1

This is the scenario:

User A: Access the website and choose a questionnaire. The questionnaires are separated on different pages in the same domain, for example:

Home: "surveys.com"

Questionnaires:

  • "surveys.com/type1"

  • "surveys.com/type2"

After choosing one, he (User A) puts the following information:

1 = Recipient's email

2 = His email

And then submit.

User B: Person who received this link to the questionnaire (surveys.com/type1).

What I want to do is: When User B accesses the link to the questionnaire page, it is already programmed to send responses to User A who left his email on the home page.

My idea was to save the information provided by User A in variables and save it in the database. When User B accesses the page, I take the respective information from the database and use it on the page to do what I want.

The problem is: How would I separate information for different users? (maybe it's simple, but I don't know how to do it)

That's what I've done so far:

Home:

<?php

include_once 'includes/dbh.php';
require  'email/PHPMailerAutoload.php';

$recipient = $_POST['emailFor'];
$sender = $_POST['senderEmail'];
$message = $_POST['message'];

$sql = "INSERT INTO users(email, body) VALUES('$sender', '$message');";
mysqli_query($conn, $sql;)

Questionnaire page (survey.com/type1):

<?php

include_once 'includes/dbh.php';
$sql = "SELECT * FROM users;";
$result = mysqli_query($conn, $sql);

?>

I think it is not possible to use sessions, since the information will need to be passed on to another user. I also thought about the possibility of creating a uniq link maybe, but I have no idea how to do it. Anyway, I'll be grateful if you can help with code examples for this.

Vitor Freitas
  • 103
  • 1
  • 11
  • 1
    Side note: Do not use string interpolation or concatenation to get values into SQL queries. That's error prone and might make your program vulnerable to SQL injection attacks. Use parameterized queries. See ["How to include a PHP variable inside a MySQL statement"](https://stackoverflow.com/questions/7537377/how-to-include-a-php-variable-inside-a-mysql-statement) and ["How can I prevent SQL injection in PHP?"](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). – sticky bit Dec 26 '20 at 14:31

1 Answers1

1

I can try to provide you solution below: When user A send the email to user B you save it in table like surveys_send with an unique code that will be randomly generate. When user B visits the link from user A it can look something like survey.php?randomcode=12345 and randomcode is this unique generated code when sending the email. When the user enters this survey script it will check and send an response to user A that someone visited this url.

mrSotirow
  • 103
  • 1
  • 4
  • This helped me to understand a little better, but I still don't understand how I would generate this unique code, add it to the url and solve it in a link, where I would be able to get the information passed by user A and use it in this unique link. If you can help with any code example I would appreciate it. – Vitor Freitas Dec 26 '20 at 15:03
  • For example, you can use php build in function random(1,9999) <- this will generate random number from 1 to 9999 which you can use to insert for the unique records. Lets say user A sends an email with link to user B with random code 1234, then you will know that code 1234 belongs to user A's email. – mrSotirow Dec 26 '20 at 15:13