FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


PHP/MySql subscribe/unsubcribe system





mringuk
Hi all,

My Subscribe/Unsubscribe system works fine now but I've one problem that I'm trying to address.

I would like the final unsubscribe_confirm.php to e-mail the webmaster with the e-mail address for his information. Below is part of my present script.

$db_link=mysql_pconnect ($db_server,$db_username,$db_password);
mysql_select_db($db_name);

$rs = mysql_query("DELETE FROM subscribers WHERE subscriber_id = ".$_REQUEST['subscriber_id']." AND unsubscribe_id = ".$_REQUEST['unsubscribe_id']);

echo "You've been unsubscribed. We are sorry to see you go";

$subject = "Un-Subscribe";

$headers = "From: " . $_POST["name_family"] . "<" . $_POST["email"] .">\r\n";

$headers .= "Reply-To: " . $_POST["eE-mail"] . "\r\n";

$headers .= "Return-path: " . $_POST["email"];

$sendTo = 'webmaster@domain.com';

$message = "The following e-mail has Un-Subscribed from the 'Newsletter'" ;

mail($sendTo, $subject, $message, $headers);

?>



The Webmaster is getting the e-mail and message but how do I include the unscribing e-mail?


Any help will be appreciated - Mike
Hogwarts
You know, by submitting the id
Code:
0 OR 1=1;--

Somebody could unsubscribe every member of your website. That could be a problem Shocked

This looks to be a good tutorial on how to prevent that, although I haven't read it and may be wrong.

In addition, you shouldn't be using a persistent connection like this, it's a waste of resources and unnecessary Confused
Star Wars Fanatic
Hogwarts is quite right, that looks to be quite insecure.
And even along that note, someone could slowly go through and randomly put someones id in and unsubscribe everyone.

As for what you asked, pull the address out of the the database, and include that in the message.
Be sure to pull it out before you delete the row, though.
Related topics
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.