622 Chapter 28 Building a Mailing List Manager n Users should be able to unsubscribe from lists they are subscribed to. n Users should be able to store their preference for either HTML formatted or plain text newsletters. n For security reasons, users should not be able to send mail to the lists or to see each other’s email addresses n Users and administrators should be able to view information about mailing lists. n Users and administrators should be able to view past newsletters that have been sent to a list (the archive). Solution Components There are a number of components we will need to fulfil the requirements.The main ones are setting up a database of lists, subscribers, and archived newsletters; uploading newsletters that have been created offline; and sending mail with attachments. Setting Up a Database of Lists and Subscribers We will track the username and password of each system user, as well as a list of the lists they have subscribed to.We will also store each user’s preference for receiving text or HTML email, so we can send a user the appropriate version of the newsletter. An administrator will be a specialized user with the ability to create new mailing lists and send newsletters to those lists. A nice piece of functionality to have for a system like this is an archive of previous newsletters. Subscribers might not keep previous postings, but might want to look some- thing up.An archive can also act as a marketing tool for the newsletter as potential sub- scribers can see what the newsletters are like. Setting up this database in MySQL and an interface to it in PHP will have nothing new or difficult in it. File Upload We need an interface to allow the administrator to send newsletters, as mentioned previ- ously.What we haven’t talked about is how administrators will create that newsletter.We could provide them with a form where they could type or paste the newsletter content. However, it will increase the user-friendliness of our system to let administrators create a newsletter in their favorite editor and then upload the file to the Web server.This will also make it easy for an administrator to add images to an HTML newsletter. For this we can use the file upload capability discussed in Chapter 16,“Interacting with the File System and the Server.” We will need to use a slightly more complicated form than we have used in the past. We will require the administrator to upload both text and HTML versions of the newsletter, along with any inline images that go into the HTML. 34 525x ch28 1/24/03 2:55 PM Page 622 623 Solution Overview When the newsletter has been uploaded, we need to create an interface so that the administrator can preview the newsletter before sending it.This way, he can confirm that all the files were uploaded correctly. Note that we will store all these files in an archive directory so that users can read back issues of newsletters.This directory needs to be writable by the user your Web serv- er runs as.The upload script will try to write the newsletters into ./archive/ so make sure you create that directory and set permissions on it appropriately. Sending Mail with Attachments For this project, we would like to be able to send users either a plain text newsletter or a “fancy” HTML version, according to their preference. To send an HTML file with embedded images, we will need to find a way to send attachments. PHP’s simple mail() function doesn’t easily support sending attachments. Instead, we will use the excellent Mail_Mime package from PEAR, created by Richard Heyes.This can deal with HTML attachments, and can also be used to attach any images that are contained in the HTML file. Installation instructions for this package are included in Appendix A,“Installing PHP and MySQL,” under PEAR Installation. Solution Overview For this project, we will again use an event-driven approach to writing our code, as we did in Chapter 27,“Building a Web-Based Email Service.” We have again begun by drawing a set of system flow diagrams to show the paths users might take through the system. In this case, we have drawn three diagrams to rep- resent the three different sets of interactions users can have with the system. Users have different allowable actions when they are not logged in, when they are logged in as regu- lar users, and when they are logged in as administrators.These actions are shown in Figures 28.1, 28.2, and 28.3, respectively. Show all lists Not logged in Login New Account Figure 28.1 A user can only choose a limited number of actions when he is not logged in. In Figure 28.1 you can see the actions that can be taken by a user who is not logged in. As you can see, he can log in (if he already has an account), create an account (if he 34 525x ch28 1/24/03 2:55 PM Page 623 624 Chapter 28 Building a Mailing List Manager doesn’t already have one), or view the mailing lists available for signup (as a marketing tactic). Logged in Change Password Subscribe Show other lists Archive Show my lists Info Account Settlings Unsub Figure 28.2 After logging in, users can change their preferences through a variety of options. Figure 28.2 shows the actions a user can take after logging in. He can change his account setup (email address and preferences), change his password, and change which lists he is subscribed to. Admin logged in Change Password Show other lists Show all lists Show my lists SubscribeArchiveInfoUnsub Create lists View Mail Send Mail Create Mail Figure 28.3 Administrators have additional actions available to them. Figure 28.3 shows the actions available if an administrator has logged in. As you can see, an administrator has most of the functionality available to a user, and some additional options. She can also create new mailing lists, create new messages for a mailing list by uploading files, and preview messages before sending them. Because we have used an event-driven approach again, the backbone of the applica- tion is contained in one file, index.php, which calls on a set of function libraries. An overview of the files in this application is shown in Table 28.1. 34 525x ch28 1/24/03 2:55 PM Page 624 625 Setting Up the Database Table 28.1 Files in the Mailing List Manager Application Filename Type Description index.php Application The main script that runs the entire application. include_fns.php Functions Collection of include files for this application. data_valid_fns.php Functions Collection of functions for validating input data. db_fns.php Functions Collection of functions for connecting to the mlm data- base. mlm_fns.php Functions Collection of functions specific to this application. output_fns.php Functions Collection of functions for outputting HTML. upload.php Component Script that manages the file upload component of the administrator role. Separated out to make security easier. user_auth_fns.php Functions Collection of functions for authenticating users. create_database.sql SQL SQL to set up the mlm database and set up a Web user and an administrative user. We will work our way through the project implementation, beginning with the database in which we will store subscriber and list information. Setting Up the Database For this application we will need to store details of n Lists: Mailing lists available for subscription. n Subscribers: Users of the system and their preferences. n Sub_lists: A record of which users have subscribed to which lists (a many-to-many relationship) n Mail: A record of email messages that have been sent. n Images: Because we want to be able to send email messages that consist of multiple files (that is, text and HTML plus a number of images), we also need to track which images go with each email. The SQL we have written to create this database is shown in Listing 28.1. Listing 28.1 create_database.sql—SQL to Create the mlm Database create database mlm; use mlm; create table lists ( listid int auto_increment not null primary key, listname char(20) not null, 34 525x ch28 1/24/03 2:55 PM Page 625 626 Chapter 28 Building a Mailing List Manager blurb varchar(255) ); create table subscribers ( email char(100) not null primary key, realname char(100) not null, mimetype char(1) not null, password char(16) not null, admin tinyint not null ); # stores a relationship between a subscriber and a list create table sub_lists ( email char(100) not null, listid int not null ); create table mail ( mailid int auto_increment not null primary key, email char(100) not null, subject char(100) not null, listid int not null, status char(10) not null, sent datetime, modified timestamp ); #stores the images that go with a particular mail create table images ( mailid int not null, path char(100) not null, mimetype char(100) not null ); grant select, insert, update, delete on mlm.* to mlm@localhost identified by 'password'; insert into subscribers values ('admin@localhost', 'Administrative User', 'H', password('admin'), 1); Listing 28.1 Continued 34 525x ch28 1/24/03 2:55 PM Page 626 . subscribers, and archived newsletters; uploading newsletters that have been created offline; and sending mail with attachments. Setting Up a Database of Lists and Subscribers We will track the username and. look some- thing up.An archive can also act as a marketing tool for the newsletter as potential sub- scribers can see what the newsletters are like. Setting up this database in MySQL and an interface. attachments, and can also be used to attach any images that are contained in the HTML file. Installation instructions for this package are included in Appendix A,“Installing PHP and MySQL, ” under