phplist register on create account

[decompiled]

I was looking for a way to integrate Zen Cart with Phplist. I found Newsletter Center Beta, but that didn't do exactly what I wanted, which was subscribe the new user to a phplist mailing list when the account is created.

Since I figured out how to do it with a little hacking, I'm providing the code here for others to benefit.

Using code grabbed from this link I placed a file called "subscribe_phplist.php" in my "/lists/" folder (the root folder of phplist.

I modified the code slightly. I added my DB username and password, as well as my phplist password. I also set up the code to always subscribe to a particular list number; in this case, number nine. Finally, I didn't like how the script created variables for all GET parameters, as that is a security risk. Instead, I grabbed the variables manually. In my case, I have "attribute1" as firstname and "attribute2" as last name.

Here is the code, with passwords removed/changed:

PHP Code:

<?php

/* LCsub.php —
Purpose: Remote List Control via HTTP, subscribe function
Original Author: Rich C. 8/8/05
Modified by: Jesse Heap 1/3/2006

Details:
With PHPList installed this procedure can be use to
subscribe a user using the HTTP command.  The procedure works
by simulating a POST to the default subscribe page.  It requires
the CURL PHP library.

LCsub.php — will subscribe a user

USAGE:

(we assuming list #1, master password is "plist")

Command:
http://mydomain.com/lists/LCsub.php?pwd=plist&email=johndoe%40aol.com

Result:
This will subscribe John Doe to the email list; note that the
'@' sign has been replaced here by %40 which is needed by most
web servers.

Command:
http://mydomain.com/lists/LCsub.php?pwd=plist&email=johndoe##################&attribute1=John&attribute2=Doe&attribute3=TX

Result:
This will subscribe John Doe to the email list, but also add
user data for him, namely John's first name, last name, and
state, which must be set up as phplist attributes for List #2

INSTALLATION AND CONFIGURATION:

Just copy this script to the home directory of phplist, the lists folder.

To configure, just replace the values below for settings with the
location of your phplist installation, and a working admin password
for this installation.

*/

// GLOBAL VARIABLES

// CONFIGURATION SETTINGS.  Set them up for your host
$domain = "http://www.mydomain.com/lists/";
$lid = 9;                                 // lid is the default PHPlist List ID to use
$masterpassword = "mypassword";       // Master password prevents unauthorized calls to script
$login = "username";                       // phplist admin Login
$pass = "password";             // phplist admin password
$skipConfirmationEmail = 1;               // Set to 0 if you require a confirmation email to be sent.
                         
// CODE
//TODO: Put in check to only allow script to be called from authorized domains
// 1) Retrieve the password parameter supplied in http request
$pwd = $_GET['pwd'];

if ($pwd == $masterpassword) {              // make sure password matches
//  echo("Master Password was correct.");   //debug code, ok to remove

// 2) if script password is correct, then retrieve other parameters
   //$ary = explode('&', $_SERVER['QUERY_STRING']);
   $i = 0;
   $post_data = array();
   /*while ($i < count($ary)) {
      $getArray = split('=', $ary[$i]);   
       // Set each GET value pair to the post_data associative array in preperation for the POST
      if (strcasecmp(urldecode($getArray[0]),'pwd')!=0) { // Ignore PWD parameter - not needed for POST
         $post_data[urldecode($getArray[0])] = urldecode($getArray[1]);
      }
      $i++;
   } */
   $post_data["attribute1"] = $_GET['attribute1'];
   $post_data["attribute2"] = $_GET['attribute2'];
   $post_data["email"] = $_GET['email'];

   // Ensure email is provided
   $email = $post_data['email'];
   //$tmp = $_GET['lid'];
   //if ($tmp != '') {$lid = $tmp; }   //user may override default list ID
   if ($email == '') {
         echo('You must supply an email address');
    return(0);
   }

// 3) Login to phplist as admin and save cookie using CURLOPT_COOKIEFILE
// NOTE: Must log in as admin in order to bypass email confirmation
   $url = $domain . "admin/?";
   $ch = curl_init();
   $login_data = array();
   $login_data["login"] = $login;
   $login_data["password"] = $pass;
   curl_setopt($ch, CURLOPT_POST, 1);
   curl_setopt($ch, CURLOPT_URL, $url);   
   curl_setopt($ch, CURLOPT_POSTFIELDS, $login_data);
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
   curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/nofileneeded.txt"); //Enable Cookie Parser. 
   //File does not need to exist - http://curl.netmirror.org/libcurl/c/libcurl-tutorial.html for more info
   $result = curl_exec ($ch);
//   echo("Result was: $result"); //debug

// 3) Now simulate post to subscriber form. 
   $post_data["emailconfirm"] = $email;
   $post_data["htmlemail"] = "1";
   $post_data["list[$lid]"] = "signup";
   $post_data["subscribe"] = "Subscribe";
   $post_data["makeconfirmed"] = $skipConfirmationEmail;  //If set to 1 it will confirm user bypassing confirmation email
   $url = $domain . "?p=subscribe";

   curl_setopt($ch, CURLOPT_POST, 1);
   curl_setopt($ch, CURLOPT_URL, $url);   
   curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
      $result = curl_exec ($ch);
   //echo("Result was: $result");
   echo "Success<br/>\n";
//) Clean up
curl_close($ch);

}  // end of if clause

else {
echo("Password not supplied.");
}

// close the php tag
?>

The version of phplist I have also has an ".htaccess" file in the root lists folder which restricts which files can be read. Make sure to add "subscribe_phplist.php" to the .htaccess line which reads:

Code:

<FilesMatch "(index.php|dl.php|ut.php|lt.php|download.php|subscribe_phplist.php)$">

Next, I tested the script manually by calling it from a web browser.

Code:

http://www.mydomain.com/lists/subscribe_phplist.php?pwd=mypassword&email=test%40email.com&attribute1=John&attribute2=Smith

If all goes well you should see "Success." Then, check your phplist admin page to see if the user was created and subscribed to the proper list. If not, uncomment the following line in the script:

PHP Code:

echo("Result was: $result"); 


and that will show you the output so you can debug.

The final thing to mod is the create_account.php in Zen Cart. I copied the file from includes/modules/create_account.php into includes/modules/MY_TEMPLATE/create_account.php.

Then I searched for this line:

PHP Code:

zen_redirect(zen_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); 


The above code redirects the browser to the create account success page, so at this point we know the Zen user has been created correctly and therefore it is safe to add the phplist user.

I added this code immediately above that line:

PHP Code:

// hack to add user to phplist newsletter
    $my_email = urlencode($email_address);
    $my_firstname = urlencode($firstname);
    $my_lastname = urlencode($lastname);
    $my_result = readfile("http://www.mydomain.com/lists/subscribe_phplist.php?pwd=mypassword&email=$my_email&attribute1=$my_firstname&attribute2=$my_lastname");
    // end phplist hack 


Now, to test, I created a new user in Zen Cart. If all went well, the user should also appear in phplist with the proper list and name.

Since this code only works on account creation, it doesn't work when the Zen Cart user changes his information. Also, to reduce the number of emails the user receives, I don't send a confirmation email from phplist. Some may not want to automatically subscribe everyone. Finally, I removed the "Subscribe to Newsletter" option on the account creation page, as it refers to the Zen newsletter and not the phplist one. I suppose one could hack this script to work with the Zen newsletter option instead.

I hope someone finds this helpful.

[remp]

ok, i did all that, and then when i uploaded the files, its saying that the file is not there, although im sure it is there... what am i doing wrong?

[decompiled]

Which files aren't there? Can you be more specific?

[mrmeech]

Which files aren't there? Can you be more specific?

ok, i did all that, and then when i uploaded the files, its saying that the file is not there, although im sure it is there... what am i doing wrong?

Hey Guys - You might be interested at taking a look at the link below, adding it to your monitored subscriptions so you get email updates about posts there. I'm working pretty feverishly on putting together a solid integraded phplist mod for Zen Cart. It was started by someone else, but then abandoned before being functional. Should be done in a week or two assuming things go as planned.

http://www.zen-cart.com/forum/showthread.php?t=46427

[qisahn]

I have installed as per instructions

now after customers create account, they r brought to a blank page tt says "Success"

How do I bring them to the default create account success page?

Sorry, I don't know PHP, if anyone could help me, it'll be much appreciated.

For those who dun use this module but is able to help, this line of code is no longer used by Zencart due ot the hack but it is needed to do the redirect

zen_redirect(zen_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL'));

I tried adding it to the www.mywebsite.com/lists/subscribe_phplist.php
I get an error

Fatal error: Call to undefined function zen_redirect() in /home/mywebsite/public_html/lists/subscribe_phplist.php

My zen cart is installed in the root of my site.

Currently my temp fix is

header( 'Location: http://www.mywebsite.com/index.php?m...ccount_success' );

which is far from the best solution.