cyber_alchemist Posted November 4, 2013 Share Posted November 4, 2013 This was a third party script which i was going through , now, somehow this script seemed incomplete, i want to make sure what are missing and what do i have to do to make it working. this is the admin form to add the mailing list, although after going through the ml_admin_transact it just gives a blank page..?? Also I didn't find any switch related to the post made by the admin form. <?php require 'db.inc.php'; $db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die ('Unable to connect. Check your connection parameters.'); mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db)); ?> <html> <head> <title>Mailing List Administration</title> <style type="text/css"> td { vertical-align: top; } </style> </head> <body> <h1>Mailing List Administration</h1> <form method="post" action="ml_admin_transact.php"> <p><label for="listname">Add Mailing List:</label><br /> <input type="text" id="listname" name="listname" maxlength="100" /> <input type="submit" name="action" value="Add New Mailing List" /> </p> <?php $query = 'SELECT ml_id, listname FROM ml_lists ORDER BY listname ASC'; $result = mysql_query($query, $db) or die(mysql_error($db)); if (mysql_num_rows($result) > 0) { echo '<p><label for="ml_id">Delete Mailing List:</label><br />'; echo '<select name="ml_id" id="ml_id">'; while ($row = mysql_fetch_array($result)) { echo '<option value="' . $row['ml_id'] . '">' . $row['listname'] . '</option>'; } echo '</select>'; echo '<input type="submit" name="action" value="Delete ' . 'Mailing List" />'; echo '</p>'; } mysql_free_result($result); ?> </form> <p><a href="ml_quick_msg.php">Send a quick message to users.</a></p> </body> </html> and ml_admin_transact.php :- <?php require 'db.inc.php'; require 'class.SimpleMail.php'; $db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die ('Unable to connect. Check your connection parameters.'); mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db)); $action = (isset($_REQUEST['action'])) ? $_REQUEST['action'] : ''; switch ($action) { case 'Subscribe': $email = (isset($_POST['email'])) ? $_POST['email'] : ''; $query = 'SELECT user_id FROM ml_users WHERE email="' . mysql_real_escape_string($email, $db) . '"'; $result = mysql_query($query, $db) or die(mysql_error($db)); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_assoc($result); $user_id = $row['user_id']; } else { $first_name = (isset($_POST['first_name'])) ? $_POST['first_name'] : ''; $last_name = (isset($_POST['last_name'])) ? $_POST['last_name'] : ''; $query = 'INSERT INTO ml_users (first_name, last_name, email) VALUES ("' . mysql_real_escape_string($first_name, $db) . '", ' . '"' . mysql_real_escape_string($last_name, $db) . '", ' . '"' . mysql_real_escape_string($email, $db) . '")'; mysql_query($query, $db); $user_id = mysql_insert_id($db); } mysql_free_result($result); foreach ($_POST['ml_id'] as $ml_id) { if (ctype_digit($ml_id)) { $query = 'INSERT INTO ml_subscriptions (user_id, ml_id, pending) VALUES (' . $user_id . ', ' . $ml_id . ', TRUE)'; mysql_query($query, $db); $query = 'SELECT listname FROM ml_lists WHERE ml_id = ' . $ml_id; $result = mysql_query($query, $db); $row = mysql_fetch_assoc($result); $listname = $row['listname']; $message = 'Hello ' . $first_name . "\n" . $message .= 'Our records indicate that you have subscribed ' . 'to the ' . $listname . ' mailing list.' . "\n\n"; $message .= 'If you did not subscribe, please accept our ' . 'apologies. You will not be subscribed if you do ' . 'not visit the confirmation URL.' . "\n\n"; $message .= 'If you subscribed, please confirm this by ' . 'visiting the following URL: ' . 'http://www.example.com/ml_user_transact.php?user_id=' . $user_id . '&ml_id=' . $ml_id . '&action=confirm'; $mail = new SimpleMail(); $mail->setToAddress($email); $mail->setFromAddress('list@example.com'); $mail->setSubject('Mailing list confirmation'); $mail->setTextBody($message); $mail->send(); unset($mail); } } header('Location: ml_thanks.php?user_id=' . $user_id . '&ml_id=' . $ml_id . '&type=c'); break; case 'confirm': $user_id = (isset($_GET['user_id'])) ? $_GET['user_id'] : ''; $ml_id = (isset($_GET['ml_id'])) ? $_GET['ml_id'] : ''; if (!empty($user_id) && !empty($ml_id)) { $query = 'UPDATE ml_subscriptions SET pending = FALSE WHERE user_id = ' . $user_id . ' AND ml_id = ' . $ml_id; mysql_query($query, $db); $query = 'SELECT listname FROM ml_lists WHERE ml_id = ' . $ml_id; $result = mysql_query($query, $db); $row = mysql_fetch_assoc($result); $listname = $row['listname']; mysql_free_result($result); $query = 'SELECT first_name, email FROM ml_users WHERE user_id = ' . $user_id; $result = mysql_query($query, $db); $row = mysql_fetch_assoc($result); $first_name = $row['first_name']; $email = $row['email']; mysql_free_result($result); $message = 'Hello ' . $first_name . ',' . "\n"; $message .= 'Thank you for subscribing to the ' . $listname . ' mailing list. Welcome!' . "\n\n"; $message .= 'If you did not subscribe, please accept our ' . 'apologies. You can remove' . "\n"; $message .= 'this subscription immediately by visiting the ' . 'following URL:' . "\n"; $message .= 'http://www.example.com/ml_remove.php?user_id=' . $user_id . '&ml_id=' . $ml_id; $mail = new SimpleMail(); $mail->setToAddress($email); $mail->setFromAddress('list@example.com'); $mail->setSubject('Mailing list subscription confirmed'); $mail->setTextBody($message); $mail->send(); header('Location: ml_thanks.php?user_id=' . $user_id . '&ml_id=' . $ml_id); } else { header('Location: ml_user.php'); } break; case 'Remove': $email = (isset($_POST['email'])) ? $_POST['email'] : ''; if (!empty($email)) { $query = 'SELECT user_id FROM ml_users WHERE email="' . $email . '"'; $result = mysql_query($query, $db) or die(mysql_error($db)); if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $user_id = $row['user_id']; header('Location: ml_remove.php?user_id=' . $user_id . '&ml_id=' . $ml_id); break; } header('Location: ml_user.php'); } break; } ?> if any more files are needed i will post it those as well. Quote Link to comment Share on other sites More sharing options...
cyber_alchemist Posted November 5, 2013 Author Share Posted November 5, 2013 okay got few things , first to add mailing lists and second to delete mailing list... <?php require 'db.inc.php'; require 'class.SimpleMail.php'; $db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die ('Unable to connect. Check your connection parameters.'); mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db)); $action = (isset($_REQUEST['action'])) ? $_REQUEST['action'] : ''; switch ($action) { case 'Add New Mailing List': $listname = isset($_POST['listname']) ? $_POST['listname'] : ''; if (!empty($listname)) { $query = 'INSERT INTO ml_lists (listname) VALUES ("' . mysql_real_escape_string($listname, $db) . '")'; } mysql_query($query,$db) or die(mysql_error($db)); break; case 'Delete Mailing List': $ml_id = isset($_POST['ml_id']) ? $_POST['ml_id'] : ''; if (ctype_digit($ml_id)) { $query = 'DELETE FROM ml_lists WHERE ml_id=' . $ml_id; mysql_query($query, $db) or die(mysql_error($db)); } break; } ?> however... i am still figuring out how to send mass mails to all the subscribers... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.