Problems

This line enable URL Rewriting . It must be enabled via the RewriteEngine directive! and if your .htaccess file is going to use rewrite rules, you should always include this line. Otherwise, you can’t be sure if its enabled or not. The string “on” is case insensitive.

OVERVIEW

web mailing list is a free open-source application released under the GPL (see bottom of page).

REQUIREMENTS

PHP 4+

MySQL 4+

Apache or IIS

INSTALLATION

Unzip all files/folders.

Edit connect.php and admin/connect and enter your database information.

Copy all files/folders to your web space.

If you want to use a database name other than newsletterdb,
change "newsletterdb" in create.php, connect.php, and admin/connect.php

Run create.php to create all the database tables.

Rename or delete create.php upon successful setup.

Login as "name" with password of "pass".

CREATING FILE

INSIDE ADMIN CREATE FOLLOWING FILE

Connect.php

<?php
mysql_connect("localhost","username","password") or die(mysql_error());
mysql_select_db("newsletterdb");
?>

Create.php

<?php
include("connect.php");

$link = "CREATE DATABASE newsletterdb";
$res = mysql_query($link) or die(mysql_error());

mysql_select_db("newsletterdb");

$link = "
CREATE TABLE `newsletters` (
`name` text NOT NULL,
`content` text NOT NULL,
`id` int(11) NOT NULL auto_increment,
PRIMARY KEY (`id`)
) AUTO_INCREMENT=1;";
$res = mysql_query($link) or die(mysql_error());

$link = "
CREATE TABLE `users` (
`name` varchar(50) NOT NULL default '',
`email` varchar(50) NOT NULL default '',
`date` text NOT NULL,
`status` text NOT NULL,
`unsubscribed` text NOT NULL,
`id` int(11) NOT NULL auto_increment,
PRIMARY KEY (`id`)
) AUTO_INCREMENT=1;";
$res = mysql_query($link) or die(mysql_error());

if ($res)
die("<p>Succesfully made database. Please delete this file for security reasons.</p>");
?>

Index.php

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Public Page</title>
</head>
<body>
<a href="register.php">Sign Up</a><br />
<a href="unsubscribe.php">Remove Email From List</a>
</body>
</html>

Unsubscribe.php

<?php
include("connect.php");
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
    if (!preg_match('/([a-zA-z0-9\.\-]+)@([a-zA-Z0-9\.\-]+)\.([a-zA-Z]{2,3})/',$_POST['email'],$m))
    die('Invalid Email Address.');
    $name = htmlentities($_POST['name']);

    if (empty($name))
    die("Please fill in out the whole form.");
    $email = $m[0];
    $link = "SELECT * FROM users WHERE email='$email'";
    $res = mysql_query($link) or die(mysql_error());

    if (mysql_num_rows($res) > 0)
    die("This email address is already registered.");

    $link = "INSERT INTO users VALUES ('$name','$email',NOW(),'subscribed','0','')";
    $res= mysql_query($link) or die(mysql_error());
    if ($res)
    die("Email Succesfully Registerted.");
}
else
{
    echo '<html><head><title>Sign Up</title></head>
    <body>
    <form action="" method="POST">
    Name <input type="text" name="name"><br />
    Email  <input type="text" name="email"><br /><br />
    <input type="submit" value="Sign up">
    </form>
    </body>
    </html>';
}
?>

Below file are inside admin
Addnews.php

<?php
include("connect.php");
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $name = htmlentities($_POST['name']);
    $content = htmlentities($_POST['content']);

    if (empty($name))
    die("Please fill out the name section.");
    if (empty($content))
    die("Please fill out the content section.");

    $link = "INSERT INTO newsletters VALUES('$name','$content','')";
    $res = mysql_query($link) or die(mysql_error());
    if ($res)
    die("Succesfully inserted.<br />Click <a href='index.php'>here</a> to go back.");
}
else
{
    echo '<html><head><title>Add News</title></head>
    <body>
    <form action="" method="POST">
    Name <input type="text" name="name" size="30"><br /><br />
    <textarea name="content" cols="100" rows="30">Content</textarea><br /><br />
    <input type="submit" value="Add News">
    </form>
    </body>
    </html>';
}
?>

Connect.php

<?php
session_start();
if ($_SESSION['admin'] != 'yes')
die("Only admins can view this page.");
mysql_connect("localhost","username","password") or die(mysql_error());
mysql_select_db("newsletterdb");
?>

deleteletter.php

<?php
include("connect.php");
$id = preg_replace("/'\/<>\"/","",$_GET['id']);
if (empty($id) || !is_numeric($id))
die("Invalid ID");
$link = "DELETE FROM newsletters WHERE id='$id'";
$res = mysql_query($link) or die(mysql_error());
if ($res)
die("Succesfully Deleted.<br />Click <a href='index.php'>here</a> to go back.");
?>

Deleteuser.php

<?php
include("connect.php");
$id = preg_replace("/'\/<>\"/","",$_GET['id']);
if (empty($id) || !is_numeric($id))
die("Invalid ID");
$link = "DELETE FROM users WHERE id='$id'";
$res = mysql_query($link) or die(mysql_error());
if ($res)
die("Succesfully Deleted.<br />Click <a href='index.php'>here</a> to go back.");
?>

Editletter.php

<?php
include("connect.php");
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $name = htmlentities($_POST['name']);
    $con = nl2br(htmlentities($_POST['con']));
    $id = htmlentities($_POST['id']);

    if ($id == "" || $name == "" || $con == "")
    die("Please fill out the whole form.");

    $link = "UPDATE newsletters SET `name`='$name',`content`='$con' WHERE id='$id'";
    $res = mysql_query($link) or die(mysql_error());
    if ($res)
    die("Updated.<br />Click <a href='index.php'>here</a> to go back.");
}
else
{
    $id = preg_replace("/'\/<>\"/","",$_GET['id']);
    if (empty($id))
    die("Invalid ID");
    $link = "SELECT * FROM newsletters WHERE id='$id'";
    $res = mysql_query($link) or die(mysql_error());
    $r = mysql_fetch_assoc($res);

    echo '<html><head><title>Edit Letter</title></head>
    <body>
    <form action="" method="POST">
    Name: <input type="text" name="name" value="' . $r['name'] . '"><br />
    <textarea name="con" cols="100" rows="30">' . $r['content'] . '</textarea><br /><br />
    <input type="hidden" name="id" value="' . $r['id'] . '">
    <input type="submit" value="Update Letter">
    </form>
    </body>
    </html>';
}
?>

Edituser.php

<?php
include("connect.php");
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $name = htmlentities($_POST['name']);
    $email = htmlentities($_POST['email']);
    $date = htmlentities($_POST['date']);
    $id = htmlentities($_POST['id']);

    if ($name == "" || $email == "" || $date == "" || $id == "")
    die("Please fill out the whole form.");

    $link = "UPDATE users SET name='$name',email='$email',`date`='$date' WHERE id='$id'";
    $res = mysql_query($link) or die(mysql_error());
    if ($res)
    die("Updated Succesfully.<br />Click <a href='index.php'>here</a> to go back.");
}
else
{
    $id = preg_replace("/'\/<>\"/","",$_GET['id']);
    if (empty($id))
    die("Invalid ID");
    $link = "SELECT * FROM users WHERE id='$id'";
    $res = mysql_query($link) or die(mysql_error());
    $r = mysql_fetch_assoc($res);

    echo '
    <html>
    <head><title>Edit User</title></head>
    <body>
    <form action="" method="POST">
    Name <input type="text" name="name" value="' . $r['name'] . '"><br />
    Email <input type="text" name="email" value="' . $r['email'] . '"><br />
    Date <input type="text" name="date" value="' . $r['date'] . '"><br /><br />
    <input type="hidden" name="id" value="' . $r['id'] . '">
    <input type="submit" value="Edit User">
    </form>
    </body>
    </html>';
}
?>

Index.php

<?php
include("connect.php");
?>
<html>
<head><title>Admin Panel</title></head>
<body>
<a href="addnews.php">Add News</a><br />
<a href="show.php">Show News</a><br />
<a href="viewusers.php">View Users</a><br />
</body>
</html>

<?php
session_start();
include("../connect.php");
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $name = preg_replace("/'\/<>/","",$_POST['name']);
    $pass = preg_replace("/'\/<>/","",$_POST['pass']);
    if (empty($name) || empty($pass))
    die("Please fill out the whole form.");

    if ($name == "name" && $pass == "pass")
    {
        $_SESSION['admin'] = 'yes';
        die("Succesfully Logged In<br />Click <a href='index.php'>here</a> to go back.");
    }
    else
        die("Incorrect Username/Password");
}
else
{
    echo '<html><head><title>Login</title></head>
    <body>
    <form action="" method="POST">
    Username: <input type="text" name="name"><br />
    Password: <input type="text" name="pass"><br /><br />
    <input type="submit" value="Login">
    </form>
    </body>
    </html>';
}
?>

Sendletter.php

<?php
// set time limit to 15 minutes (900/60)
set_time_limit(900);
include("connect.php");
    $id = preg_replace("/'\/<>\"/","",$_GET['id']);
    if (empty($id))
    die("Invalid ID");
    $link = "SELECT * FROM newsletters WHERE id='$id'";
    $res = mysql_query($link) or die(mysql_error());
    $r = mysql_fetch_assoc($res);
    $subject = $r['name'];
    $message = $r['content'];

    $headers = 'MIME-Version: 1.0' . "\r\n";
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
    $headers .= 'From: newsletter@' . $_SERVER['SERVER_NAME'] . "\r\n" .
    'Reply-To: newsletter@' . $_SERVER['SERVER_NAME'] . "\r\n" .
    'X-Mailer: PHP/' . phpversion();

    $link = "SELECT * FROM users WHERE status='subscribed'";
    $res = mysql_query($link) or die(mysql_error());
    while ($r = mysql_fetch_row($res))
    {
        $email = $r['email'];
        $mail = mail($email, $subject, $message, $headers);
    }
    /*
    if ($mail)
    {
    echo "Email sent to " . $email . '<br>';
    die;
    }
    else
    {
    echo "Error in mailing " . $email . '<br>';
    die;
    }
    */
?>

Show.php

<?php
include("connect.php");
echo '
<table border="1" cellpadding="2">
<tr>
<td width="25%"><b>Name</b></td>
<td width="25%"><b>Edit</b></td>
<td width="25%"><b>Send</b></td>
<td width="25%"><b>Delete</b></td>
</tr>';

$link = "SELECT * FROM newsletters";
$res = mysql_query($link) or die(mysql_error());
while ($r = mysql_fetch_assoc($res))
{
    echo '<tr>
    <td nowrap>' . $r['name'] . '</td>
    <td><a href="editletter.php?id=' . $r['id'] . '">Edit</a></td>
    <td><a href="sendletter.php?id=' . $r['id'] . '">Send</a></td>
    <td><a href="deleteletter.php?id=' . $r['id'] . '">Delete</a></td>
    </tr>';
}
echo '</table>';
?>

Suscribed.php

<?php
include("connect.php");

    $id = preg_replace("/'\/<>\"/","",$_GET['id']);
    if (empty($id))
    die("Invalid ID");
    $link = "SELECT * FROM users WHERE id='$id'";
    $res = mysql_query($link) or die(mysql_error());
    $r = mysql_fetch_assoc($res);

    if ($r['status'] == "subscribed")
    $up = "un";
    elseif ($r['status'] == "un")
    $up = "subscribed";

    $link = "UPDATE users SET status='$up' WHERE id='$id'";
    $res = mysql_query($link) or die(mysql_error());
    if ($res)
    die("Updated.<br />Click <a href='index.php'>here</a> to go back.");
?>

Viewusers.php

<?php
include("connect.php");
$link = "SELECT * FROM users";
$res = mysql_query($link) or die(mysql_error());
echo '
<html>
<head><title>View Users</title></head>
<body>
<table border="1" cellpadding="2">
<tr>
<td><b>Email</b></td>
<td><b>Edit</b></td>
<td><b>Delete</b></td>
<td><b>Subscribed (Click to Change)</b></td>
<td><b>Self-Unsubscrbied</b></td>
</tr>';

while ($r = mysql_fetch_assoc($res))
{
    if ($r['unsubscribed'] == "1")
        $b = "<b>Yes</b>";
    else
        $b = "No";

    if ($r['status'] == "subscribed")
        $a = "Yes";
    else
        $a = "No";

    echo '<tr>
    <td>' . $r['email'] . '</td>
    <td><a href="edituser.php?id=' . $r['id'] . '">Edit</a></td>
    <td><a href="deleteuser.php?id=' . $r['id'] . '">Delete</a></td>
    <td><a href="subscribed.php?id=' . $r['id'] . '">' . $a . '</a></td>
    <td>' . $b . '</td></tr>';
}
?>

Create.php

Download Source code Download
If you have any query feel free to post it below

No comments:

Post a Comment