Home/ Questions/Q 6247831
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T12:56:50+00:00

I have 2 scripts/pages, both using session data. Page 1 is a table with

  • 0

I have 2 scripts/pages, both using session data.

Page 1 is a table with some data, one of the pieces of data is an email address. This page is only accessible if $_SESSION['email'] == 'myEmail@email.com'. There is a button on page 1 in each row of the table that sends an AJAX call to script/page 2 which emails that corresponding email address.

In page 2 there is another check for $_SESSION['email'] == 'myEmail@email.com'.

Then it sets $email = $_POST['email'] and calls a mail() function. After this script executes it automatically changes $_SESSION['email'] to be equal to $email.

I’ve changed the variable name from $email to $sendToEmail and this fixes the issue.

My question is why does it do this? Is this a bug or a feature?

EDIT:

This is the mail.php code in it’s entirety.

<?php
session_start();
define("_VALID_PHP", true);
require_once('init.php');

if ($_SESSION['email'] == 'email@gmail.com') {
    if (isset($_POST['iid'])) {
        $iid = $_POST['iid'];
        if (isset($_POST['email'])) {
            $sendToEmail = $_POST['email'];
            $query = $db->query("SELECT id FROM esns WHERE iid='$iid' AND status=0");
            if (mysql_num_rows($query) > 0) {
                $data['success'] = false;
                $data['msg'] = "Email cannot be sent until all ENS's are checked for this invoice.";
            }
            else {
                $query = $db->query("SELECT uid, md5 FROM invoice WHERE id='$iid'");
                $row = $db->fetch($query);
                $uid = $row['uid'];
                $md5 = $row['md5'];
                $query = $db->query("SELECT email FROM users WHERE id='$uid'");
                $row = $db->fetch($query);
                if ($row['email'] == $email) {
                    $clean = array();
                    $bad = array();
                    $invalid = array();
                    $query = $db->query("SELECT esn, status, carrier FROM esns WHERE iid='$iid'");

                    $headers = "From: email@site.com";
                    $subject = "New Message from site.com";

                    $body = "Hello";

                    $mail = mail($sendToEmail,$subject,$body,$headers);

                    if (!$mail) {
                        $data['success'] = false;
                        $data['msg'] = "There was an error sending the email."; 
                    }
                    else {
                        $query = mysql_query("UPDATE invoice SET paid=2 WHERE id='$iid'");
                        $data['success'] = true;
                    }
                }
                else {
                    $data['success'] = false;
                    $data['msg'] = "There was an mismatch with the emails. The posted email does not belong to this invoice.";  
                }
            }
        }
        else {
            $data['success'] = false;
            $data['msg'] = "Post data not sent/recieved correctly: `email` is no set.";
        }
    }
    else {
        $data['success'] = false;
        $data['msg'] = "Post data not sent/recieved correctly: `iid` is no set.";
    }
}
else {
    $data['success'] = false;
    $data['msg'] = "Your are not logged in as an administrator.";
}
echo json_encode($data);
?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You have probably register_globals on? That might be your core of problem, because when it is on, it’ll set $_SESSION automatically when setting $email

    • 0