BTW - There's no formula - The string is purely random
For iCount = 1 to 20 ' To Generate 20 characters in a random string
Main Topics
Browse All Topics
Loading Advertisement...
Question
Letting users unsubscribe from asp/sqlserver DB mailing list (the best way?)
Hi all,
I have just built my first mailing list, just wondering if anyone out there could show me the best way to enable these users to unsubscribe themselves safely. (I just have a int field for (number id) and text (email) field for their email address)
Sometimes in the mailing lists I am subscribed to there isnt really much protection where unsubscribing as in the link in the email is usually something like.
http://www.website/unsub.a
And other people can just go in and enter someone elses email address and illegally unsubscribe another user direct fromt he web page.
One way I could do it I guess is buy having a large identity seed difference (101) or something.
But usually I see a lot of unscription links like:
http://website.com/index.c
Which obviously makes it practivally impossible to decifier.
I presume this is some kind of formula or?
Any help would be great.
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Subscribe now for full access to Experts Exchange and get
Instant Access to this Solution
- Plus...
- 30 Day FREE access, no risk, no obligation
- Collaborate with the world's top tech experts
- Unlimited access to our exclusive solution database
- Never be left without tech help again
Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.
- "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
- "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
- "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.
See what Experts Exchange can do for you.
Got a question?
We've got the answer.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
Need individual assistance?
Our experts are ready to help.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Want to learn from the best?
Read articles from industry experts.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Working on a long term project?
Store your work and research.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
What Makes Experts Exchange Unique?
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Trusted by the world's most respected brands.
Faithfully serving IT professionals since 1996.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Free Tech Articles
-
WARNING: 5 Reasons why you should NEVER fix a computer for free.
It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
-
SCCM OSD Basic troubleshooting
SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
-
Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
-
Create a Win7 Gadget
This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
-
Outlook continually prompting for username and password
There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
-
Backup Exchange 2010 Information Store using Windows Backup
There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...
Cloud Class Webinars
- Avoiding Bugs in Microsoft Access
Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
- Top 10 Best New Features in Visio 2010
Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
- IT Consultant Business Secrets Revealed
Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
- Disaster Recovery and Business Continuity
Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
- Organize Your Visio Diagrams with Containers and Lists
Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
- How to Us Objects, Properties, Events and Methods in Microsoft Access
Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...
Join the Community
Give a Little. Get a Lot.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
Answers
Dragonlaird I also found this one which seems to work great.
<%
'Our Function generatePassword accepts one parameter 'passwordLength'
'passwordLength will obviously determine the password length.
'The aplhanumeric character set is assigned to the variable sDefaultChars
Function generatePassword(passwordL
'Declare variables
Dim sDefaultChars
Dim iCounter
Dim sMyPassword
Dim iPickedChar
Dim iDefaultCharactersLength
Dim iPasswordLength
'Initialize variables
sDefaultChars="abcdefghijk
iPasswordLength=passwordLe
iDefaultCharactersLength = Len(sDefaultChars)
Randomize'initialize the random number generator
'Loop for the number of characters password is to have
For iCounter = 1 To iPasswordLength
'Next pick a number from 1 to length of character set
iPickedChar = Int((iDefaultCharactersLen
'Next pick a character from the character set using the random number iPickedChar
'and Mid function
sMyPassword = sMyPassword & Mid(sDefaultChars,iPickedC
Next
generatePassword = sMyPassword
End Function
Response.write generatePassword(20) 'Call the function & pass in 6 as the parameter
%>
Function randomString(length)
Dim x, chars, rndnum
chars = "1234567890abcdefghijklmno
randomString = ""
Randomize
For x = 1 To length
rndnum = Rnd() * Len(chars) + 1
randomString = randomString & Mid(chars, (FormatNumber(rndnum, 0)), 1)
Next
End Function
To generate the string just use randomString(20) or something. 20 characters should be plenty however you'll want to double check to ensure that the string doesn't already exist in the database.
Sorry about cutting off mid-type there, I didn't realise the last comment saved and I had to shoot off to work.
The function provided by CyrexCore2k above basically provides what I was going to type above, a random string of letters and numbers to be saved against each record which you can then use in your email to provide an unsubscribe link as explained above. If the user clicks the link, just verify in your unsubscribe.asp page that the ID and verification string both match and display a suitable message upon success or failure as required.
Another point, raised by CyrexCore2k, there really isn't any need to check that the string of characters is unique since the string AND ID are passed via the URL and must match before the person is unsubscribed UNLESS you intend to use ONLY the random string as part of your URL for unsubscribes.
I'd personally prefer to use the ID/Verify method as this makes it almost impossible for someone to generate random strings and hit your unsubscribe page with them to try and randomly unsubscribe your users.
To back-populate your existing list of emails, just create a loop to retrieve each email record, generate your random string, update the record and save it, then move on to the next record...
When users subscribe, just generate the random string at the time you create the new record and save it along with the email address etc.
Hi Dragonlaird
Ok have this pretty well worked out now, just having a bit of trouble figuring out some code.
Im on the mailinglistremove.asp.asp page where someone will click on the link such as
http://localhost/mailingli
that I generate for them in when the recieve an email from the list.
I am having trouble trying to do a proper if statement for when I am checking the querystring variables from the link against those in the DB. Its listed below, it was working when only checking 2 values (guid and email), but if I changed the id value I would get
Error Type:
(0x80020009)
Exception occurred.
so now that I am also checking ID its not working. Obviously i need to check that all 3 values are the same as those in the DB.
if id = objRS("id") And guid = objRS("guid") And email = objRS("email") then
dbOpen()
dbConnect.Execute("DELETE FROM emaillist WHERE ID = " & id & ";")
dbClose()
response.write "You have been successfully removed from the Mailing List."
else
'I want this message displayed if there is any characters that do not match what is in the DB
response.write "You have entered an incorrect user ID, please click on the unsubscribe link from an email we have sent you."
end if
Im sure it something simple that I am not doing right.
Any help would be great.
Firstly, there's no need to include the email address in the URL, the ID and GUID comparison are more than sufficient and also allows for the possibility that the user may have changed their email address then unsubscribed.
The error you see is might be because one of the values you've retrieved from the DB is NULL (as opposed to an empty string) and as such, when used in comparison strings, it generates an error.
Try using something like this...
If Not IsNull(objRS("id")) AND Not IsNull(objRS("guid")) Then
If id = objRS("id") AND guid = objRS("guid") Then
dbOpen()
dbConnect.Execute("DELETE FROM emaillist WHERE ID = " & id & ";")
dbClose()
Response.Write "You have been successfully removed from the Mailing List."
Else
'I want this message displayed if there is any characters that do not match what is in the DB
Response.Write "You have entered an incorrect user ID, please click on the unsubscribe link from an email we have sent you."
End If
Else
' The GUID is probably null - cannot unsubscribe, needs attention
Response.Write "There was a problem processing your request. Please email XXX"
End If
You shouldn't even need a recordset to accomplish this.
Just do this
dbOpen()
If dbconnect.Execute("SELECT id FROM emaillist WHERE id = " & Request.QueryString("ID") & " AND guid = '" & Request.QueryString("GUID"
Response.Write "The unsubscribe link provided does not seem to be valid. blah blah blah"
Else
dbConnect.Execute("DELETE FROM youruserstable WHERE id = " & Request.QueryString("ID")
End If
dbClose()
And remember to protect your variables from SQL insertion.
simplicitytheory,
If you're using software that allows you to use an exclusion list, then I recommend that you maintain removed addresses in a separate table rather than deleting records from the subscriber database. This would keep you from emailing someone who had already unsubscribed if you later acquire a list through a partnership or list broker.
Hi guys
Im still stuck on this. I decided I also need to do a confirmation email for when they sign up so again I want to check variables I send in a cornfirmation email against those in the database before they are officially added.
So at present I send an email with the link
http://localhost/emailconf
emailconfirm.asp contains
strid = Request.QueryString("ID")
thegui = Request.QueryString("GUID"
mySQL = "SELECT elid, email, guid, userstatus FROM tblemaillist WHERE elid = " & strID
dbOpen()
set objRS = Server.CreateObject("ADODB
objRS.Open mySQL, dbConnect, 3, 3
if strID = objRS("elid") then
objRS("userstatus") = "confirmed"
response.write "You have been successfully confirmed your subscription to the VKA Mailing List."
else
response.write "Your confirmation details are incorrect, please click the link from the confirmation email."
response.write "<br>" & strID & "<br>"
response.write thegui & "<br>"
end if
I have now also added a field called userstatus. In this field I will be keeping track of whether they are uncofirmed or confirmed, I am updating this field to the text "confirmed" if strID = objRS("elid").
My only problem is that in that setup the server hangs, and I am not sure why. (after a few minutes it tells me there are too many users connected)
But them if I use this line
The page runs but always produces the else "Your confirmation details are incorrect, please click the link from the confirmation email."
If you guys could show me what I am doing wrong here, I think I have to use a recordset update because I want to update that field correct? Thanks again for the help.
3 Ways to Join
Business Accounts
- Perfect for organizations
- Multiple users
- Save over 36%
- Create a Business Account
Answer for Membership
- Earn free access
- Showcase your knowledge
- No credit card required
- Sign Up to Answer
Loading Advertisement...
by: DragonlairdPosted on 2006-08-16 at 23:08:05ID: 17331962
Basically, to allow users to unsubscribe, save a random string of characters/numbers against their record and provide a link like this:
http://YourWebserver.com/U
If the user clicks the link, confirm the random string matches the value you saved against record ID XX and if so, they unsubscribe.
Hope this helps,
Dragonlaird