diff --git a/api/merch/buy.php b/api/merch/buy.php
index 28d1bf61be72b75ee8cdaac667d5cb1d61c6e57b..89d3b77d65fa3f62507554502a01f20c2a1d04bc 100644
--- a/api/merch/buy.php
+++ b/api/merch/buy.php
@@ -1,5 +1,5 @@
 <?php
-function buyItem($merchId, $userId)
+function buyItem($merchId, $userId, $email)
 {
     // rest buy merchandise
     $ch = curl_init();
@@ -12,7 +12,8 @@ function buyItem($merchId, $userId)
         CURLOPT_POSTFIELDS,
         json_encode(
             array(
-                "user_id" => (int)$userId
+                "user_id" => (int)$userId,
+                "email" => $email
             )
         )
     );
@@ -31,7 +32,8 @@ function buyItem($merchId, $userId)
 if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['buyMerch'])) {
     $merchId = $_POST['merchId'];
     $userId = $_POST['userId'];
+    $email = $_POST['email'];
 
-    buyItem($merchId, $userId);
+    buyItem($merchId, $userId, $email);
 }
 ?>
\ No newline at end of file
diff --git a/app/controllers/Merchandise.php b/app/controllers/Merchandise.php
index a8cca195f497027b0488c2f2fa6f8ef73a141786..ec0ea4a465c8348f4f2a4c1b4177a316fc36dd85 100644
--- a/app/controllers/Merchandise.php
+++ b/app/controllers/Merchandise.php
@@ -8,6 +8,7 @@ class Merchandise extends Controller
 
         $data["pageTitle"] = "Merch!";
         $data["user_id"] = $_SESSION['user_id'];
+        $data["email"] = $_SESSION['email'];
 
         // user's gems
         $baseUrl = 'http://soap:8080/service/gems';
diff --git a/app/views/merchandise/index.php b/app/views/merchandise/index.php
index 5c14fd09ce36fcf185bf8d62bde4abc202c64af3..e5cd614b6629ea4dc7c815e809a72fcc4975f0ce 100644
--- a/app/views/merchandise/index.php
+++ b/app/views/merchandise/index.php
@@ -29,6 +29,7 @@
                         <form action="../../../api/merch/buy.php" method="post">
                             <input type="hidden" name="merchId" value="<?= $merch['merchandise_id'] ?>">
                             <input type="hidden" name="userId" value="<?= $data['user_id'] ?>">
+                            <input type="hidden" name="email" value="<?= $data['email'] ?>">
                             <button type="submit" name="buyMerch">Buy</button>
                         </form>
                     </div>