Security Considerations This survey system by default does not offer any control on who can run the survey applications. However, that does not mean you cannot easily change the authoriza- tion process in each application to fit your security needs. For example, say you would like to limit access to survey_form_mngr.php, survey_exec_mngr.php, survey_list_mngr.php, and survey_mngr.php to a limited set of IP addresses. In such case you would need to replace the given authorize() method (shown below) to handle IP restrictions. function authorize() { return TRUE; } For example, say that you want to control access to this application such that only 192.168.1.1 to 192.168.1.5 IP addresses are allowed to run them. In such case you can change the authorization method to be: function authorize() { $safeIPs = array(‘192.168.1.1’, ‘192.168.1.2’, ‘192.168.1.3’, ‘192.168.1.4’, ‘192.168.1.5’); return (in_array($_SERVER[‘REMOTE_ADDR’], $safeIPs,) ? TRUE: FALSE; } By replacing the default authorize() method in these applications with the new one, you have customized the applications with your site’s security needs. Summary In this chapter you learned to design an email based survey system that sends HTML forms to target email lists and collects responses in the database. This creates an effective tool for small- to medium-scale surveys that can be done quickly and quite easily via the Web interface. 506 Part III: Developing E-mail Solutions 18 549669 ch14.qxd 4/4/03 9:26 AM Page 506 Chapter 15 E-campaign System IN THIS CHAPTER ◆ Architecting an e-campaign system ◆ Designing e-campaign classes ◆ Creating a list manager application ◆ Creating a URL manager application ◆ Creating a message manager application ◆ Creating a campaign manager application ◆ Creating a URL tracking and redirection application ◆ Creating a unsubscription tracking application ◆ Creating a campaign reporting application WHEN COMMUNICATING WITH LARGE groups of professionals, friends, or customers, e-mail is a very effective medium. E-mail campaigns are frequently used to com- municate with groups of people. An company can remain in close contacts with its customers via e-mail by frequently engaging the customer in providing electronic feedback, informing the customer about new products and services, and providing valuable complementary and socially responsible information. A company that interacts with its existing customer base using e-mail can reduce marketing cost by effectively turning existing customers into repeat customers. To achieve such goals, a company needs an effective e-mail campaign (e-campaign) tool. In this chapter, I discuss the features, design, and implementation of such a tool. First, let’s look at the feature set for an effective e-campaign system. Features of an E-campaign System An effective e-campaign system allows a company to communicate with groups of customers with ease. It must have the following features: ◆ Live database list management: Allows the company to create mailing lists from existing customer databases. The list management capability should be such that the customer database need not be copied or exported 507 19 549669 ch15.qxd 4/4/03 9:26 AM Page 507 into external files or other databases before use. This is very important because a customer database is typically the repository of other business- specific applications, which are responsible for adding, modifying, and removing customers. If the e-campaign system requires that customer data be exported, then there is always the issue of being out of sync with the customer database over time and, therefore, it would create a great deal of work for the database administrator. This is why an ideal e-campaign system directly accesses a live customer database in a read-only manner to retrieve customer information needed for e-mail campaigns. This ensures that the ever-growing customer database is always used in future campaigns. ◆ Effective message management: Messages must be personalized and rich in content formatting. Because HTML messages are most appealing when the appropriate amount of care is used in designing the look and feel of the message, the e-campaign tool must support HTML messages. Each message must be trackable. ◆ Personalization: Each message should be personalized using customer data available in a customer database located anyone within the company. ◆ Easy campaign execution: E-campaign execution should be so simple that it doesn’t require programming or the help of the IS department. Marketing personnel can execute e-campaigns via a Web interface. ◆ Duplication-free campaigns: Each campaign must be automatically free from duplicate e-mails. When sending an e-campaign to customers, it’s vital that the same customer is never sent the same message more then once in the same campaign. If a customer exists in a database multiple times because she bought two or more products, she should not receive the same message multiple times. Customers will get extremely disappointed or annoyed if their mailboxes are flooded with the same message from the same campaign. They’re likely to consider the company unprofessional and take their business to a competitor. Therefore, it is essential that an e-campaign system never sends duplicate e-mails for any campaign. ◆ Automatic unsubscription filtering: An e-campaign system must auto- matically filter out the previously unsubscribed recipients before sending a new campaign to the same list. This is not only vital for maintaining responsible, professional business image for a company but also likely to be a legal requirement in many parts of the world. ◆ Click-through and unsubscription tracking: A good e-campaign system must be able to track click-through and unsubscription requests. Such tracking ability is the most important aspect of the e-campaign system. Being able to track the click-through can be very important in under- standing customer interests. Tracking unsubscription requests is a must, 508 Part III: Developing E-mail Solutions 19 549669 ch15.qxd 4/4/03 9:26 AM Page 508 because if someone does not want to receive the type of campaign you’re sending to her, it’s important to remove her from future campaigns of a similar type. In many parts of the world, unsubscription tracking is a legal requirement of e-mail communication. ◆ Easy report generation: A good e-campaign system must produce a report of each campaign such that the company personnel can access it quickly and without needing programming or database expertise. Architecting an E-campaign System Figure 15-1 shows the system diagram of the e-campaign system that you will develop in this chapter. Figure 15-1: A system diagram of an e-campaign system. The system has two types of users: the e-campaign administrator and e-mail recipients who are the customers. An e-campaign administrator can manage lists, URLs, messages, campaigns, and reports. The end-user receives campaign-executed campaign messages and interacts by clicking on trackable URLs or unsubscribing from future campaigns via unsubscription links. To implement these functionalities the system requires a set of objects: list, URLs, messages, campaigns, URL tracks, unsubscription tracks, and reports. These objects are stored in a system database with the exception that list data is stored in existing databases within the company. E-Campaign Administrator Email Recipient (Customer) List Manager URL Manager Campaign Manager Message Manager Report Manager List Message URL Campaign Report URL Tracker Unsubscription Track Execution Manager URL Tracker Unsubscription Tracker Any Customer Database E-campaign Database Chapter 15: E-campaign System 509 19 549669 ch15.qxd 4/4/03 9:26 AM Page 509 For example, a company with this e-campaign system can have its customer databases in multiple database hosts and e-campaign system on a different database server. In such a case, the list objects point to data stored in customer databases in other database hosts throughout the company. This is a very powerful feature because customer data need to be exported and loaded in the e-campaign system via any manual or scheduled synchronization glue logic. When the customer executes a campaign, the appropriate customer data is tem- porarily copied to the e-campaign system and removed after the execution. During the execution, each message is personalized if the standard tag fields shown in Table 15-1 are mapped to data fields in the customer table. TABLE 15-1 STANDARD PERSONALIZATION TAG FIELDS Standard Personalization Tag Field Meaning {REC_ID} Record ID. This is a required field, which should be mapped to the numeric record ID field in the customer database. {FIRST} First name. This field should be mapped to the first name field in the customer database (if any). {LAST} Last name. This field should be mapped to the last name field in the customer database (if any). {AGE} Age. This field should be mapped to the age field in the customer database (if any). {INCOME} Income. This field should be mapped to the income field in the customer database (if any). {SEX} Gender. This field should be mapped to the gender (sex) field in the customer database (if any). Also during the execution, each trackable URL tag within a message is replaced with a redirection link that can track and redirect the user via the URL tracking and redirection application. The unsubscription tag, {UNSUB}, is replaced with an unsub- scription link. When the end-user clicks on a URL, she is tracked and redirected. The tracking data is stored in the e-campaign database. Similarly, if she unsubscribes, the request is stored in the e-campaign database for future exclusion of her e-mail from a list in any campaign. 510 Part III: Developing E-mail Solutions 19 549669 ch15.qxd 4/4/03 9:26 AM Page 510 . example, say you would like to limit access to survey_form_mngr .php, survey_exec_mngr .php, survey_list_mngr .php, and survey_mngr .php to a limited set of IP addresses. In such case you would need