Here’s the updated double opt in email signup system for PHP7 and Google Recaptcha. I hope it proves helpful...
There are 4 pages that act on a section called email_signup:
email_signup.php - the initial signup form that creates a record in the database with the hidden field checked and the confirmed field unchecked. The page also sends a confirmation email to the email entered with a link that the recipient can click on to confirm that they wanted to sign up.
confirm.php - the confirmation page that the person accesses through the link in their email to confirm that they wanted to sign up.
unsubscribe.php - the form used to unsubscribe. As above a confirmation email is sent to the email entered, and no action is taken until the recipient clicks on the link in the email.
unsubscribe_confirm.php - as above, the page that the person addresses through the link in their email to confirm that they wanted to unsubscribe.
Here’s the .ini.php code for creating the email_signup section, email_signup,ini.php
<?php if (!@$LOADSTRUCT) { die("This is not a program file."); } return array ( '_detailPage' => '', '_disableAdd' => '0', '_disableErase' => '0', '_disableModify' => '0', '_disablePreview' => '1', '_disableView' => '1', '_filenameFields' => '', '_hideRecordsFromDisabledAccounts' => '0', '_indent' => '0', '_listPage' => '', '_maxRecords' => '', '_maxRecordsPerUser' => '', '_perPageDefault' => '1000', '_previewPage' => '', '_requiredPlugins' => '', '_tableName' => 'email_signup', 'listPageFields' => 'last_name,first_name,email,hidden,confirmed,remove,source,createdDate,updatedDate', 'listPageOrder' => 'source DESC, confirmed DESC, last_name, first_name', 'listPageSearchFields' => '__ALL__', 'menuHidden' => '0', 'menuName' => 'Email Signup', 'menuOrder' => '0000000004', 'menuPrefixIcon' => '', 'menuType' => 'multi', 'num' => array( 'order' => 1, 'type' => 'none', 'label' => 'Record Number', 'isSystemField' => '1', ), 'createdDate' => array( 'order' => 2, 'type' => 'none', 'label' => 'Created', 'isSystemField' => '1', ), 'createdByUserNum' => array( 'order' => 3, 'type' => 'none', 'label' => 'Created By', 'isSystemField' => '1', ), 'updatedDate' => array( 'order' => 4, 'type' => 'none', 'label' => 'Last Updated', 'isSystemField' => '1', ), 'updatedByUserNum' => array( 'order' => 5, 'type' => 'none', 'label' => 'Last Updated By', 'isSystemField' => '1', ), 'hidden' => array( 'order' => 6, 'label' => 'Hidden', 'type' => 'checkbox', 'fieldPrefix' => '', 'checkedByDefault' => '0', 'description' => '', 'checkedValue' => 'Yes', 'uncheckedValue' => 'No', ), 'confirmed' => array( 'order' => 7, 'label' => 'Confirmed', 'type' => 'checkbox', 'fieldPrefix' => '', 'checkedByDefault' => '0', 'description' => '', 'checkedValue' => 'Yes', 'uncheckedValue' => 'No', ), 'remove' => array( 'order' => 8, 'label' => 'Remove', 'type' => 'checkbox', 'fieldPrefix' => '', 'checkedByDefault' => '0', 'description' => '', 'checkedValue' => 'Yes', 'uncheckedValue' => 'No', ), 'first_name' => array( 'order' => 9, 'label' => 'First Name', 'type' => 'textfield', 'defaultValue' => '', 'fieldPrefix' => '', 'description' => '', 'fieldWidth' => '', 'isPasswordField' => '0', 'isRequired' => '0', 'isUnique' => '0', 'minLength' => '', 'maxLength' => '', 'charsetRule' => '', 'charset' => '', ), 'last_name' => array( 'order' => 10, 'label' => 'Last Name', 'type' => 'textfield', 'defaultValue' => '', 'fieldPrefix' => '', 'description' => '', 'fieldWidth' => '', 'isPasswordField' => '0', 'isRequired' => '0', 'isUnique' => '0', 'minLength' => '', 'maxLength' => '', 'charsetRule' => '', 'charset' => '', ), 'email' => array( 'order' => 11, 'label' => 'Email', 'type' => 'textfield', 'defaultValue' => '', 'fieldPrefix' => '', 'description' => '', 'fieldWidth' => '', 'isPasswordField' => '0', 'isRequired' => '0', 'isUnique' => '0', 'minLength' => '', 'maxLength' => '', 'charsetRule' => '', 'charset' => '', ), 'source' => array( 'order' => 12, 'label' => 'Source', 'type' => 'list', 'fieldPrefix' => '', 'description' => '', 'isRequired' => '0', 'isUnique' => '0', 'listType' => 'pulldown', 'optionsType' => 'text', 'optionsText' => 'Exhibition Meeting Street Fair Web Site', ), ); ?>
emailsignup.php
The code at the top of the page, above the head, after the records calls required for your site:
<?php // load records from 'email_signup' list($email_signupRecords, $email_signupMetaData) = getRecords(array( 'tableName' => 'email_signup', 'loadUploads' => true, 'allowSearch' => false, )); ?> <?php $signup_email = ' the_email_address_you_want_to_use_for_return_and_reply' ?> <?php if (@$_REQUEST['submit']) { function validateGoogleCaptcha(){ $errorsAndAlerts = "";
if (!@$_REQUEST['g-recaptcha-response']) { $errorsAndAlerts .= "Please check the anti-spam 'I am not a robot' checkbox!\n"; $showSignupForm = true; // don't change this value } else { // check recaptcha $postdata = array(); $postdata['secret'] = 'your Google Recaptcha secret code'; $postdata['response'] = @$_REQUEST['g-recaptcha-response']; $postdata['remoteip'] = $_SERVER['REMOTE_ADDR']; $url = "https://www.google.com/recaptcha/api/siteverify?". http_build_query($postdata, '', '&'); list($json, $httpStatusCode, $headers, $request) = getPage($url, 5, '', true); $recaptchaResponse = json_decode($json, true); if (!$recaptchaResponse['success']) { if (is_array($recaptchaResponse['error-codes'])) { if (in_array('missing-input-secret', $recaptchaResponse['error-codes'])) { $errorsAndAlerts .= "There's a problem with recaptcha, please let us know! (no secret)\n"; } if (in_array('invalid-input-secret', $recaptchaResponse['error-codes'])) { $errorsAndAlerts .= "There's a problem with recaptcha, please let us know! (invald secret)\n"; } if (in_array('missing-input-response', $recaptchaResponse['error-codes'])) { $errorsAndAlerts .= "Please fill out the recaptcha box!\n"; $showSignupForm = true; // do we need this line? } if (in_array('invalid-input-response', $recaptchaResponse['error-codes'])) { $errorsAndAlerts .= "Please fill out the recaptcha box again, your answer was incorrect!\n"; $showSignupForm = true; // do we need this line? } } if (!@$errorsAndAlerts) { @$errorsAndAlerts .= "Invalid captcha response, please try again or contact us directly and let us know."; } @trigger_error("Failed recaptcha on signup form", E_USER_NOTICE); } } return $errorsAndAlerts; } } ?> <?php // submit form if (@$_REQUEST['submit']) { @$errorsAndAlerts .= validateGoogleCaptcha(); // error checking
if (!@$_REQUEST['first_name']) { $errorsAndAlerts .= "Please enter your first name\n"; } if (!@$_REQUEST['last_name']) { $errorsAndAlerts .= "Please enter your last name\n"; } if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter your email address\n"; }
// email checking if ($_REQUEST['email'] || $_REQUEST['email2']) { if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter your email address\n"; } elseif (!@$_REQUEST['email2']) { $errorsAndAlerts .= "Please re-enter your email address\n"; } elseif ($_REQUEST['email'] != $_REQUEST['email2']) { $errorsAndAlerts .= "Sorry, the e mail addresses you entered don't match!\n"; } }
// check for duplicate emails if (!$errorsAndAlerts) { $count = mysql_select_count_from('email_signup', "'".mysql_escape($_REQUEST['email'])."' IN (email)"); if ($count > 0) { $errorsAndAlerts .= "That email address is already signed up, please choose another!\n"; } }
// turn off strict mysql error checking for: STRICT_ALL_TABLES mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)
// add record if (!@$errorsAndAlerts) { $tablename = 'email_signup'; $colsToValues = array(); $colsToValues['createdDate='] = 'NOW()'; $colsToValues['updatedDate='] = 'NOW()'; $colsToValues['createdByUserNum'] = 0; $colsToValues['updatedByUserNum'] = 0; $colsToValues['first_name'] = $_REQUEST['first_name']; $colsToValues['last_name'] = $_REQUEST['last_name']; $colsToValues['email'] = $_REQUEST['email']; $colsToValues['hidden'] = 1; $hideMissingFieldErrors = true; $newRecordNum = mysql_insert($tablename, $colsToValues, $hideMissingFieldErrors);
// display thanks message and clear form $errorsAndAlerts = "Thanks for submitting your information. Before we can add your email address to our list, you'll need to confirm your intent by clicking on the link in the email that you will receive shortly. If you do not see the email, check your spam folder.";
// send email to applicant $to=$_REQUEST['email']; $subject = 'Email List Signup Request'; $headers = "From: $signup_email" . "\r\n"; $headers .= "Reply-To: $signup_email" . "\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"; $message = '<html><body>'; $message .= '<table rules="all" style="border-color: #666;" cellpadding="10">'; $eml = $_REQUEST['email']; $message .= "<tr ><td><h2 align='center'>EMAIL LIST SIGNUP REQUEST</h2>There is just one more step to be included on our email distribution list.To make sure that no one else signed you up for this list, please click on this link or paste it into your browser. <a href='http://your_site.com/confirmed.php?submit=1&confirmed=1&hidden=0&email=$eml'>http://your_site.com/confirmed.php?submit=1&confirmed=1&hidden=0&email=$eml</a></td></tr>"; $message .= "</table>"; $message .= "</body></html>";
// Send if (mail($to,$subject,$message, $headers)) { echo 'Mail sent!'; } else { echo 'Error! Mail was not sent.'; }; }
}
?>
And the active code in the body of the page:
<table width="92%" border="0" align="center"> <tr> <td valign="top"><form method="post" action=""> <input type="hidden" name="submit" value="1" /> <?php if (@$errorsAndAlerts): ?> <div class="heading_font" align="left" style="color:#C00"> <?php echo $errorsAndAlerts; ?> </div> <?php endif ?> <table align="left" border="0" cellspacing="0" cellpadding="2"> <tr> <td class=" text_font" valign="top"><b>First Name</b></td> <td><input type="text" name="first_name" value="<?php echo htmlspecialchars(@$_REQUEST['first_name']) ?>" size="30" /></td> </tr> <tr> <td class="text_font" valign="top"><b>Last Name</b></td> <td><input type="text" name="last_name" value="<?php echo htmlspecialchars(@$_REQUEST['last_name']) ?>" size="30" /></td> </tr> <tr> <td class="text_font" valign="top"><b>Email Address</b></td> <td><input type="text" name="email" value="<?php echo htmlspecialchars(@$_REQUEST['email']) ?>" size="30" /></td> </tr> <tr> <td class="text_font" valign="top"><b>Re-enter Your Email Address</b></td> <td><input type="text" name="email2" value="<?php echo htmlspecialchars(@$_REQUEST['email2']) ?>" size="30" /></td> </tr> <tr> <td valign="top"> </td> <td> </td> </tr> <tr> <td colspan="2" class="text_font" style=" font-weight: bold;" valign="top">Please check the "I'm not a robot" box below before submitting. <div class="g-recaptcha" data-theme="light" data-sitekey="Your Google Recaptcha site key"></div></td> </tr> <tr> <td style="padding: 5px;"><input type="submit" name="add" value="Click To Submit >>" /> </td> </tr> </table> </form></td> </tr> </table>
confirmed.php
The code at the top of the page, above the head, after the records calls required for your site:
<?php // submit form if (@$_REQUEST['submit']) {
// error checking $errorsAndAlerts = ""; if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter the email address you used when you signed up.\n"; }
// turn off strict mysql error checking for: STRICT_ALL_TABLES mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later) // update user if (!$errorsAndAlerts) { $emailExists = mysql_count('email_signup', ['email' => $_REQUEST['email']]); $emailConfirmed = mysql_count('email_signup', ['email' => $_REQUEST['email'], 'confirmed' => 1]); $userNum = 0; if ($emailExists && !$emailConfirmed) { $updateNum = null; $updateWhere = [ 'email' => $_REQUEST['email'] ]; $colsToValues = [ 'hidden' => 0, 'confirmed' => '1', 'updatedDate=' => 'NOW()' ]; mysql_update('email_signup', $updateNum, $updateWhere, $colsToValues); $userNum = mysqli()->insert_id; $errorsAndAlerts = "Thanks, your email address has been succesfully added to our maillist"; } elseif($emailExists && $emailConfirmed){//email exists, but has already been confirmed $errorsAndAlerts.="That Email address has already been confirmed.If you'd like to sign up with another Email address,<a href='http://your_site.com/email_signup.php'><span class='heading_font' >CLICK ON THIS LINK</span></a>"; } elseif (!$emailExist){ //email does not exist in the database $errorsAndAlerts.="Sorry, that email address doesn't exist in the database.Please enter the same Email address that you used when you signed up, and click on submit."; } }} ?>
And the active code in the body of the page:
<form method="post" action=""> <input type="hidden" name="submit" value="1" /> <table width="90%" border="0" cellpadding="5" cellspacing="0"> <tr> <td valign="top">&<?php if (@$errorsAndAlerts): ?> <div class="text_font" align="left" style="color: #C00; font-weight: bold;"> <?php echo $errorsAndAlerts; ?> </div> <?php endif ?></td> <td> </td> </tr> <tr> <td align="left" class="text_font" valign="top"><b>If you see an error above, it's probably because <input type="text" name="email" value="<?php echo htmlspecialchars(@$_REQUEST['email']) ?>" size="30" /> is not the Email address that you used when you signed up. Please change it and click on submit.</b></td> <td> </td> </tr> <tr> <td valign="top"> </td> <td> </td> </tr> </table> <input type="submit" name="add" value="Click to Submit >>" /> </form> <p align="left" class="text_font"> If you no longer want to receive information about us, <a style="text-decoration:underline; color:#000" href="http://www.yoursite.com/unsubscribe.php"><span class="text_font">CLICK/TAP HERE</span></a> to unsubscribe.</p>
unsubscribe.php
The code at the top of the page, above the head, after the records calls required for your site:
<?php // load records from 'email_signup' list($email_signupRecords, $email_signupMetaData) = getRecords(array( 'tableName' => 'email_signup', 'loadUploads' => true, 'allowSearch' => false, )); ?> <?php $signup_email = 'the_email_address_you_want_to_use_for_return_and_reply' // the email to use for return and reply?> <?php if (@$_REQUEST['submit']) { function validateGoogleCaptcha(){ $errorsAndAlerts = "";
if (!@$_REQUEST['g-recaptcha-response']) { $errorsAndAlerts .= "Please check the anti-spam 'I am not a robot' checkbox!\n"; $showSignupForm = true; // don't change this value } else { // check recaptcha $postdata = array(); $postdata['secret'] = 'your Google Recaptcha secret code'; $postdata['response'] = @$_REQUEST['g-recaptcha-response']; $postdata['remoteip'] = $_SERVER['REMOTE_ADDR']; $url = "https://www.google.com/recaptcha/api/siteverify?". http_build_query($postdata, '', '&'); list($json, $httpStatusCode, $headers, $request) = getPage($url, 5, '', true); $recaptchaResponse = json_decode($json, true); if (!$recaptchaResponse['success']) { if (is_array($recaptchaResponse['error-codes'])) { if (in_array('missing-input-secret', $recaptchaResponse['error-codes'])) { $errorsAndAlerts .= "There's a problem with recaptcha, please let us know! (no secret)\n"; } if (in_array('invalid-input-secret', $recaptchaResponse['error-codes'])) { $errorsAndAlerts .= "There's a problem with recaptcha, please let us know! (invald secret)\n"; } if (in_array('missing-input-response', $recaptchaResponse['error-codes'])) { $errorsAndAlerts .= "Please fill out the recaptcha box!\n"; $showSignupForm = true; // do we need this line? } if (in_array('invalid-input-response', $recaptchaResponse['error-codes'])) { $errorsAndAlerts .= "Please fill out the recaptcha box again, your answer was incorrect!\n"; $showSignupForm = true; // do we need this line? } } if (!@$errorsAndAlerts) { @$errorsAndAlerts .= "Invalid captcha response, please try again or contact us directly and let us know."; } @trigger_error("Failed recaptcha on signup form", E_USER_NOTICE); } } return $errorsAndAlerts; } } ?> <?php $redirect = '0' // set a variable called $redirect to a value of 0 ?> <?php if(@$_REQUEST['submit']):?> <?php $errorsAndAlerts = ""; $errorsAndAlerts .= validateGoogleCaptcha();
if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter your email address\n"; }
// email checking if ($_REQUEST['email'] || $_REQUEST['email2']) { if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter your email address\n"; } elseif (!@$_REQUEST['email2']) { $errorsAndAlerts .= "Please re-enter your email address\n"; } elseif ($_REQUEST['email'] != $_REQUEST['email2']) { $errorsAndAlerts .= "Sorry, the e mail addresses you entered don't match!\n"; } } // check for existing emails if (!$errorsAndAlerts) { $count = mysql_select_count_from('email_signup', "'".mysql_escape($_REQUEST['email'])."' IN (email)"); if ($count < 1) { $redirect = '1'; // if no matching email address change the variable $redirect to a value of 1 } }
// turn off strict mysql error checking for: STRICT_ALL_TABLES mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later) ?> <?php // error checking if (!@$errorsAndAlerts && $redirect == '0') {
// display sorry message and clear form $errorsAndAlerts = "We'll be sorry to see you go.To make sure that no one else is trying to remove your email address from our list, you'll need to confirm your intent by clicking on the link in the email that you will receive shortly. If you don't see the email, check your spam folder.";
// send email to applicant $to=$_REQUEST['email']; $subject = 'Email List Removal Request';
$headers = "From: $signup_email" . "\r\n"; $headers .= "Reply-To: $signup_email" . "\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"; $message = '<html><body>'; $message .= '<table rules="all" style="border-color: #666;" cellpadding="10">'; $eml = $_REQUEST['email']; $message .= "<tr ><td><div align='left'><img src='http://www.your_site.com/images/email-masthead-400px.png' style='border:hidden;'/></div><h2 align='center'>EMAIL LIST LIST REMOVAL REQUEST</h2>We're sorry to see you go.There's just one more step to be removed from our email distribution list.To make sure that no one else is trying to remove you from this list, please click on this link or paste it into your browser. <a href=http:/your_site.com/unsubscribe_confirm.php?submit=1&remove_me=1&email=$eml'>http://your_site.com/unsubscribe_confirm.php?submit=1&remove=1&email=$eml</a></td></tr>"; $message .= "</table>"; $message .= "</body></html>";
// Send if (mail($to,$subject,$message, $headers)) { echo 'Mail sent!'; } else { echo 'Error! Mail was not sent.'; }; } ?> <?php if ($redirect == '1'):?> <?php
header("Location:http://your_site.com/your_unsubscribe_contact_page.php");
exit; ?> <?php endif ?> <?php endif?>
And the active code in the body of the page:
<table width="100%" border="0" align="center" cellpadding="10"> <tr> <td valign="top"><div align="center" class="heading_font">EMAIL LIST UNSUBSCRIBE </div> <div align="center" style="width:80%; text-align:left"> <div align="center"> <p class="heading_font">Please Use The Form Below To Unsubscribe From Our Email List </p> </div> <form method="post" action=""> <input type="hidden" name="submit" value="1" /> <?php if (@$errorsAndAlerts): ?> <div align="left" style="color: #C00; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight: bold; font-size: 15px;"> <?php echo $errorsAndAlerts; ?> </div> <?php endif ?> <table align="left" border="0" cellspacing="0" cellpadding="2"> <tr> <td class="Medium-Text" valign="top"><b>Enter The Email Address To Be Removed</b></td> <td><input type="text" name="email" value="<?php echo htmlspecialchars(@$_REQUEST['email']) ?>" size="30" /></td> </tr> <tr> <td class="Medium-Text" valign="top"><b>Re-enter The Email Address</b></td> <td><input type="text" name="email2" value="<?php echo htmlspecialchars(@$_REQUEST['email2']) ?>" size="30" /></td> </tr> <tr> <td colspan="2" class="text_font" style="color: #<?php echo $site_colorsRecord['menu_background_color'] ?>; font-weight: bold;" valign="top">Please check the "I'm not a robot" box below before submitting. <div class="g-recaptcha" data-theme="light" data-sitekey="your_Google Recaptcha site key"></div></td> </tr> <tr> <td colspan="2" valign="top"> <input type="submit" name="submit" value="Click To Submit >>" /></td> </tr> </table> </form></td> </tr> </table>
unsubscribe_confirm.php
The code at the top of the page, above the head, after the records calls required for your site:
<?php // submit form if (@$_REQUEST['submit']) {
// error checking $errorsAndAlerts = ""; if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter the email address you used when you signed up.\n"; }
// turn off strict mysql error checking for: STRICT_ALL_TABLES mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later) // update user if (!$errorsAndAlerts) { $emailExists = mysql_count('email_signup', ['email' => $_REQUEST['email']]); //check to ensure that email exists in the table $emailRemoved = mysql_count('email_signup', ['email' => $_REQUEST['email'], 'remove' => 1]); // check to ensure that email exists and has not been removed yet $userNum = 0; if ($emailExists && !$emailRemoved) { $updateNum = null; $updateWhere = [ 'email' => $_REQUEST['email'] ]; $colsToValues = [ 'hidden' => 1, 'remove' => '1', 'updatedDate=' => 'NOW()' ]; mysql_update('email_signup', $updateNum, $updateWhere, $colsToValues); $userNum = mysqli()->insert_id; $errorsAndAlerts = "Thanks, your email address has been successfully removed from our maillist.To sign up again, <a style='text-decoration:underline; color:#C00;' href='http://www.your_site.com/email_signup.php'><span class='text_font'><font color='#C00'>CLICK HERE</font></span></a> for our email sign up page."; } elseif($emailExists && $emailRemoved){//email exists, but has already been removed $errorsAndAlerts.="That Email address has already been removed.To remove another address, <a style='text-decoration:underline; color:#C00;' href='http://www.your_site.com/unsubscribe.php'><span class='text_font'><font color='#C00'>CLICK HERE</font></span></a> to return to our unsubscribe page."; } elseif (!$emailExist){ //email does not exist in the database $errorsAndAlerts.="Sorry, that email address doesn't exist in the database.>To be removed from our list, <a style='text-decoration:underline; color:#C00;' href='http://www.your_site.com/unsubscribe.php'><span class='text_font'><font color='#C00'>CLICK HERE</font></span></a> to return to our unsubscribe page and enter the email address that you used when you signed up."; } }} ?>
And the active code in the body of the page:
<div align="center" class="heading_font"> <h2>Email List Unsubscribe Confirmation</h2> </div> <table width="900px" border="0" align="center" cellpadding="10"> <tr> <td class="heading_font" ><?php if (@$errorsAndAlerts): ?> <div align="left" style="color: #C00; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight: bold; font-size: 15px;"> <?php echo $errorsAndAlerts; ?> </div> <?php endif ?> </td> </tr> </table>
|