657 Implementing Administrative Functions Listing 28.14 store_list() Function from mlm_fns.php—This Function Inserts a New Mailing List into the Database function store_list($admin_user, $details) { if(!filled_out($details)) { echo 'All fields must be filled in. Try again.<br /><br />'; return false; } else { if(!check_admin_user($admin_user)) return false; // how did this function get called by somebody not logged in as admin? if(!db_connect()) { return false; } $query = "select count(*) from lists where listname = '" .$details['name']."'"; $result = mysql_query($query); if(mysql_result($result, 0, 0) > 0) { echo 'Sorry, there is already a list with this name.'; return false; } $query = "insert into lists values (NULL, '".$details['name']."', '".$details['blurb']."')"; $result = mysql_query($query); return $result; } } This function performs a few validation checks before writing to the database: It checks that all the details were supplied, that the current user is an administrator, and that the list name is unique. If all goes well the list is added to the lists table in the database. Uploading a New Newsletter Finally we come to the main thrust of this application: uploading and sending newslet- ters to mailing lists. 34 525x ch28 1/24/03 2:55 PM Page 657 658 Chapter 28 Building a Mailing List Manager When an administrator clicks on the Create Mail button, it activates the create-mail action, as follows: case 'create-mail' : { display_mail_form(get_email()); break; } The administrator will see the form shown in Figure 28.12. Figure 28.12 The Create Mail option gives the administrator an interface for uploading newsletter files. Remember that for this application we are assuming that the administrator has created a newsletter offline in both HTML and text formats and will upload both versions before sending.We chose to implement it this way so that administrators can use their favorite software to create the newsletters.This makes the application more accessible. You can see that this form has a number of fields for an administrator to fill out. At the top is a drop-down box of mailing lists to choose from.The administrator must also fill in a subject for the newsletter—this is the Subject line for the eventual email. All the other form fields are file upload fields, which you can see from the Browse buttons next to them. In order to send a newsletter, an administrator must list both the text and HTML versions of this newsletter (although obviously you could change this to suit your needs).There are also a number of optional image fields where an administrator 34 525x ch28 1/24/03 2:55 PM Page 658 659 Implementing Administrative Functions can upload any images that she has embedded in her HTML. Each of these files must be specified and uploaded separately. The form you see is similar to a regular file upload form except that, in this case, we are using it to upload multiple files.This necessitates some minor differences in the form syntax, and in the way we deal with the uploaded files at the other end. The code for the display_mail_form() function is shown in Listing 28.15. Listing 28.15 display_mail_form() Function from output_fns.php—This Function Displays the File Upload Form function display_mail_form($email, $listid=0) { // display html form for uploading a new message global $table_width; $list = get_all_lists(); $lists = sizeof($list); ?> <table cellpadding="4" cellspacing="0" border="0" width="<?php echo $table_width?>"> <form enctype='multipart/form-data' action='upload.php' method='post'> <tr> <td bgcolor="#cccccc"> List: </td> <td bgcolor="#cccccc"> <select name="list"> <?php for($i = 0; $i<$lists; $i++) { echo '<option value = '.$list[$i][0]; if ($listid== $list[$i][0]) echo ' selected'; echo '>'.$list[$i][1]."</option>\n"; } ?> </select> </td> </tr> <tr> <td bgcolor="#cccccc"> Subject: </td> <td bgcolor="#cccccc"> <input type="text" name="subject" value="<?php echo $subject?>" size = 60 ></td> </tr> <tr><td bgcolor="#cccccc"> 34 525x ch28 1/24/03 2:55 PM Page 659 660 Chapter 28 Building a Mailing List Manager Text Version: </td><td bgcolor="#cccccc"> <input type=file name='userfile[0]' size = 60> </td></tr> <tr><td bgcolor="#cccccc"> HTML Version: </td><td bgcolor="#cccccc"> <input type=file name='userfile[1]' size = 60> </td></tr> <tr><td bgcolor="#cccccc" colspan="2">Images: (optional) <?php $max_images = 10; for($i = 0; $i<10; $i++) { echo "<tr><td bgcolor='#cccccc'>Image ". ($i+1) .' </td>'; echo "<td bgcolor='#cccccc'>"; echo "<input type='file' name='userfile[".($i+2)."]' size='60'></td></tr>"; } ?> <tr><td colspan="2" bgcolor="#cccccc" align="center"> <input type="hidden" name="max_images" value="<?php echo $max_images?>"> <input type="hidden" name="listid" value="<?php echo $listid?>"> <?php display_form_button('upload-files'); ?> </td> </form> </tr> </table> <?php } The thing to note here is that the files we want to upload will have their names entered in a series of inputs, each of type file, and with names that range from userfile[0] to userfile[n]. In essence, we are treating these form fields in the same way that we would treat check boxes, and naming them using an array convention. If you want to upload multiple files through a PHP script, you need to follow this convention. In the script that processes this form, we will actually end up with three arrays. Let’s look at that script. Handling Multiple File Upload You might remember that we put the file upload code in a separate file.The complete listing of that file, upload.php, is shown in Listing 28.16. Listing 28.15 Continued 34 525x ch28 1/24/03 2:55 PM Page 660 661 Implementing Administrative Functions Listing 28.16 upload.php—This Script Uploads All the Files Needed for a Newsletter <?php // this functionality is in a separate file to allow us to be // more paranoid with it // if anything goes wrong, we will exit $max_size = 50000; include ('include_fns.php'); session_start(); // only admin users can upload files if(!check_admin_user()) { echo 'You do not seem to be authorized to use this page.'; exit; } // set up the admin toolbar buttons $buttons = array(); $buttons[0] = 'change-password'; $buttons[1] = 'create-list'; $buttons[2] = 'create-mail'; $buttons[3] = 'view-mail'; $buttons[4] = 'log-out'; $buttons[5] = 'show-all-lists'; $buttons[6] = 'show-my-lists'; $buttons[7] = 'show-other-lists'; do_html_header('Pyramid-MLM - Upload Files'); display_toolbar($buttons); // check that the page is being called with the required data if(!$HTTP_POST_FILES['userfile']['name'][0] ||!$HTTP_POST_FILES['userfile']['name'][1] ||!$HTTP_POST_VARS['subject']||!$HTTP_POST_VARS['list']) { echo 'Problem: You did not fill out the form fully. The images are the only optional fields. Each message needs a subject, text version and an HTML version.'; do_html_footer(); exit; } 34 525x ch28 1/24/03 2:55 PM Page 661 . 'log-out'; $buttons[5] = 'show-all-lists'; $buttons[6] = 'show-my-lists'; $buttons[7] = 'show-other-lists'; do_html_header('Pyramid-MLM - Upload Files'); display_toolbar($buttons); //. array(); $buttons[0] = 'change-password'; $buttons[1] = 'create-list'; $buttons[2] = 'create-mail'; $buttons[3] = 'view-mail'; $buttons[4] = 'log-out'; $buttons[5]. value="< ?php echo $max_images?>"> <input type="hidden" name="listid" value="< ?php echo $listid?>"> < ?php display_form_button('upload-files');