User Profile Page!

[DW]

I created this code for a client who paid me for custom work and he agreed I could share it with my other clients once finished (lucky you!).  The main reason a "profile" page is not yet a ListMail feature is that it is very difficult to provide a large amount of customizability (ie. SELECT instead of INPUT form fields) and have it automatically load ListMail database data.

To use this script, save the following code to a file named profile.php and upload it to your ListMail folder.

Create a message code named !uid of the type "Unique UID" to use in your messages

Place the following link in your messages, replacing "yoursite" and "yourmail" with your domain and ListMail path:

http://yoursite.com/yourmail/profile.php?u=!uid

Updated: October 18 2007

Code: [Select]

<?php
// USER PROFILE SCRIPT
// (c) 2007 Dean Wiebe / ListMail
//
// Usage:
// profile.php?u=example&e=email@example.com (with require_email set to true)
// or profile.php?u=example (with require_email set to false - default)

// to move profile.php out of the mail directory, set the variable below to point
// to your ListMail folder relative to the working folder, with a trailing slash:
// example: $lmp = 'mail/';
// default is the current directory, as already set
$lmp = './';

// load ListMail config
include($lmp.'config.php');
include($lmp.'admin.php');

// SCRIPT OPTIONS
$list_select = true; // provide user option to unsubscribe
$require_email = false; // also require email? (added security)
$page_title = getdomain().' Mailing List Information'; // optional page title

// MySQL connection done automatically with admin.php

// input handling
if(get_magic_quotes_gpc()==1){ $e = stripslashes($e); $u = stripslashes($u); $email = stripslashes($email); $fname = stripslashes($fname); $lname = stripslashes($lname); $user1 = stripslashes($user1); $user2 = stripslashes($user2); $user3 = stripslashes($user3); $user4 = stripslashes($user4); $user5 = stripslashes($user5);  $user6 = stripslashes($user6); $user7 = stripslashes($user7); }

// VERIFY CREDENTIALS
if($u){ if($require_email && !$e) exit_error(1); }
else exit_error(0);
if($require_email && !valid_email($e)) exit_error(1);

// CHECK USER
$ucmd = "select email,fname,lname,user1,user2,user3,user4,user5,user6,user7 from $utable where uid = '$u'";
if($require_email) $ucmd .= " and email like '$e'";
if(@mysql_num_rows(mysql_query($ucmd))==0) exit_error(2);

// SAVE
if($save){
 if(!valid_email($email)) exit_error(4);
 $cmd = "update $utable set email = '".addslashes($email)."', fname = '".addslashes($fname)."', lname = '".addslashes($lname)."', user1 = '".addslashes($user1)."', user2 = '".addslashes($user2)."', user3 = '".addslashes($user3)."', user4 = '".addslashes($user4)."', user5 = '".addslashes($user5)."', user6 = '".addslashes($user6)."', user7 = '".addslashes($user7)."', user8 = '".addslashes($user8)."', user9 = '".addslashes($user9)."', user10 = '".addslashes($user10)."' where uid = '$u'";
 if(mysql_query($cmd)) $status_msg = 'Changes saved.'; else exit_error(3);
 // update list subscriptions
 if($list_select){
  $rows=mysql_query("select list from $utable where email like '$email';");
  while(list($list)=mysql_fetch_row($rows)){
   if(is_array($lists) && in_array($list,$lists)){
    //echo "keep list $list";
   } else {
    // remove
    mysql_query("update $utable set cnf = '2' where email like '$email' and list = '$list' and cnf = '1';") or die(mysql_error());
   }
  }
 }
}

// LOAD USER
$urow = mysql_query("select email,fname,lname,user1,user2,user3,user4,user5,user6,user7,user8,user9,user10 from $utable where uid = '$u'");
list($email,$fname,$lname,$user1,$user2,$user3,$user4,$user5,$user6,$user7,$user8,$user9,$user10)=@mysql_fetch_row($urow);

// MAIN PAGE
?>
<html>
<head>
<title>User Profile</title>
<style type=text/css rel=stylesheet><!--
h1 { font: bold 12pt verdana; margin:0; margin:3px 0; } /* page title */
h2 { font: bold 10pt verdana; margin:0; margin:3px 0; } /* section title */
body,td { font: 9pt verdana; } /* default */
.input_text { font: 9pt verdana; }
.button { font: bold 9pt verdana; color: #222222; cursor: hand; margin-top: 3px; } /* Save button */
.status_text { font: 9pt verdana; color: blue; background:#eeeeee; } /* status */
.pr { padding-right:5px; }
form { margin:0; padding:0; }
--></style>
</head>
<body>
<?php
if($page_title) echo "<h1>$page_title</h1>\n";
if($status_msg) echo "<div class=status_text>$status_msg</div>\n";
?>
<h2>User Profile</h2>
<form method=post action="<?php echo $PHP_SELF ?>">
<table border=0 cellpadding=0 cellspacing=0>
   <tr>
      <td align=right class=pr>First Name<br></td>
      <td><input type=text name=fname class=input_text value="<?php echo htmlspecialchars($fname) ?>" size=20><br></td>
   </tr>
   <tr>
      <td align=right class=pr>Last Name<br></td>
      <td><input type=text name=lname class=input_text value="<?php echo htmlspecialchars($lname) ?>" size=20><br></td>
   </tr>
   <tr>
      <td align=right class=pr>Email Address<br></td>
      <td><input type=text name=email class=input_text value="<?php echo htmlspecialchars($email) ?>" size=40><br></td>
   </tr>
<!--   <tr>
      <td align=right>Address 1<br></td>
      <td><input type=text name=user1 class=input_text value="<?php echo htmlspecialchars($user1) ?>"><br></td>
   </tr>
   <tr>
      <td align=right>Address 2<br></td>
      <td><input type=text name=user2 class=input_text value="<?php echo htmlspecialchars($user2) ?>"><br></td>
   </tr>
   <tr>
      <td align=right>Town/City<br></td>
      <td><input type=text name=user3 class=input_text value="<?php echo htmlspecialchars($user3) ?>"><br></td>
   </tr>
   <tr>
      <td align=right>County/State<br></td>
      <td><input type=text name=user4 class=input_text value="<?php echo htmlspecialchars($user4) ?>"><br></td>
   </tr>
   <tr>
      <td align=right>Postal/Zip Code<br></td>
      <td><input type=text name=user5 class=input_text value="<?php echo htmlspecialchars($user5) ?>"><br></td>
   </tr>
   <tr>
      <td align=right>Country<br></td>
      <td><input type=text name=user6 class=input_text value="<?php echo htmlspecialchars($user6) ?>"><br></td>
   </tr>
   <tr>
      <td align=right>Mobile Phone #<br></td>
      <td><input type=text name=user7 class=input_text value="<?php echo htmlspecialchars($user7) ?>"><br></td>
   </tr> -->
</table>
<?php
if($list_select){
 echo "<h2>List Subscriptions</h2>\n";
 // get all lists for this user
 $rows=mysql_query("select list from $utable where email like '$email' and cnf = '1';");
 if(@mysql_num_rows($rows)>0){
  while(list($list)=mysql_fetch_row($rows)){
   list($title)=@mysql_fetch_row(mysql_query("select title from $ltable where listnum = '$list';"));
   echo "<input name=lists[] type=checkbox value=$list onclick=\"if(!this.checked){ if(!confirm('After saving you will not be given the option to rejoin this list.')){ this.checked=true; } }\" checked> $title<br>";
  }
 } else {
  echo "You are not subscribed to any lists and should not receive any more email.<br>";
 }
}
?>
<input type=hidden name=u value="<?php echo htmlspecialchars($u) ?>">
<input type=hidden name=e value="<?php echo htmlspecialchars($e) ?>">
<input type=hidden name=save value=1>
<input class=button type=submit value="Save Changes"><br></body>
</html>
<?php

function exit_error($m){
   if($m==0) $msg = 'UID required';
   if($m==1) $msg = 'Valid email required';
   if($m==2) $msg = 'User not found';
   if($m==3) $msg = 'Database error - could not update user';
   if($m==4) $msg = 'You entered an invalid email address. Please go "Back" and try again';
   echo "Error: $msg<br>";
   exit;
}
?>

[BGSWebDesign]

Hi DW,

Thanks a million, and to your client     this is great...

page is not yet a ListMail feature is that it is very difficult to provide a large amount of customizability (ie. SELECT instead of INPUT form fields) and have it automatically load ListMail database data.

What you'll probably need to do is create a 'database dictionary', that lists the field types in the database, and any new added Custom Field types...  really, you could build this in to the calls, and it's not fully necessary.

Then what you do is create a universal Javascript Form Validator that includes valid checks for ALL the field types, (N)umeric, (D)ate, (C)haracter or (S)tring, etc, etc...  you could even have them for (M)onth, T(date), and (Y)ear... the validation code is included in the Profile page with a javascript include, then the call to the validate(fieldname, fieldtype, maxfieldlength) etc.. add parameters as needed.  The function validates the call and returns .t. if ok, and .f. otherwise, that way the function can be called from the form Submit (onSubmit), if it's false, it bombs and presents error message for that field type, if not it passes true...

Good luck, let us know if you come up with a Universal Form Validation script, you can probably find good examples all over the internet to get you started.

[DW]

I hope to implement this as a feature very soon.  Here's a stylized version of the profile script:

Code: [Select]

<?php
// USER PROFILE SCRIPT
// (c) 2005 Dean Wiebe / ListMail
//
// Usage:
// profile.php?u=example&e=email@example.com (with require_email set to true)
// or profile.php?u=example (with require_email set to false - default)

// to move profile.php out of the mail directory, set the variable below to point
// to your ListMail folder relative to the working folder, with a trailing slash:
// example: $lmp = 'mail/';
// default is the current directory, as already set
$lmp = './';

// load ListMail config
include($lmp.'config.php');
include($lmp.'admin.php');

// MySQL connection done automatically with admin.php

// load profile from uid (and email, if desired) with variables u and e

if(get_magic_quotes_gpc()==0){
$e = addslashes($e);
$u = addslashes($u);
$email = addslashes($email);
$fname = addslashes($fname);
$lname = addslashes($lname);
$user1 = addslashes($user1);
$user2 = addslashes($user2);
$user3 = addslashes($user3);
$user4 = addslashes($user4);
$user5 = addslashes($user5);
$user6 = addslashes($user6);
$user7 = addslashes($user7);
}

// also require email? (added security)
// $require_email = true;
$require_email = false;


// VERIFY CREDENTIALS
if($u){
if($require_email && !$e) exit_error(1);
} else exit_error(1);

if($require_email && !valid_email($e)) exit_error(4);

// CHECK USER
$ucmd = "select email,fname,lname,user1,user2,user3,user4,user5,user6,user7 from $utable where uid = '$u'";
if($require_email) $ucmd .= " and email like '$e'";
// echo "ucmd=$ucmd<br>";
$urow = mysql_query($ucmd);
if(@mysql_num_rows($urow)>0){
if(!$save) list($email,$fname,$lname,$user1,$user2,$user3,$user4,$user5,$user6,$user7) = mysql_fetch_row($urow);
} else {
if(!$save) exit_error(2);
}

// SAVE
if($save){
if(!valid_email($email)) exit_error(4);
$cmd = "update $utable set email = '$email', fname = '$fname', lname = '$lname', user1 = '$user1', user2 = '$user2', user3 = '$user3', user4 = '$user4', user5 = '$user5', user6 = '$user6', user7 = '$user7' where uid = '$u'";
if($require_email) $cmd .= " and email like '$e'";
// echo "cmd=$cmd<br>";
if(mysql_query($cmd)){
$status_msg = 'User updated!';
$email = stripslashes($email);
$fname = stripslashes($fname);
$lname = stripslashes($lname);
$user1 = stripslashes($user1);
$user2 = stripslashes($user2);
$user3 = stripslashes($user3);
$user4 = stripslashes($user4);
$user5 = stripslashes($user5);
$user6 = stripslashes($user6);
$user7 = stripslashes($user7);
}
else exit_error(3);
}

// EDIT PAGE
echo "<html>
<head>
<title>User Profile</title>
<style type=text/css rel=stylesheet><!--
h1 { font: 14pt verdana; margin-bottom: 3px; }
td { font: 9pt verdana; }
.input_text { font: 9pt verdana; border: 1px solid #00000; }
.button { font: bold 9pt verdana; color: #222222; cursor: hand; margin-top: 2px; }
.status_text { font: 8pt verdana; color: blue; margin-top: 3px; }
--></style>
</head>
<body>
<h1>User Profile</h1>
<form method=post action=$PHP_SELF>
<table border=0 cellpadding=0 cellspacing=3>
<tr>
<td align=right>First Name<br></td>
<td><input type=text name=fname class=input_text value=\"".htmlspecialchars($fname)."\"><br></td>
</tr>
<tr>
<td align=right>Last Name<br></td>
<td><input type=text name=lname class=input_text value=\"".htmlspecialchars($lname)."\"><br></td>
</tr>
<tr>
<td align=right>Email Address<br></td>
<td><input type=text name=email class=input_text value=\"".htmlspecialchars($email)."\"><br></td>
</tr>
<tr>
<td align=right>Address 1<br></td>
<td><input type=text name=user1 class=input_text value=\"".htmlspecialchars($user1)."\"><br></td>
</tr>
<tr>
<td align=right>Address 2<br></td>
<td><input type=text name=user2 class=input_text value=\"".htmlspecialchars($user2)."\"><br></td>
</tr>
<tr>
<td align=right>Town/City<br></td>
<td><input type=text name=user3 class=input_text value=\"".htmlspecialchars($user3)."\"><br></td>
</tr>
<tr>
<td align=right>County/State<br></td>
<td><input type=text name=user4 class=input_text value=\"".htmlspecialchars($user4)."\"><br></td>
</tr>
<tr>
<td align=right>Postal/Zip Code<br></td>
<td><input type=text name=user5 class=input_text value=\"".htmlspecialchars($user5)."\"><br></td>
</tr>
<tr>
<td align=right>Country<br></td>
<td><input type=text name=user6 class=input_text value=\"".htmlspecialchars($user6)."\"><br></td>
</tr>
<tr>
<td align=right>Mobile Phone #<br></td>
<td><input type=text name=user7 class=input_text value=\"".htmlspecialchars($user7)."\"><br></td>
</tr>
<tr>
<td colspan=2 align=center>
<input type=hidden name=u value=\"".htmlspecialchars($u)."\">
<input type=hidden name=e value=\"".htmlspecialchars($e)."\">
<input type=hidden name=save value=1>
<input class=button type=submit value=\"Submit Changes\"><br>
</td>
</tr>
</table>\n";
if($status_msg) echo "<div class=status_text>$status_msg</div>";
echo "</body>
</html>";

function exit_error($m){
if($m==1) $msg = 'missing data';
if($m==2) $msg = 'user not found';
if($m==3) $msg = 'database error - could not update user';
if($m==4) $msg = 'invalid email address';
echo "error: $msg<br>";
exit;
}
?>

[BGSWebDesign]

Hi DW,

This looks great, but I don't see any javascript validation methods?  I see accepting text chars, etc, using classes.   I think the real power will come when you can provide javascript validation methods so that each of these entry fields is validated by type of field, for example I need people to enter date information and having that validated automatically would be great  

Let us know how it's progressing, I can't wait to see the new features...

[DW]

I am hesitant to use JavaScript validation as it can be defeated easily.  For example, someone could simply set up a form to post to your script to submit unexpected data.  The best validation would be at the server side.  I will have to incorporate this directly into the Custom Fields feature changes, where you will be able to define field types and even choices.  I suppose I will need to work the validation routines and error messages right into this page and should probably provide the ability to change the routine for first name, last name, email, etc. While I'm at it, I should also make custom fields unlimited. :-)  Instead of changing the user database table, breaking everyone's custom scripts, I could deprecate the user1 thru user10 fields and remove them later on with fair warning.

Tricky, tricky... but cool.

Let's try to move this over to this thread.

Regards

[BGSWebDesign]

Hi DW,

While this is great, I do NOT see the option of displaying the LISTS that this User belongs to?

With many lists (I have over 30), it's going to be important for the user to see which lists they are on, and let them personally edit the list (checkbox) to remove/add themselves from the ENTIRE set of lists that I define are VIEWABLE for the User Profile page...  that way the user can have full control over the lists they are included in.

Will you put this option in the new upgrade?

[val]

DW,

Please forgive this incredibly stupid question (it's even worse when you have to ask for forgiveness BEFORE you commit the offense!) but...

does profile.php allow my List Members to manage their own profile?

[DW]

Hi Val,

Not to worry - I welcome any and all questions and am slow-to-anger.

Basically the script enables you to allow your subscribers to update their own information.  This can include their name, email address, and any custom fields.  Currently the script is not set up to allow the user to manage their different list subscriptions.

Please let me know if I can be of further assistance!

Regards

[val]

Thank You!  This is exactly what I needed.

[terriz]

Would it be possible to put in radio buttons or a pull-down so users can change from html to text or vice versa??

Thanks,
Terri Z

[val]

I tried adding this option to my profile.php and while it "looks" like it works, when I view the User Details in ListMail, it never changes from HTML + text when I try to select text only.

All other fields are updatable.

Code: [Select]

  <tr>
      <td align=right>Type of Email to receive<br></td>
      <td><input type=radio name=htmail value=html>Photos of Food Gift Baskets<br>
      <br><input type=radio name=htmail value=text>Text only.  No images.<br></td>
   </tr>        
   

[DW]

I have modified the code to include the HTML or Text-only options.  I haven't tested it though, so please let me know if it doesn't work.

Regards

[val]

DW,

Thank you!

That was what I needed.  Here are the two changes I had to make on my end to get this to work:

1.  I coudn't get the value of any changes to the html/text prefernce radio button until I added this line

Code: [Select]

       $htmail = ($htmail);     to the bottom of this:

Code: [Select]


 if(mysql_query($cmd)){
      $status_msg = 'Thank You! Your contact information has been updated.';
      $email = stripslashes($email);
      $fname = stripslashes($fname);
      $lname = stripslashes($lname);
      $user1 = stripslashes($user1);
      $user2 = stripslashes($user2);
      $user3 = stripslashes($user3);
      $user4 = stripslashes($user4);
      $user5 = stripslashes($user5);
      $user6 = stripslashes($user6);
      $user7 = stripslashes($user7);
      $htmail = ($htmail);      
   }



2.  Rude errors were generated by this

Code: [Select]

if($htmail=='1') $htsel = ' selected'; else $htsel = '';
else $tosel = ' selected'; else $tosel = '';


so I changed it to this:

Code: [Select]

if ($htmail=='1') {  //  user has chosen html mail
    $htsel = ' checked';
    $tosel = '';
  }
   else {  //  user prefers text only
      $htsel = '';
      $tosel = ' checked';
}


Hope this helps!

[BGSWebDesign]

Hi DW, Val

Could you please provide the additional code - something is missing as I don't have ANY lines about setting HTML/Text only in the script above.  A search through that code does not show any $htmail variables previously, I don't know offhand where to stick it, and don't feel like looking for it, or playing with it when you already have it working.

Can either of you please update code DW, or provide the lines of code Val where this appears?

[val]

Webshaman,

It's there.

There are several places that are modified from the previous code, but the mods are simple (insert an $htmail variable plus the few changes above).

For example, under

Code: [Select]

// CHECK USER you'll need to insert  htmail...

This code, near the bottom, is the very last option the user has:

Code: [Select]

<input type=radio name=htmail value=html$htsel> HTML+Text <input type=radio name=htmail value=text$tosel> Text-only<br>

If I had kept my previous code, I would be able to outline step-by-step for you, but I deleted that file.  (sorry!)