Authenticating email

I'm trying to add an email authentication routine to a client's contact form. I have an "active" field in the contact table which is initially set to 0, as well as a key field that holds a unique ID. Here's how I expect it to work:

1. Client submits form with name and email address. A hidden field contains the unique ID created by setting the value to <?php echo uniqid() ?>.
2. On submission, the info is inserted to the contacts table and an email sent that contains a link to the confirmation page with the unique ID added as a URL arg. The browser is redirected to the confirm.php page which initially has a message about the sent email.
3. When the user clicks the email link, it revisits the confirm.php page with the Unique ID, which displays a "you're confirmed" message and updates the contacts table active value to 1.

Steps 1 & 2 work, but I get an error after the email is sent. Here's the error dump:

Notice: Undefined index: waue_contact2_2_Status in /contact2.php on line 152

Notice: Undefined index: waue_contact2_2_Index in /contact2.php on line 153

Notice: Undefined index: waue_contact2_2_From in /contact2.php on line 154

Notice: Undefined index: waue_contact2_2_To in /contact2.php on line 155

Notice: Undefined index: waue_contact2_2_Subject in /contact2.php on line 156

Notice: Undefined index: waue_contact2_2_Body in /contact2.php on line 157

Notice: Undefined index: waue_contact2_2_Header in /contact2.php on line 158

Notice: Undefined index: waue_contact2_2_Log in /contact2.php on line 159

Warning: Cannot modify header information - headers already sent by (output started at /contact2.php:152) in /contact2.php on line 162

As you can see from the attached file, lines 152-162 is where the session variables are set for the email. What's odd is that the email is somehow sent. I also do not go to the confirm.php page as expected (it's correctly defined at the $GoToPage variable), but I suspect that's because of the errors encountered.

How do I get over this stumbling block?

Thanks - Joe

Delete the webassist/email/mail_php.php and mailformating.php files, then edit the UR Behavior to have them recreated. make sure to upload the new versions to the server.

Thanks - that solved that problem. But I have another now. After submitting, when it goes to my confirm.php page, I get the following error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '== $'1'' at line 1

Here's the start of my confirm page:

<?php require_once("webassist/security_assist/wa_md5encryption.php"); ?>
<?php require_once('Connections/connContacts.php'); ?>
<?php require_once("webassist/database_management/wa_appbuilder_php.php"); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

*********************************

Doesn't seem to be a '==$1' in sight. I've attached the confirm page so you can check.

Thanks - Joe

change line 41:
$query_rsConfirm = sprintf("SELECT * FROM contacts WHERE contacts.`key`== $%s", GetSQLValueString($keyvalue_rsConfirm, "text"));

to:
$query_rsConfirm = sprintf("SELECT * FROM contacts WHERE contacts.`key` = %s", GetSQLValueString($keyvalue_rsConfirm, "text"));

Getting the same problem. I noticed that I was using a reserved word ("key"), so I changed that to "keystring" - unfortunately, doesn't seem to have made a difference. I notice I get the same error when I try to test the recordset in DW if that helps.

Any other suggestions?

I've attached the latest code.

in the where clause:
WHERE contacts.keystring == %s

you have 2 equals signs, there should be only 1:
WHERE contacts.keystring = %s

Eagle eye!

Thanks - Joe

Glad to hear it is working.

If I can sneak in a related question.... on my confirm.php page, I have a recordset that looks for the unique key passed by the email link. If it finds that it presents the "congrats" message, updates the record to be active, and then sends an email with the user's details to the site owner. I have the email set up using the Block template with a recordset, but I don't understand how to pass the ID of the user to that page. How do I do that?

Thanks again - Joe

The recordset should not be in the template file. It should be in the main file that Universal Email is applied to.

Then in the template file declare the recordset and the row array as globals
global $recordsetName;
global $row_recordsetName;


then you can use the recordset bindings in the email body:

<?php echo $row_recordsetName['columnName']; ?>