phplist forums

Posted: **6:40pm, Tue 26 Jul, 2005**

I would like to be able to set up something to control phplist, preferably through a simple HTTP command. This shouldn't be too hard to to but I can't see that anyone has done it. So I have done a first pass at this (included below) and fully documented it.

The name of the script is LCsub.php and it will be used to remotely subscribe a user to a list. LC stands for "list control". If we can get this to work, it will be trivial to implement LCunsub.php.

I used PHP a lot a year ago, and I am not going to be able to get this working on my own. But I am sure many others could finish this. The script (see below) attempts to login and pass parameters to PHPlist in the background. There may be a simpler approach, but I did not want to directly manipulate the database because then the script might break when the DB is upgraded. Also, it might be necessary to pass parameters to phplist using a 'post' command and it might be necessary to establish a session, things that I don't yet know how to do.

Can anyone help? I designed this for version 2.94; if we can get this working it could be developed into an API for phplist.

-rich

Code: Select all: <?php /* LCsub.php -- remote List Control via HTTP, subscribe function First draft by Rich Cowan, 7/26/05 I haven't used PHP in a while so this will need some debugging to get it working. THE CONCEPT: You have a PHPlist installation. You would like to be able to issue a simple HTTP command to subscribe or unsubscribe someone from a list. To do this, you will need two php files: LCsub.php -- will subscribe a user LCunsub.php -- will unsubscribe a user Below is just the code for LCsub. USAGE: (we assuming list #1, master password is "plist") Command: http://mydomain.com/lists/LCsub.php?pwd=plist&email=johndoe%40aol.com Result: This will subscribe John Doe to the default email list, the list with an id of 1; note that the '@' sign has been replaced here by %40 which is needed by most web servers. Command: http://mydomain.com/lists/LCsub.php?pwd=plist&email=johndoe%40aol.com&lid=2&first=John&last=Doe&state=TX Result: This will subscribe John Doe to email list #2, and also add user data for him, namely John's first name, last name, and state, which must be set up as phplist attributes for List #2. We assume (for now) that John is not an existing user. INSTALLATION AND CONFIGURATION: Just copy this script to the home directory of phplist, the lists folder. To make it executable (on Linux), do a 'chmod 755 phplist' To configure, just replace the values below for settings with the location of your phplist installation, and a working admin password for this installation, the names of your attributes, and finally the default list ID to modify if the enduser does not supply a list ID. Questions? Feel free to email me, richcowan <at> gmail.com */ // GLOBAL VARIABLES var $u, $p, $domain, $lid; // configuration settings var $pwd, $email, $first, $last, $org, $state; //http parameters var $tmp; // temporary // CONFIGURATION SETTINGS. Set them up for your host $lid = 1; //lid is the default PHPlist List ID to use $domain = "mysite.com/lists" $u = "admin" $p = "phplist" $attr1 = "first" $attr2 = "last" $attr3 = "state" //THE CODE // 1) Retrieve the password parameter supplied in http request $pwd = _GET['pwd']; if ($pwd == 'masterpassword') { // make sure password matches // 2) if script password is correct, then retrieve other parameters $email = _GET['email']; $attr1 = _GET['$attr1']; $attr2 = _GET['$attr2']; $attr3 = _GET['$attr3']; $tmp = _GET['lid']; if ($tmp != "") {$lid = $tmp; } //user may override default list ID // 3) Now simulate login to phplist // Using a 'get' request, might need to be rewritten as a 'post' $tmp = fopen("http://www.phplist.com/lists/admin.php?login=$u?password=$p"); echo($tmp); //debug code, ok to remove // 4) Now we build the string for subscribing $tmp = "http://$domain/admin/?action=insert&doadd=yes&id=$lid"; $tmp += "&email=$email; if ($attr1 != "") { $tmp += "&attribute1=$attr1"; if ($attr2 != "") { $tmp += "&attribute2=$attr2"; if ($attr3 != "") { $tmp += "&attribute3=$attr3"; echo($tmp); //debug code, ok to remove // 5) Now we issue the subscribe command! $tmp = fopen($tmp); echo($tmp); //debug code, ok to remove } // end of if clause // close the php tag ?>

Posted: **1:42am, Wed 10 Aug, 2005**

I spent some time last week on implementing this:

1) I determined that it made sense to use the PHP CURL library to make the calls, in the background, to PHPlist.
2) I was able to get the script to accept a password and then do a login to phplist successfully
3) The problem is that PHP was not staying logged in, i.e. the script will need to somehow cache the phpsessionID or pass it as a hidden variable in order to take subsequent actions, like subscribing a user. Or getting CURL to access the cookie that is set by PHPlist.
4) Though you can login using an HTTP GET request, I am pretty sure that doing a subscription action will require that I use the HTTP POST feature of CURL.

I am looking for assistance and advice on how to move this further. One question is, should I:

a) make a new script that assumes that authentication of the PHPlist system is turned off -- and isstead we will just use the standard feature on our web host to protect the 'admin' folder within phplist. CURL is able to pass the username/password... and it will be easier if we don't have to worry about login to phplist.

b) figure out a way to implement the system using phplist's authentication.

Which is better?

-rich

p.s. I will post the new version of the code in a separate reply.

Posted: **1:43am, Wed 10 Aug, 2005**

Code: Select all: <?php /* LCsub.php -- remote List Control via HTTP, subscribe function Second draft by Rich Cowan, 8/8/05 This is much closer... THE CONCEPT: You have a PHPlist installation. You would like to be able to issue a simple HTTP command to subscribe or unsubscribe someone from a list. To do this, you will need two php files: LCsub.php -- will subscribe a user LCunsub.php -- will unsubscribe a user Below is just the code for LCsub. USAGE: (we assuming list #1, master password is "plist") Command: http://mydomain.com/lists/LCsub.php?pwd=plist&email=johndoe%40aol.com Result: This will subscribe John Doe to the email list; note that the '@' sign has been replaced here by %40 which is needed by most web servers. Command: http://mydomain.com/lists/LCsub.php?pwd=plist&email=johndoe@aol.com&first=John&last=Doe&state=TX Result: This will subscribe John Doe to the email list, but also add user data for him, namely John's first name, last name, and state, which must be set up as phplist attributes for List #2 INSTALLATION AND CONFIGURATION: Just copy this script to the home directory of phplist, the lists folder. To make it executable (on Linux), do a 'chmod 755 phplist' To configure, just replace the values below for settings with the location of your phplist installation, and a working admin password for this installation. Questions? Feel free to email me, richcowan <at> gmail.com */ // GLOBAL VARIABLES // CONFIGURATION SETTINGS. Set them up for your host $domain = "mysite.org/lists"; $u = "admin"; $p = "phplist"; $lid = 1; //lid is the default PHPlist List ID to use $masterpassword = "mymasterpassword"; // Attribute names that we are using $attr1 = "first"; $attr2 = "last"; $attr3 = "state"; //THE CODE // 1) Retrieve the password parameter supplied in http request $pwd = $_GET['pwd']; if ($pwd == $masterpassword) { // make sure password matches echo("Master Password was correct. "); //debug code, ok to remove // 2) if script password is correct, then retrieve other parameters $email = $_GET['email']; $attval1 = $_GET['$attr1']; $attval2 = $_GET['$attr2']; $attval3 = $_GET['$attr3']; $tmp = $_GET['lid']; if ($tmp != '') {$lid = $tmp; } //user may override default list ID if ($email == '') { echo('You must supply an email address'); return(0); } // 3) Now simulate login to phplist // Using a 'get' request; this seems to work using CURL $httpstring = "http://$domain/admin/?login=$u&password=$p"; $curl = curl_init($httpstring); echo("login URL was: $httpstring "); //debug code, ok to remove curl_setopt($curl, CURLOPT_URL, '$httpstring'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $tmp = curl_exec($curl); echo("result was: $tmp "); //debug code, ok to remove // 4) Now we build the string for subscribing //$httpstring = "http://$domain/admin/?page=members&login=$u&password=$p&name=$email&listid=$lid"; //$httpstring = "http://$domain/admin/?page=user&id=0&confirmed=1&subscribe[]=1&subscribe[]=2&email=$email"; $httpstring = "http://$domain/admin/?page=user&id=0&confirmed=1&subscribe%5B%5D=1&subscribe%5B%5D=2&email=$email"; //optionally add attributes avlues if ($attval1 != '') $httpstring .= "attr1=$attval1"; if ($attval2 != '') $httpstring .= "attr2=$attval2"; if ($attval3 != '') $httpstring .= "attr3=$attval3"; echo("action URL is: $httpstring "); //debug code, ok to remove // 5) Now we issue the subscribe command! curl_setopt($curl, CURLOPT_URL, $httpstring); // we are still logged in, we do not reinit curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); // might also went to set CURL to use HTTP post // but this is not working because we have to set the cookie for PHPsessionid $tmp = curl_exec($curl); echo("result was: $tmp "); //debug code, ok to remove //6) Clean up curl_close($curl); } // end of if clause else { echo("Password not supplied."); } // close the php tag ?>

Posted: **11:43pm, Wed 10 Aug, 2005**

Hi,
this is a very interesting script you are developing. And as I think many people in the forum are asking for such a feature to incorporate the subscription/unsubscrition as small HTML snippet into their pages. But there is still a problem from the developer side because they ask to include a link to www.phplist.com.

Although I think it might be sufficient to include it into the emails, so that all subscribers get the information about PHPlist. Perhaps you might ask michiel at mantis.tincan.co.uk.

You are asking if to develop the script for the level of admin access implemented in PHPlist or for a level which uses HTTP authentication. I am using HTTP authentication and got the impression that I was nearly the only one. With HTTP auth the import of addresses is impossible if the option 'import emails with different values for attributes' is used. A call to session_start() is missing (changed in 2.9.5). If PHPlist's auth is used this problem does not occur because the call to session_start() is done at another place before. I've found no hints about that import problem in the forum or at the bug system at mantis.tincan.co.uk. So I would recommend to develop for PHPlist's authentication.

Also I think that your approach is the best solution, because you may put it in a iframe or as HTML snippet in a page with other content as well as it is easily adjustable with version upgrades.

As I've took a brief look on the code it seems quite ready. And I think the GET method is ok. This allows about 1000 characters and that should be enough for a subscription.

Hope you will progress with these script,
Jochen

Posted: **12:16am, Thu 11 Aug, 2005**

jotazzu,
just so you understand, I am developing this script so that a desktop application (written in Visual Basic) will be able to control subscribing and unsubscribing to PHPlist.
We are dealing with small nonprofits that are processing requests through snail mail in some cases, and therefore it will be preferable to give the small nonprofits the ability to do a single click from their donor database, in which they have already entered the subscribers name and email address.

so using your approach, I will now need to figure out how to maintain PHP session information in CURL. any ideas?
-rich

Posted: **5:53pm, Wed 24 Aug, 2005**

Hello Octech,

I too am very interested in your script...have you had any luck progressing past the session persistance issue? Or do you have a new script to post up here?

Thanks!
Rums.

Posted: **12:18pm, Thu 25 Aug, 2005**

hi octech

that's a great idea, and I'm very interested in what you're doing. Once you feel your code is ready for general use, post an issue in mantis and it can be included in the development process of phplist.

Posted: **6:37pm, Sat 22 Oct, 2005**

hi Michiel --
I would be happy to do some more work on this code... however it kind of makes sense to check in with you first. In the meantime I am busy working on the next release of OrganizersDB (www.organizersdb.org) which I hope to integrate with PHPlist.

Also... are you thinking of attending the first UK conference of nonprofit technology "circuit riders" which I believe is in November in London?

My questions:

a) in the 2.10.x releases, are there any changes I should know about?
b) what are you future plans for modularization of the code?
c) would it be possible for you to add dates to the releases in your web site? It is kind of wierd looking at release notes or download links that have no mention of the date of release.

Thanks for your work on this!

-rich

Posted: **12:58pm, Mon 24 Oct, 2005**

octech wrote:hi Michiel --
I would be happy to do some more work on this code... however it kind of makes sense to check in with you first. In the meantime I am busy working on the next release of OrganizersDB (www.organizersdb.org) which I hope to integrate with PHPlist.

It's probably best to discuss these things on the developers list. http://tincan.co.uk/?lid=878

Also... are you thinking of attending the first UK conference of nonprofit technology "circuit riders" which I believe is in November in London?

I may be in London around that time, so who knows, I could. Do you have more details? URL?

My questions:

a) in the 2.10.x releases, are there any changes I should know about?

quite a lot has changed, unless you used the 2.9 versions in which case not that much.

b) what are you future plans for modularization of the code?

I would like to improve the plugin API stuff, but currently have no time for that.

c) would it be possible for you to add dates to the releases in your web site? It is kind of wierd looking at release notes or download links that have no mention of the date of release.

Good idea, I'll do that. You can also get dates from the download page. http://sourceforge.net/project/showfile ... p_id=91074

-rich[/quote]

Posted: **2:50am, Wed 26 Oct, 2005**

Michiel --
the conference is Nov. 7-8.
For more information, go to www.lasa.org.uk/crconference.
-rich

Posted: **3:09pm, Thu 27 Oct, 2005**

Could i usw the 2nd Script or won`t work it? I am very interrested in this both skripts too.

Good Look!

Posted: **1:20pm, Fri 04 Nov, 2005**

I will be busy with other programming projects for the next month or two, so I am hoping that someone else can take what I have started and finish it. It might be good to start a thread on the Developers list as Michiel suggested because then there will be more technical people reading who help get around any roadblocks.

-rich

Posted: **9:43am, Fri 16 Dec, 2005**

The ability to add a user directly to a list from your own form, via a pgp program, is just what I am looking for. At present I use aformmail.pgp which picks up the form data, checks it, produces error messages if needed and then sends me an email, the user an email and writes to a .csv file.
This all works pretty well and gives messages in the right place etc. All I need to complete my happiness is to write the information directly to the list. I and a lot of others it seems. Am new to phplist and am sure it will work very well for me.

My application is much the same as most, it collects first name, last name and email from a form on my webpage so I can send out newsletters.

Thanks for all the great contributions on the forum. Great work octech - is it usable? Will try it out.

Posted: **2:15pm, Fri 16 Dec, 2005**

Hey there -- the script is not yet finished. Using the script I was able to simulate an HTTP post command successfully and do part of the work needed to subscribe someone. But it did not work because I also need to save the php session ID and pass that parameter in just one or two successive POST commands.

It should still be possible to use the CURL library to do this.

This is my current understanding of the problem.

I am sure there are people out there with the time and skill to complete the last 25% of the work here! maybe you are the person?

Posted: **12:12am, Mon 02 Jan, 2006**

I took Rich's code and took a slightly different approach to enabling a user subscribe over HTTP. Instead of requiring a login, I've changed the code to simulate a post against the default subscribe page. This approach gets around the authentication issue with cURL. (I would imagine there is a way to properly authenticate with cURL, but I'm not that familiar with the library)

This was useful for me since I needed to integrate an existing user form with PHPList. And, as was said earlier, it doesn't require direct access to the database - so theortically there is less chance this will break with newer PHPList versions.

Code: Select all: <?php /* LCsub.php -- Purpose: Remote List Control via HTTP, subscribe function Original Author: Rich Cowan, 8/8/05 Modified by: Jesse Heap 1/1/2006 Details: With PHPList installed this procedure can be use to subscribe a user using the HTTP command. The procedure works by simulating a POST to the default subscribe page. It requires the CURL PHP library. LCsub.php -- will subscribe a user USAGE: (we assuming list #1, master password is "plist") Command: http://mydomain.com/lists/LCsub.php?pwd=plist&email=johndoe%40aol.com Result: This will subscribe John Doe to the email list; note that the '@' sign has been replaced here by %40 which is needed by most web servers. Command: http://mydomain.com/lists/LCsub.php?pwd=plist&email=johndoe@aol.com&attribute1=John&attribute2=Doe&attribute3=TX Result: This will subscribe John Doe to the email list, but also add user data for him, namely John's first name, last name, and state, which must be set up as phplist attributes for List #2 INSTALLATION AND CONFIGURATION: Just copy this script to the home directory of phplist, the lists folder. To make it executable (on Linux), do a 'chmod 755 phplist' To configure, just replace the values below for settings with the location of your phplist installation, and a working admin password for this installation. Questions? Feel free to email me, richcowan <at> gmail.com */ // GLOBAL VARIABLES // CONFIGURATION SETTINGS. Set them up for your host $domain = "http://www.yourdomain.com/lists/"; $lid = 1; //lid is the default PHPlist List ID to use $masterpassword = "YourPassword"; //Master password prevents unauthorized calls to script // CODE // 1) Retrieve the password parameter supplied in http request $pwd = $_GET['pwd']; if ($pwd == $masterpassword) { // make sure password matches echo("Master Password was correct. "); //debug code, ok to remove // 2) if script password is correct, then retrieve other parameters $ary = explode('&', $_SERVER['QUERY_STRING']); $i = 0; $post_data = array(); while ($i < count($ary)) { $getArray = split('=', $ary[$i]); // Set each GET value pair to the post_data associative array in preparation for the POST if (strcasecmp(urldecode($getArray[0]),'pwd')!=0) { // Ignore PWD parameter - not needed for POST $post_data[urldecode($getArray[0])] = urldecode($getArray[1]); } $i++; } // Set email $email = $post_data['email']; $tmp = $_GET['lid']; if ($tmp != '') {$lid = $tmp; } //user may override default list ID if ($email == '') { echo('You must supply an email address'); return(0); } // Add additional post data required by form $post_data["emailconfirm"] = $email; $post_data["htmlemail"] = "1"; $post_data["list[$lid]"] = "signup"; $post_data["listname[$lid]"] = "test"; $post_data["subscribe"] = "Subscribe"; $url = $domain . "?p=subscribe"; $ch = curl_init(); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); //echo("Result was: $result "); //6) Clean up curl_close($ch); } // end of if clause else { echo("Password not supplied."); } // close the php tag ?>

[/code]

phplist forums

[add-on] Subscribing a user via HTTP

[add-on] Subscribing a user via HTTP

Progress on implementation

Here is version 2.

Whats the status of the skript?

Yep Me Too

Working Subscribe Script