Free PHP Scripts -- PHP Guestbook, PHP directory, polls, Free graphics icons, and more webmaster goodies

User Options

Register--Login--Top 20 Posters--Search Topics

Forum Main>>Tutorials>>Basic HTML newsletter with PHP/MYSQL

New Topic-Reply

Author

Post

Chipmunk

Rank:Settler of Bobland
Group: Head Administrator
Posts: 2867
IP Logged

PM ID and RPS ID: 1
PM [Chipmunk]

View Member Photo

Last replied to on Wed May 16, 2012 01:53:30
Edit Post|Quote

This tutorial will teach you how to make a simple newsletter in PHP/MYSQL with account activation. This will require PHP that is not running in SAFE_MODE or PHP that at least allows the sendmail function(duh, you can't send mail without this enabled).
First you need a table for your subscribers. So for this tutorial, we will call this table email_table. This table needs the following fields:

1. userID - Autogenerated, prmary auto-increment
2. email - varchar 255 length
3. validated - Int with a default value of Zero
4. validkey - varchar 255

So basically the signup process will Consist of three files:

connect.php - The connector file
signup.php - Actual signup file
validate.php - a file for users to validate themselves

The connector file is just a basic connect file:

Code:



$db = mysql_connect("localhost", "username", "password") or die("Could not connect.");

if(!$db) 

	die("no db");

if(!mysql_select_db("databse_name",$db))

 	die("No database selected.");

if(!get_magic_quotes_gpc())

{

  $_GET = array_map('mysql_real_escape_string', $_GET); 

  $_POST = array_map('mysql_real_escape_string', $_POST); 

  $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);

}

else

{  

   $_GET = array_map('stripslashes', $_GET); 

   $_POST = array_map('stripslashes', $_POST); 

   $_COOKIE = array_map('stripslashes', $_COOKIE);

   $_GET = array_map('mysql_real_escape_string', $_GET); 

   $_POST = array_map('mysql_real_escape_string', $_POST); 

   $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);

}



$adminmail="you@yourdomain.com";

$path="http://www.domain.com/path";

Your username, password, and database name should go where indicated.
The $adminmail is your administrator mail, this is where you are sending the mail from.
$path is the domain and path this script is installed in. array_map and mysql_real_escape_string parses out possible SQL injections.

The signup file should look something like this:

Code:



include "connect.php";

if(isset($_POST['submit'])) //if submit was pushed

{

   $email=$_POST['email'];

   $checkdups="SELECT * from email_table where email='$email'";

   $checkdups2=mysql_query($checkdups) or die("Could not check duplicates");

   $checkdups3=mysql_num_rows($checkdups2);   

   if(strlen($email)<4 || substr_count($email," ")>0)

   {

      print "That is not a valid email address. Please try again.";

   }

   else if($checkdups3>0)

   {

      print "That email is already in our database.";

   }

   else

   {

      srand((double)microtime()*1000000);  //sets random seed

      $string = md5(rand(0,1000000)); 

      $thekey=$string;

      $insertemail="INSERT into email_table (email,validkey) values('$email','$thekey')";

      mysql_query($insertemail) or die("Could not insert mail");

      mail($email,"Thanks for signing up","Thanks, please activate your account at $path/validate.php?email=$email&string=$string","From: $adminmail");

      print "You have signed up for the newsletter and a validation link has been sent to your email.";



   }

}

else

{

    print "<form action='signup.php' method='post'>";

    print "Email:<br>";

    print "<input type='text' name='email' size='20'><br>";

    print "<input type='submit' name='submit' value='submit'></form>";



}

When you first go to this file, it prints a simple form asking for the e-mail to subscribe, when you hit enter if goes to the

Code:

 

if(isset($_POST['submit']))

code. First it checks to see if your email is already in the list of emails with $checkdups. Basically it queries the mysql table for that email and
then counts the number of rows, if the number of rows is greater than zero, then it will give you the message that the email is already in the database.
It also counts the number of characters in the email with strlen() and uses substr_count to check for spaces. If the email has spaces or is less than 4 characters, it returns an invalid e-mail error.

If everything goes through error checking then it first sets a random generator seed and then generates a random key validation value. It then
inserts this value into the database along with the email that subscribed. It also uses the mail() function to send a validation email to the email that
just subscribed, to make sure that person actually subscribed.

Now we have to write the validation file, validate.php:

Code:



include "connect.php";

$email=$_GET['email'];

$string=$_GET['string'];

$email=trim($email); //trims whitespace

$email=strip_tags($email); //strips out possible HTML

$string=trim($string);

$string=strip_tags($string);

$query="update email_table set validated='1' where email='$email' and validkey='$string'";

mysql_query($query) or die("Could not validate user");

print "User validated.";

So this file is short and simple it first gets the values from the strings passed in by the URL and uses trim() to trim out any whitespace and strip_tags to
kill any possible HTML injections. These can be done on one line, but for the purposes of this being a tutorial, they are shown line-by-line.
Then after it sanitizes the strings, it updates the sql table and sets the validated value to one where email and validation key are the ones passed in.

Okay the below files go into a password protected admin folder. For this I am assuming you have the ability in your control panel to password protect folders.
If not please visit This link to see how to set up a password protected directory in .htaccess.

So in the admin folder we will have 3 files:

sendletter.php -- the file that sends the newsletter
displaylist - file that displays the list of emails
deluser - delete a email

First lets go over displaylist.php:

Code:



include "../connect.php";

$getlist="SELECT * from email_table order by email ASC"; //select e-mails in ABC order

$getlist2=mysql_query($getlist) or die("Could not get list");

print "<table border='1'><tr><td>Email</td><td>Delete</td></tr>";

while($getlist3=mysql_fetch_array($getlist2))

{

   print "<tr><td><A href='mailto:$getlist3[email]'>$getlist3[email]</a></td><td><A href='deluser.php?ID=$getlist3[userID]'>Delete</a></td></tr>";

}

print "</table>";

This is pretty basic, the query selects all emails on the list and displays them in alphabetical order in tabular format. You can click on the email link
to email that person directly or click on delete to delete that person from your list.

Now lets look at deluser.php , the file that actually deletes the user:

Code:



include "../connect.php";

if(isset($_POST['submit']))

{

   $ID=$_POST['ID'];

   $ID=trim($ID);

   $ID=strip_tags($ID);

   $deluser="Delete from email_table where userID='$ID'";

   mysql_query($deluser) or die("Could not delete user");

   print "Email deleted.";



}

else

{

   $ID=$_GET['ID'];

   $ID=trim($ID);

   $ID=strip_tags($ID);

   print "<form action='deluser.php' method='post'>";

   print "<input type='hidden' name='ID' value='$ID'>";

   print "Are you sure you want to delete this user?";

   print "<input type='submit' name='submit' value='submit'></form>";



}

First this file prints a form asking you for a confirmation that you want to delete the user. It takes the ID passed in by the URL and sanitizes it
by trimming the whitespace and stripping any HTML tags from it. Then it hides the ID in a hidden field. When you hit submit, it sends the ID
and the query deletes the user with that ID.

Now lets look at the file that actually sends the newsletter, sendletter.php:

Code:



include "../connect.php";

if(isset($_POST['submit']))

{

  $subject=$_POST['subject'];

  $nletter=$_POST['nletter'];

  if(strlen($subject)<1)

  {

     print "You did not enter a subject.";

  }

  else if(strlen($nletter)<1)

  {

    print "You did not enter a message.";

  } 

  else

  {

      $nletter=$_POST['nletter'];

      $subject=$_POST['subject'];

      $nletter=stripslashes($nletter);

      $subject=stripslashes($subject);

      $lists=$_POST['lists'];

      $nletter=str_replace("rn","<br>",$nletter);

      //the block above formats the letter so it will send correctly.

      $getlist="SELECT * from email_table order by email ASC"; //select e-mails in ABC order

      $getlist2=mysql_query($getlist) or die("Could not get list");

      while($getlist3=mysql_fetch_array($getlist2))

      {

         $headers = "From: $adminmail \r\n"; 

         $headers.= "Content-Type: text/html; charset=ISO-8859-1 ";  //send HTML enabled mail

         $headers .= "MIME-Version: 1.0 ";     

         mail("$getlist3[email]","$subject","$nletter",$headers);

      }

      print "Newsletter Sent.";

   }

}

else

{

   print "<form action='sendletter.php' method='post'>";

   print "Subject:<br>";

   print "<input type='text' name='subject' size='20'><br>";

   print "Message:<br>";

   print "<textarea name='nletter' cols='50' rows='6'></textarea><br>";

   print "<input type='submit' name='submit' value='submit'></form>";





}

Ok so that sends the newsletter. First it prints out the form with a subject and a message field.
After you hit submit it first checks if those fields are greater than 1 character in length, if they are not, it returns an error message.
If they are, then it takes the subject and the message and does some formatting using stripslashes() which, well strips the slashes from the message(some servers will put slashes in to prevent injections). Then it replaces the "rn" character with <br> or an HTML line break. Then it makes the headers, which specify where this message is from, the text/html content type makes sure that it is sending HTML email Mime version 1.0 .
Last of all it queries the list and loops through all the email address and sends the message to them all.

Thats your basic email list!

-----------------------------
Chipmunk,
Supreme Administrator

Page: