isset($_POST['email'])) {
require_once 'Mail.php'; // PEAR Mail package
require_once 'Mail/mime.php';
$email_to = “name@yoursite.com”; //Enter the email you want to send the form to
$email_subject = "Employment Application"; // You can put whatever subject here
$host = "mail.yourdomain.com"; // The name of your mail server. (Commonly mail.yourdomain.com if your mail is hosted with xxx)
$username = "yoursite.com"; // A valid email address you have setup
$from_address = "name@yoursite.com"; // If your mail is hosted with Site this has to match the email address above
$password = “XXX”; // Password for the above email address
$reply_to = “XXX@yoursite.com"; //Enter the email you want customers to reply to
$port = "50"; // This is the default port. Try port 50 if this port gives you issues and your mail is hosted with Site
function died($error) {
// your error code can go here
echo "We are very sorry, but there were error(s) found with the form you submitted. ";
echo "These errors appear below.<br /><br />";
echo $error."<br /><br />";
echo "Please go back and fix these errors.<br /><br />";
die();
}
// Validate expected data exists
if(!isset($_POST['Position_Applying']) || !isset($_POST['Position_type']) || !isset($_POST['First_name']) || !isset($_POST['Last_name']) || !isset($_POST['Street']) || !isset($_POST['City']) || !isset($_POST['email'])) {
died('We are sorry, but there appears to be a problem with the form you submitted.');
}
$hdw_id = $_POST['hdw_id'];
$hdw_Country = $_POST['hdw_Country'];
$hdw_IP = $_POST['hdw_IP'];
$hdw_Referer = $_POST['hdw_Referer'];
$hdw_ServerTime = $_POST['hdw_ServerTime'];
$hdw_Browser = $_POST['hdw_Browser'];
$hdw_UserAgent = $_POST['hdw_UserAgent'];
$Position_Applying = $_POST['Position_Applying'];
$Position_one = $_POST['Position_one'];
$Position_two = $_POST['Position_two'];
$Position_three = $_POST['Position_three'];
$Position_type = $_POST['Position_type'];
$Shift_type = $_POST['Shift_type'];
$First_name =$_POST['First_name'];
$Middle_name = $_POST['Middle_name'];
$Last_name = $_POST['Last_name'];
$Street = $_POST['Street'];
$City = $_POST['City'];
$State = $_POST['State'];
$Zip = $_POST['Zip'];
$One_Phone = $_POST['One_Phone'];
$crlf = "n";
// required
$error_message = "";
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
if(!preg_match($email_exp,$email)) {
$error_message .= 'The Email Address you entered does not appear to be valid. <br />';
}
$string_exp = "/^[A-Za-z .'-]+$/";
if(!preg_match($string_exp,$First_name)) {
$error_message .= 'The Name you entered does not appear to be valid.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Employment Application Details Below.
";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Position Applying: ".clean_string($Position_Applying)."
";
$email_message .= "Position Type: ".clean_string($Position_type)."
";
$email_message .= "
";
$email_message .= "First name: ".clean_string($First_name)."
";
$email_message .= "Last Name: ".clean_string($Last_name)."
";
$email_message .= "
";
$email_message .= "Street: ".clean_string($Street)."
";
$email_message .= "City: ".clean_string($City)."
";
$email_message .= "State: ".clean_string($State)."
";
$email_message .= "email: ".clean_string($email)."
";
$email_message .= "Phone: ".clean_string($One_Phone)."
";
$email_message .= "
";
$email_message .= "Referred By: ".clean_string($Referred_by )."
";
$email_message .= "Older than 18: ".clean_string($eighteen )."
";
$email_message .= "US Citizen: ".clean_string($US_citizen)."
";
$email_message .= "Crime Conviction: ".clean_string($Crime_convict)."
";
$email_message .= "NYS Professional License: ".clean_string($NYS_professional_lic)."
";
$email_message .= "Other License: ".clean_string($Other_professional_lic)."
";
$email_message .= "
";
$mime = new Mail_mime($crlf);
$mime->setTXTBody($text);
$mime->setHTMLBody($html);
$mime->addAttachment($Resume,'application/pdf');
// This section creates the email headers
$auth = array('host' => $host, 'auth' => true, 'username' => $username, 'password' => $password);
$headers = array('From' => $from_address, 'To' => $email_to, 'Subject' => $email_subject, 'Reply-To' => $reply_to);
// This section send the email
$smtp = Mail::factory('smtp', $auth);
$mail = $smtp->send($email_to, $headers, $email_message);
// This section creates the email headers
$auth = array('host' => $host, 'auth' => true, 'username' => $username, 'password' => $password);
$headers = array('From' => $from_address, 'To' => $email, 'Subject' => $email_subject, 'Reply-To' => $reply_to);
// This section send the email
$smtp = Mail::factory('smtp', $auth);
$mail = $smtp->send($email, $headers, $email_message);
if (PEAR::isError($mail)) {?>
<!-- include your own failure message html here -->
Unfortunately, the message could not be sent at this time. Please try again later.
<!-- Uncomment the line below to see errors with sending the message -->
<!-- <?php echo("<p>". $mail->getMessage()."</p>"); ?> -->
<?php } else { ?>
<!-- include your own success message html here -->
<?php } } ?>
<style type="text/css">
<!--
.style2 {font-size: 14px}
.style3 { font-size: 14px;
font-family: Verdana;
}
-->
</style>
<link href=“XXXDatabaseB/js.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
body {
background-image: url(XXXDatabaseB/images/green100px.jpg);
background-color: #FFF09F;
}
.style4 {color: #A20246}
a {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 12px;
color: #FFFFFF;
font-weight: bold;
padding: 10px;
}
a:link {
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #FFFFFF;
}
a:hover {
text-decoration: underline;
color: #FFF09F;
}
a:active {
text-decoration: none;
color: #FFFFFF;
}
.style5 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: small;
color: #FFFFFF;
}
.style6 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 10px;
color: #FFFFFF;
}
-->
</style>
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<!-- ImageReady Slices (xxx_square_slice.psd) -->
<table width="830" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="Table_01">
<tr valign="top">
<td height="258" colspan="2"><?php include 'header.php'; ?></td>
</tr>
<tr>
<td width="100%" valign="top">
<?php
$host = “xxxxx.net";
$username = “xxxxx”;
$password = “xxxxx”;
$dbname = “xxxxxx”;
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$dbname")or die("cannot select DB");
$hdw_id = $_POST['hdw_id'];
$hdw_Country = $_POST['hdw_Country'];
$hdw_IP = $_POST['hdw_IP'];
$hdw_Referer = $_POST['hdw_Referer'];
$hdw_Browser = $_POST['hdw_Browser'];
$hdw_UserAgent = $_POST['hdw_UserAgent'];
$Position_Applying = $_POST['Position_Applying'];
$Position_one = $_POST['Position_one'];
$Position_two = $_POST['Position_two'];
$Position_three = $_POST['Position_three'];
$Position_type = $_POST['Position_type'];
$Shift_type = $_POST['Shift_type'];
$First_name =$_POST['First_name'];
$sql = "INSERT INTO `new_app`(`hdw_id`, `hdw_Country`, `hdw_IP`, `hdw_Referer`, `hdw_ServerTime`, `hdw_Browser`, `hdw_UserAgent`, `Position_Applying`, `Position_one`, `Position_two`, `Position_three`, `Position_type`, `Shift_type`, `First_name`)
VALUES ('$hdw_id', '$hdw_Country', '$hdw_IP', '$hdw_Referer', CURRENT_TIMESTAMP, '$hdw_Browser', '$hdw_UserAgent', '$Position_Applying', '$Position_one', '$Position_two', '$Position_three', '$Position_type', '$Shift_type', '$First_name') LIMIT 1";
$result=mysql_query($sql);
if($result){
echo "";
}
else {
echo "ERROR";
}
mysql_close();
?>
<table width="100%" height="508" border="0" align="left" cellpadding="20" cellspacing="5">
<tbody>
<tr>
<td colspan="2" valign="middle">
<h2>Thank you for your Application!</h2>
</p>
</td></tr></tbody></table></td>
</tr>
<tr>
<td colspan="2" valign="top"><?php include 'footer.php'; ?></td>
</tr>
</table>
<!-- End ImageReady Slices -->
</body>
</html>