How to write a PHP double opt-in subscription form

I am trying to write a small PHP script for managing subscriptions for a mailing list. I was trying to find whatever resources I can find over the internet but I only came up with:

1. Very simple PHP scripts with only single opt-in or "fake" dual opt-in features.
2. Very complicated multi MB PHP projects, like PHPList (7.8 MB!)

With "fake" dual opt-in I call methods which either put the email address as the validation string, or what uses cookies in the browser.

All I would like to achieve is:

1. Someone can write it's email address in a PHP form and click subm开发者_StackOverflow中文版it
2. He receives an email with an URL where he needs to click. The link should not contain the email address but some md5 or random string
3. Once clicked on the URL he gets to a page which shows "email confirmed"

On the server-end the addresses could be save in a text file in a protected folder or if you believe it's really important to keep them in a database then in a database.

My questions so far are:

1. Could someone guide me to some tutorial or write-up about how to write such a script
2. Whether I should use database or a simple file. All I would need is to insert simple lines of new emails with the possibility of duplicate checking.
3. How to store the temporary id-s for the double opt-in system. I thought about using something like md5 ("email" . "passphrase") for the id generation and storing them next to the email addresses.

---

Just for the fun of it, here is a pretty indepth example. It should be easy to grasp what's going on in there and why.

Caveat: Code hasn't been tested so syntax and other errors are possible.

<?php

// Salt for hashing confirmation keys
$salt = 'yoursecretstring12#11;.-_.21';

$url = 'http://www.yoursite.tld/thisscript.php';
$fromEmail = 'you@yoursite.tld';

$dbHost = 'localhost';
$dbUser = 'dbuser';
$dbPass = 'dbpass';
$dbDatabase = 'dbname';

mysql_connect($dbHost, $dbUser, $dbPass);
mysql_select_db($dbDatabase);

$ip = $_SERVER["REMOTE_ADDR"];

if ( isset( $_GET['key'] ) && isset( $_GET['email'] ) ) {

  // If we have 'email' and 'key' parameters, we are handling an opt-in click

  $email = mysql_real_escape_string( $_GET['email'] );

  // Check if key matches hash of email and salt combination and if email is really an email

  if ( sha1( $email.$salt ) == $_GET['key'] && filter_var($email, FILTER_VALIDATE_EMAIL) ) {

    // Check if entry already exists

    $checkDupes = mysql_query( "SELECT COUNT(*) as cnt FROM emails WHERE email = '$email'"; ); 
    $result = mysql_fetch_assoc($checkDupes);

    if ($result['cnt'] < 1) {

      // Fresh email, insert into db along with remote ip and timestamp

      mysql_query( "INSERT INTO emails (email, ip, timestamp) VALUES ( '$email', $ip, NOW() );" );
      die('Subscription confirmed!');

    } else {

      die('Email already exists in database');

    }

  } else {

    die('Key mismatch or invalid email!');  

  } 

} else if ( isset( $_POST['email'] ) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) ) {

  // Form submission, send confirmation email    

  $email = $_POST['email'];
  $key = sha1( $email.$salt );

  $link = $url . '?email=' . $email . '&key=' . $key;

  $mailSubject = 'Please confirm your subscription';
  $mailTo = $email;
  $mailBody = 'Please confirm your subscription by clicking <a href="$link">this link</a>'; 
  $headers = 'From: ' . $fromEmail . "\r\n";

  mail( $mailTo, $mailSubject, $mailBody );

} else {

  // Present form and show error if needed

  if ( isset( $_POST['email'] ) ) {
    echo "Ivalid email submitted!<br />";
  } 

  echo '
  <form method="post" action="'.$url.'">
    Email: <input type="text" name="email" /><br />
    <input type="submit" value="Submit" />
  </form>
  ';

}

---

What I would recommend is to generate a random string using md5(rand()) and store it in a database. Then, create a link for the user to go, and email it to him. This link should contain the random string in a GET variable, and when the confirmation page is loaded you can compare it to the database.

If the string is wrong, do nothing and output an error. If it's correct, delete the row from the table and add it to another table that has confirmed emails in it (or, have a field called is_confirmed and change this to TRUE once the email has been confirmed).

You should also have a similar method to allow the user to unsubscribe from the mailing list.