What are some best practices for creating a newsletter script using PHP/MySQL?

When creating a newsletter script using PHP/MySQL, it is important to properly sanitize user input to prevent SQL injection attacks. Additionally, make sure to use prepared statements when interacting with the database to prevent SQL injection vulnerabilities. Lastly, consider implementing a double opt-in system to ensure that users have explicitly consented to receiving newsletters.

// Sanitize user input to prevent SQL injection
$email = mysqli_real_escape_string($conn, $_POST['email']);

// Use prepared statements to interact with the database
$stmt = $conn->prepare("INSERT INTO newsletter_subscribers (email) VALUES (?)");
$stmt->bind_param("s", $email);
$stmt->execute();

// Implement a double opt-in system for newsletter subscriptions
$verification_code = md5(uniqid(rand(), true));
$stmt = $conn->prepare("INSERT INTO newsletter_verification (email, verification_code) VALUES (?, ?)");
$stmt->bind_param("ss", $email, $verification_code);
$stmt->execute();