I try to implement a newsletter function in PHP. When a user subscribes on our website, a verification e-mail gets send to them. If they have already subscribed, they get a message displayed like: "you have already subscribed" or "E-Mail already registered, but not verified. The e-mail was resent.
function new_member($email,$list_id)
{
global $db;
$san_email = filter_var($email, FILTER_SANITIZE_EMAIL);
if (filter_var($san_email, FILTER_VALIDATE_EMAIL))
{
$hash = openssl_random_pseudo_bytes(10, $cstrong);
$qry = "SELECT COUNT(*),active,access_hash FROM ".MYSQL_PREFIX."mailing_list_member WHERE address = '?' AND list_id = ?";
var_dump($qry);
if ($stmt = $db->prepare($qry)) {
$stmt->bind_param("si", $san_email, $list_id);
$stmt->bind_result($count,$active,$db_hash);
$stmt->fetch();
$stmt->close();
} else {
echo "sendet query: <pre>".$qry."</pre>
"."Antwort: ".$db->error;
}
if ($count==1) {
if ($active==1){
return "E-Mail-Addresse bereits angemeldet.";
} else {
send_verification_mail($san_email,$list_id,$db_hash);
return "E-Mail-Addresse bereits angemeldet, allerdings noch nicht bestätigt. Bestätigungsmail wurde erneut gesendet.";
}
} else {
$qry = "INSERT INTO ".MYSQL_PREFIX."mailing_list_member (address,list_id,access_hash) VALUES ('?',?,'?')";
if ($stmt = $db->prepare($qry)) {
var_dump($san_email);
$stmt->bind_param("sis", $san_email, $list_id, $hash);
$stmt->fetch();
$stmt->close();
send_verification_mail($san_email,$list_id,$hash);
return "Bestätigungsemail wurde erfolgreich an ".$san_email." gesendet.";
} else {
echo "sendet query: <pre>".$qry."</pre>
"."Antwort: ".$db->error;
}
}
} else {
return "Keine gültige E-Mail-Addresse angegeben!";
}
}
For testing purpose this function got called like this (with a ream mail in there):
echo new_member('mail@example.com',1);
If I do this, the mail gets sent to the right e-mail-address, but not inserted into the database. Even if the user is already in the database, the e-mail is sent.
