Login

AceInfinity · 09-19-2011, 06:56 PM

Does anyone know of any good ways to add people to an emailing list on a website? Preferably one where the visitor can input their username and choose to be added to my global mailing list, with the option to unsubscribe at a later date if they wish as well.

I know it's PHP, and I probably need to add an sql database to store information but I want to make sure that all the emails are secure too, so I can assure them that they won't be given to any others audiences.

Fragma · 09-19-2011, 11:53 PM

Is this what you're after??
http://www.phptutorial.info/scripts/mailinglist/

AceInfinity · 09-20-2011, 12:27 AM

I've got my own custom script now, I was pointed to the right direction when I posted this on my site, you should be able to close this now, i've got my own regex addition to the script and i'm using includes for connecting to a mysql database between several php files now.

settings.inc.php

PHP Code:
<?
        $config['dbhost'] = "localhost";
        $config['dbuser'] = "username";
        $config['dbpass'] = "password";
        $config['dbname'] = "database";
?>

email_database.php

PHP Code:
<?
        include("settings.inc.php");
        $connection = mysql_connect($CONFIG['DBHOST'],
        $CONFIG['DBUSER'],
        $CONFIG['DBPASS']) or die("Could not establish a connection with mysql.");
        mysql_select_db($CONFIG['DBNAME']) or die("Unable to select database.");
?>

send.php

PHP Code:
<?php include("email_database.php");

if($password == md5($_POST['pass'])) {

    if(!isset($_POST['send'])) {
        die("Failed to submit your E-Mail!");
    }

    if(!$query = mysql_query("SELECT * FROM `mails`")) {
        die("Query failed!");
    }

    while($row = mysql_fetch_array($query)) {
        if(!mail($row['mail'], "Huatulco Newsletter", $_POST['mail'], "aceofspin@hotmail.com")) {
            die("Unable to send mail to ".$row['mail']);
        }
    }

    mysql_free_result($query);
    mysql_close($connect);

}

?>

subscribe.php

PHP Code:
<?php include("email_database.php");

/* Include regex if statement here for the rest of php script */

    if(!isset($_POST['subscribe']) || $_POST['email'] == "") {
        die("Failed to submit your E-Mail!");
    }

    $sql = 'INSERT INTO `mails` (`id` ,`mail`) VALUES (NULL , \''.$_POST['email'].'\');';

    if(!$query = mysql_query($sql)) {
        die("Could not save your E-Mail!");
    }

    mysql_close($connect);

?>

I decided I might mix up the md5 hash a bit with a key too:

PHP Code:
if($password == md5(SOME_KEY$_POST['pass'])) 

I also finally got the regex built in as an extra feature, and a security benefit for email validation on my subscribe.php:

PHP Code:
<?php include("email_database.php");
    
    if(!isset($_POST['subscribe']) || $_POST['email'] == "") {
        die("Failed to submit your E-Mail!");
    }
    
    if (!preg_match("/\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,6}\b/i", $_POST['email'])) {
        //User has entered in an invalid email address
        die("You have entered an invalid email address. Please try again.");
    } else {
        //User has entered in a proper email address
        $sql = 'INSERT INTO `mails` (`id` ,`mail`) VALUES (NULL , \''.$_POST['email'].'\');';

        if(!$query = mysql_query($sql)) {
            die("Could not save your E-Mail!");
        }
    }
    
    mysql_close($connect);

?>

Login
Username:
Password:	Lost Password?
	Remember me