I have a huge problem.
Basically, I have a website that is a "fanlisting". It lists fans of a subject. I have many of these websites and they're all listed in a database table, called "fanlistings".
Fanlistings
name VARCHAR(250)
Then each fanlisting, has 2 of its own tables.
name_verify and name_fan
name_verify
id INT(10) AUTO_INCREMENT
name VARCHAR(250)
email VARCHAR(250)
ip VARCHAR(250)
date VARCHAR(250)
homepage VARCHAR(250)
password VARCHAR(250)
The fan table is basically the same as when I verify fans, it puts them into the name_fan table.
Anyway, fans that were listed before I added the password feature, do not have passwords. I wanted a script to automatically generate a password for those who don't have a password and then send them an email. So I created the following script. Except there's one teeny weeny problem. It seems to send each fan an email that contains every single password for every single fan in the database. Complete with the first part of the message explaining why the email is being sent before it says each password. I have no idea why this is happening but was wondering if someone could help either by cleaning up my coding or suggesting a reason as to why this is happening. Thanks a lot.
This script is only being used by me once and then will be removed, so I've not used secure php, just something basic that will carry out the function I need.
Carl
THE FUNCTION, PASSWORDGENERATOR
<?
function PASSWORDGENERATOR() {
// make random number
mt_srand ((double) microtime() * 1000000);
$password=mt_rand(0,100000000);
return $password;
}
?>
The password is being generated fine and such. It's only the emailing that is going wrong...
<?
if ($fanlisting) {
$get_fl = mysql_query("SELECT * FROM fanlistings WHERE name='$fanlisting'");
$flinfo = mysql_fetch_array($get_fl);
echo("<b>ASSIGN PASSWORDS TO FANS OF <U>$fanlisting</U></b><br><br>");
$select_fans = mysql_query("SELECT * FROM ".fanlisting_table($fanlisting,"fan")." WHERE password=''");
$num_fans = mysql_num_rows($select_fans);
if ($num_fans == "0") {
echo("No Fans Requiring Passwords");
}
else {
while ($fan = mysql_fetch_array($select_fans)) {
$givepassword = mysql_query("UPDATE ".fanlisting_table($fanlisting,"fan")." SET password='".PASSWORDGENERATOR()."' WHERE id='$fan[id]'");
$error=mysql_error();
if ($givepassword) {
$getpassq=mysql_query("SELECT password FROM ".fanlisting_table($fanlisting,"fan")." WHERE id='$fan[id]'");
$getpass=mysql_fetch_array($getpassq);
// SEND PASSWORD
$mailTo = $fan[email];
$mailSubject = "Fanlisting Updates At The $flinfo[fanlisting_name]";
$mailHeader = "From: $flinfo[email_from] <fan@fish-are-friends.org>";
$message .= "You are recieving this email because you are a fan of the $flinfo[fanlisting_name] ($flinfo[url]). Due to a recent software upgrade, you have now been assigned a password that will increase security with regards to updating accounts. In future months, after the upgrade is complete, this password will be required to update your account should your email address, website or any other details change, so please keep this email handy.\n\n";
$message .= "Password: $getpass[password]\n\n";
$message .= "Thankyou :-)\nCarl\nFish-Are-Friends.org";
$themail = mail($mailTo, $mailSubject, $message, $mailHeader);
if ($themail) {
$email_conf="EMAIL SENT";
}
else {
$email_conf="<font color='#FF0000'>EMAIL NOT SENT</font>";
}
echo("ID <b>$fan[id]</b> GIVEN PASSWORD: <b>$getpass[password]</b> | $email_conf<br>");
}
else {
echo("ID <b>$fan[id]</b> NOT GIVEN PASSWORD! - <b>Error:</b> $error");
}
}
}
}
else {
echo("<b>SELECT FANLISTING</b><br><br>");
$query = mysql_query("SELECT * FROM fanlistings WHERE running='1'");
while ($fl = mysql_fetch_array($query)) {
$get_fans_need_password = mysql_query("SELECT * FROM ".fanlisting_table($fl[name],"fan")." WHERE password=''");
$num_fans_pw = mysql_num_rows($get_fans_need_password);
echo("[<a href='passwords.php?fanlisting=$fl[name]'>Update passwords for $fl[name]</a> - ($num_fans_pw need passwords)]<br>");
}
}
?>
