Hey everyone. Very nice site by the way. There are tons of members and that is great. I am building a website for a high end restaurant and they need a formmail that people can fill out and send in to order Gift Cards, It needs to also send a confirmation email to the person and it needs to be secure. Any suggestions?
This is an expensive service...try iContact, Email Aces, or something like that. You can find loads on Google with the keywords "autoresponder" or "email marketing". Hope this helps.
Hey Nos, I have written this for you. Hope it works ok. What is Needed for this: Required : PHP and MySQL Recommended : phpMyAdmin Tested with : Apache/2.0.53 (Win32) - PHP/5.0.3 - MySQL 4.1.10a-nt If you don't know how to install an Apache server on your Windows computer, see this tutorial : -> Installing an Apache server on Windows <http://freelancecms.org/designers-forum/open-source-server-software/52-installing-an-apache-server-on-windows.html> How to get it to work : 1. Enter your database informations in create_tables.php and validation.php 2. Run create_table.php to create the tables 3. Edit validation.php (particularly the confirmation e-mail) Lets get to work shall we? First you need to create the tables in the database, the ones that will contain the information that the user signs-up under. create_tables.php <?php $db_host="127.0.0.1"; // DB parameters $db_user="username"; $db_pass="password"; $database="db_name"; mysql_connect($db_host,$db_user,$db_pass) or die("Unable to connect to database"); mysql_select_db($database) or die( "Unable to select database"); $er=0; //****** table blacklist $query ="CREATE TABLE blackl ( id INT UNSIGNED NOT NULL auto_increment, email varchar(100) NOT NULL, IP varchar(15) NOT NULL, heure INT UNSIGNED NOT NULL, PRIMARY KEY (id))"; if(mysql_query($query)==false){$er++;echo mysql_error().'<br/>';} else echo 'Table blackl created<br/>'; //****** table members (validated members) $query ="CREATE TABLE members ( id INT UNSIGNED NOT NULL auto_increment, nom varchar(20) NOT NULL, pass varchar(32) NOT NULL, email varchar(100) NOT NULL, IP varchar(15) NOT NULL, heure INT UNSIGNED NOT NULL, PRIMARY KEY (id))"; if(mysql_query($query)==false){$er++;echo mysql_error().'<br/>';} else echo 'Table members created<br/>'; //****** table w_members (non validated members) $query ="CREATE TABLE w_members ( id INT UNSIGNED NOT NULL auto_increment, nom varchar(20) NOT NULL, pass varchar(32) NOT NULL, email varchar(100) NOT NULL, heure INT UNSIGNED NOT NULL, session varchar(32) NOT NULL, IP varchar(15) NOT NULL, PRIMARY KEY (id))"; if(mysql_query($query)==false){$er++;echo mysql_error().'<br/>';} else echo 'Table w_members created<br/>'; //****** closing SQL connection mysql_close(); if($er==0)echo 'All tables successfully created.'; else echo 'Errors occured : '.$er.' table(s) haven't been created.' ?> Code (markup): validation.php <?php $serveur="http://".$_SERVER["HTTP_HOST"]; // Server root $validity=7; // Code validity, in days. $db_host="127.0.0.1"; // DB parameters $db_user="username"; $db_pass="password"; $database="db_name"; //************ End of parameters $valid2=3600*24*$validity; $er=''; if (isset($_POST["email"])) // If the form has been submitted { mysql_connect($db_host,$db_user,$db_pass) or die("Unable to connect to database"); mysql_select_db($database) or die("Unable to select database"); $page=$serveur.$_SERVER["PHP_SELF"]; $nom=htmlentities(substr($_POST["nom"],0,100), ENT_QUOTES); // we cut the entered values to 100 characters and remove any ' or " $pass=htmlentities(substr($_POST["pass"],0,100), ENT_QUOTES); // this is to avoid SQL insertions (or other injections), and limit the amount of code that could be executed $pass2=htmlentities(substr($_POST["pass2"],0,100), ENT_QUOTES); // in case an insertion should succeed $email=htmlentities(substr($_POST["email"],0,100), ENT_QUOTES); $IP=$_SERVER['REMOTE_ADDR']; $heure=time(); if(!eregi('^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]{2,})+$', $email))$er.='Please enter a valid e-mail address.<br/>'; // Once again, sth against email insertion if(false!=strpos($nom,chr(92)) || false!=strpos($nom,":") || false!=strpos($nom,",") || false!=strpos($nom,";")) $er.='You used forbidden characters in your user name.<br/>'; do // The code must be unique, but we don't need to tell the user ;) { $session=md5($heure.rand(100000,999999)); $resultat = mysql_query("SELECT * FROM w_members WHERE session ='$session'"); } while(false!=($ligne = mysql_fetch_array ($resultat))); if($nom=="" || $pass=="" || $email==""){$er.='One or more fields are missing.<br/>';} // Fill in all fields, thank you if($pass!=$pass2){$er.='Password and confirmation didn\'t match.<br/>';} // The 2 passwords must be the same $resultat = mysql_query("SELECT * FROM members WHERE nom ='".$nom."'"); if(false!=($ligne = mysql_fetch_array ($resultat))){$er.='This username ('.$nom.') is already taken.<br/>';} // If the login is already taken (confirmed) $resultat = mysql_query("SELECT * FROM w_members WHERE nom ='".$nom."'"); if(false!=($ligne = mysql_fetch_array ($resultat))){$er.='This username ('.$nom.') is already taken.<br/>';} // If the login is already taken (not yet confirmed) $resultat = mysql_query("SELECT * FROM blackl WHERE email ='".$email."'"); if(false!=($ligne = mysql_fetch_array ($resultat))){$er.='This e-mail ('.$email.') is blacklisted. You can\'t use it to sign up here.<br/>';} // If the e-mail is in the blacklist if($er=='') { //**** IF NO ERROR - START //********* Confirmation e-mail /* subject */ $subject = "Account confirmation"; /* message */ $message = ' <html> <head> <title>Account confirmation</title> </head> <body> Hello '.$nom.',<br/><br/> You are receiving this e-mail because you or someone else used your address to sign up on our site.<br/> To complete the sign-up process please follow <a href="'.$page.'?code='.$session.'">this link</a>.<br/><br/> If you didn\'t sign up on our site, just ignore this message and please accept our apologies.<br/> You can also choose to blacklist your e-mail so you won\'t hear from us anymore by following <a href="'.$page.'?code='.$session.'&BL=1">this link</a>.<br/> Your e-mail was submitted from IP '.$IP.' on '.date("r").' (server time).<br/><br/> Best regards,<br/> Site Admin </body> </html> '; /* To send HTML mail, you can set the Content-type header. */ $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/html; charset=iso-8859-1\r\n"; /* additional headers */ $headers .= "To: ".$nom." <".$email.">\r\n"; $headers .= "From: Site <do_not_reply@patheticcockroach.com>\r\n"; /* and now mail it */ if(mail($email, $subject, $message, $headers)) { mysql_query("INSERT INTO w_members SET nom='".$nom."',pass='".md5($pass)."',email='".$email."',heure='".$heure."',session='".$session."',IP='".$IP."';"); // We insert the data into the waiting table echo 'Thank you.<br/>An e-mail was sent to '.$email.'. Please check your e-mail and confirm your membership within '.$validity.' days.'; } else {$er.='We weren't able to send you the confirmation e-mail. Please contact the webmaster.<br/>';} } //**** IF NO ERROR - END mysql_close(); } // If the form has been filled - END else if(isset($_GET["code"])) // If a code is entered { mysql_connect($db_host,$db_user,$db_pass) or die("Unable to connect to database"); mysql_select_db($database) or die("Unable to select database"); $heure=time(); $heure2=$heure-$valid2; // We delete outdated codes mysql_query("DELETE FROM w_members WHERE heure<".$heure2.";"); $session=htmlentities($_GET["code"], ENT_QUOTES); $sql = "SELECT * FROM w_members WHERE session ='".$session."'"; $resultat = mysql_query($sql); if(false==($ligne = mysql_fetch_assoc ($resultat))){$er.='This code is wrong or has expired, please fill in the form again.<br/>';} if($er=='') { //**** IF NO ERROR - START if(!isset($_GET["BL"])) // If the user comes to confirm, we insert them into the members table and remove them from the waiting table { $nom=$ligne['nom']; mysql_query("INSERT INTO members SET nom='".$nom."',pass='".$ligne['pass']."',email='".$ligne['email']."',IP='".$ligne['IP']."',heure='".$ligne['heure']."';"); mysql_query("DELETE FROM w_members WHERE session='".$session."'"); echo 'Thank you for confirming your inscription '.$nom.'. You are now a member of the site.'; } else if($_GET["BL"]==1) // If the user comes to be blacklisted, we ask for a confirmation { echo 'Click <a href="'.$_SERVER["PHP_SELF"].'?code='.$session.'&BL=2">here</a> to blacklist your e-mail. This CANNOT be undone.'; } else // If the user confirms they want to be blacklisted, we insert them into the blacklist and remove them from the waiting table { $email=$ligne['email']; mysql_query("INSERT INTO blackl SET email='".$email."',IP='".$ligne['IP']."',heure='".$ligne['heure']."';"); mysql_query("DELETE FROM w_members WHERE session='".$session."'"); echo 'Your e-mail, '.$email.', has been blacklisted. You won't receive anymore e-mails from us.'; } } //**** IF NO ERROR - END mysql_close(); } // If a code is entered - END else{show_form();} // If there is no form submitted nor a code, we show the form if($er!='' && isset($_POST["email"])){show_form($nom,$pass,$pass2,$email,$er);} else if($er!='' && !isset($_POST["email"])){show_form('','','','',$er);} //************ Form display function function show_form($nom="",$pass="",$pass2="",$email="",$er='') { echo '<div style="font-weight:bold;">'.$er.'</div> Please fill in the sign up form :<br/> <form action="'.$_SERVER["PHP_SELF"].'" method="post"> <table> <tr> <td><label for="nom">Desired login</label> :</td><td><input type="text" name="nom" id="nom" size="50" maxlength="20" value="'.$nom.'" /></td> </tr> <tr> <td><label for="pass">Password</label> :</td><td><input type="password" name="pass" id="pass" size="50" maxlength="20" value="'.$pass.'" /></td> </tr> <tr> <td><label for="pass2">Confirm password</label> :</td><td><input type="password" name="pass2" id="pass2" size="50" maxlength="20" value="'.$pass2.'" /></td> </tr> <tr> <td><label for="email">E-mail</label> :</td><td><input type="text" name="email" id="email" size="50" maxlength="100" value="'.$email.'" /></td> </tr> <tr><td colspan="2" style="text-align:center;"><input type="submit" value=" Sign Up " /></td></tr> </table> </form>'; } ?> Code (markup): Validation.php will allow you to validate the email that has been used to sign-up with. Don't forget to edit the variables. Last but not least you need to have a form that requires the users to submit their email. mypage.php - you can easily copy and paste this code into your current pages, it is merely an example. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/2001/REC-xhtml11-20010531/DTD/xhtml11-flat.dtd"> <html> <head> <title>Pre inscription form</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <div>Some header : a menu, whatever...</div> <div style="border:1px solid #000; width:30em; padding:1px;"> <?php include ("validation.php"); ?> </div> <div>Some footer...<br/> <a href="http://validator.w3.org/check?uri=referer"> <img src="http://www.w3.org/Icons/valid-xhtml11" alt="Valid XHTML 1.1" height="31" width="88" style="border:0px;" /> </a> </div> </body> </html> Code (markup): Grab me via PM if you need a hand setting this up.. Hope this helps, Nick
Nick, Wow this is wonderful information you have supplied. Thank you so much. You are very helpful. I am going to work on setting this up and testing it out. I will let you know how it goes. Unfortunately the site is not hosted on my webserver and I have not had the chance to ask them about switching to mine so I will need to simply make sure they have phpmyadmin and sql set up. Thank you again.