Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
reindent; remove mysql_* stuff; replace with db_query; ensure vaguely…
… valid form submission git-svn-id: https://xerteonlinetoolkits.googlecode.com/svn/trunk@130 912cdd6b-5c7d-d5a7-a2ba-d0f0cdb91641
- Loading branch information
Dave Goodwin
committed
Oct 5, 2011
1 parent
85be134
commit ff13d0a
Showing
1 changed file
with
32 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,39 +1,32 @@ | ||
<?PHP /** | ||
* | ||
* peer view page, sends the email back to the | ||
* | ||
* @author Patrick Lockley | ||
* @version 1.0 | ||
* @copyright Copyright (c) 2008,2009 University of Nottingham | ||
* @package | ||
*/ | ||
|
||
require("../../../config.php"); | ||
|
||
include "../database_library.php"; | ||
|
||
$mysql_id = database_connect("peer review Database connect success","peer review database connect failed"); | ||
|
||
$query_for_file_name = "select template_name from " . $xerte_toolkits_site->database_table_prefix . "templatedetails where template_id =\"" . mysql_real_escape_string($_POST['template_id']) . "\""; | ||
|
||
$query_response = mysql_query($query_for_file_name); | ||
|
||
$row_template_name = mysql_fetch_array($query_response); | ||
|
||
$headers = str_replace("*","\n",$xerte_toolkits_site->headers); | ||
|
||
if(isset($_POST['user'])){ | ||
|
||
if(mail( $_POST['user'] . "@" . $xerte_toolkits_site->email_to_add_to_username, "Feedback on project - \"" . str_replace("_"," ",$row_template_name['template_name']) ."\"", "Hello, <br><br> You've received feedback on your project.<br><br><br>" . $_POST['feedback'] . "<br><br><br>Thanks for using the site<br><br>The Xerte Project Team", $headers)){ | ||
|
||
echo "<b>Your feedback has been sent to the user</b>"; | ||
|
||
}else{ | ||
|
||
echo "<b>A problem has occured.</b>"; | ||
|
||
} | ||
|
||
} | ||
|
||
?> | ||
<?php | ||
/** | ||
* | ||
* peer view page, sends the email back to the | ||
* | ||
* @author Patrick Lockley | ||
* @version 1.0 | ||
* @copyright Copyright (c) 2008,2009 University of Nottingham | ||
* @package | ||
*/ | ||
|
||
require_once("../../../config.php"); | ||
|
||
include "../database_library.php"; | ||
|
||
if(empty($_POST['template_id'])) { | ||
die("invalid form submission"); | ||
} | ||
|
||
$query_for_file_name = "select template_name from {$xerte_toolkits_site->database_table_prefix}templatedetails where template_id =?"; | ||
|
||
$row_template_name = db_query_one($query_for_file_name, array($_POST['template_id'])); | ||
|
||
$headers = str_replace("*","\n",$xerte_toolkits_site->headers); | ||
|
||
if(isset($_POST['user'])){ | ||
if(mail( $_POST['user'] . "@" . $xerte_toolkits_site->email_to_add_to_username, "Feedback on project - \"" . str_replace("_"," ",$row_template_name['template_name']) ."\"", "Hello, <br><br> You've received feedback on your project.<br><br><br>" . $_POST['feedback'] . "<br><br><br>Thanks for using the site<br><br>The Xerte Project Team", $headers)){ | ||
echo "<b>Your feedback has been sent to the user</b>"; | ||
}else{ | ||
echo "<b>A problem has occured.</b>"; | ||
} | ||
} |