How to include dynamic data in the e-mail receipt? Problem with Session values.
I have a password reset page:
http://www.dreamcaruk.com/dreamcar-reset.php
This asks the user to enter their e-mail, to be sent a reset password link. You will note that I've revealed the hidden WA_RandomPassword field in the above example. When the form is submitted, this opens the http://www.dreamcaruk.com/dreamcar-reset-checkemail.php page which is structured, in terms of server behaviour order, as follows:
Recordset - filtered by the e-mail address entered on the previous page
Create Session - the WA_RandomPassword value from the hidden form field on the previous page (revealed for this example)
Update - saves the WA_RandomPassword to the users record
Universal E-mail - sends a plain text e-mail with a link that includes the e-mail address and WA_RandomPassword values as querystrings.
When the user clicks the link in the above e-mail, I want them to be transported to a confirmation page that checks the username and password against the record in database and, if they both match, presents a Reset Password form which allows the user to change their password.
On the page that contains the Recordset, Create Session, Update and Universal E-mail behaviours I have this to create the session value.
<?php
@session_start();
if("" == "") {
$_SESSION["NEWtempPW"] = "".((isset($_POST["tempPW"]))?$_POST["tempPW"]:"") ."";
}
?>
My e-mail confirmation template is:
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Reset Password</title>
<style>
body {
font-family: Arial, Helvetica, sans-serif;
}
h1 {
font-size: 3rem;
color: #00aeef;
}
.blue {
color: #00aeef;
}
a {
color: #00aeef;
text-decoration: none;
}
</style>
</head>
<body>
<p>Sorry that you're having trouble with your password. Please click on the link below to reset your password and play today!</p>
<p><a href="http://www.dreamcaruk.com/dreamcar-reset-confirm.php?DCe=<?php echo($rsWHO->getColumnVal("DCuserEMAIL")); ?>&DCp=<?php echo $_SESSION['NEWtempPW']; ?>">http://www.dreamcaruk.com/dreamcar-reset-confirm.php?DCe=<?php echo($rsWHO->getColumnVal("DCuserEMAIL")); ?>&DCp=<?php echo $_SESSION['NEWtempPW']; ?></a></p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p>© 2016-<?php echo date("Y") ?> All Rights Reserved. <a href="http://www.dreamcargalaxy.com" style="color: #fff;">DREAM <span class="blue">CAR</span> GALAXY</a> | <a href="http://www.dreamcargalaxy.com/terms-conditions.php" class="blue">Terms</a> | <a href="http://www.dreamcargalaxy.com/privacy-policy.php" class="blue">Privacy</a> | <a href="http://www.dreamcargalaxy.com/contact.php" class="blue">Contact</a></p>
</body>
</html>
You'll see what happens when you click "Reset Password". .The e-mail receipt page is being displayed directly in the browser as opposed to arriving by email to the user.
Any idea why? Is it because I have dynamic code in the e-mail receipt page? Is there any way to include that as I need to query the table on the final reset password page, before allowing them to reset.
Hope you can help. Thank you.
NJ
EDIT: Looks like I need to add globals to the head of the e-mail receipt page:
<?php
global $rsWHO;
global $_SESSION_NEWtempPW;
?>