A powerful, responsive web application to manage your Gmail inbox efficiently. Built with PHP, Tailwind CSS, and the Gmail API, this tool offers advanced features like bulk deletion by sender, dark mode, and a dedicated cleanup dashboard.
- Responsive Interface: Seamless experience across Mobile, Tablet, Desktop, and TV screens.
- View Emails: Clean list view (Table on Desktop, Cards on Mobile) with sender, subject, date, and labels.
- Read Mode: Full-screen modal to read email content (HTML/Text) without leaving the app.
- Search: Real-time search functionality to find specific emails.
- Bulk Delete: Select multiple emails and delete them in one click.
- Delete by Sender: Powerful feature to find and delete ALL emails from a specific sender (batch processing).
- Senders Manager: NEW! View all unique sender email addresses and batch delete all emails from selected senders.
- Label Management: Quickly apply or remove labels (Star, Unread, Important) from selected emails.
- Dashboard: Dedicated
All Emails Statspage showing total message and thread counts. - Nuclear Option: A "Delete All Emails" feature for complete inbox clearing (protected by double confirmation).
- Dark Mode: Fully supported dark theme with persistence (saves preference).
- Session Persistence: Stay logged in even after refreshing the page (tokens saved securely).
- Custom Modals: Beautiful, non-intrusive confirmation and alert dialogs.
- CSRF Protection: Token-based protection against cross-site request forgery
- Security Headers: XSS protection, clickjacking prevention, MIME sniffing protection
- Rate Limiting: Client-side rate limiting to prevent API quota exhaustion
- Secure Token Storage: SessionStorage instead of LocalStorage for better security
- Input Sanitization: All user inputs are properly escaped
- Frontend: HTML5, JavaScript (ES6+), Tailwind CSS
- Backend: PHP 7.4+
- API: Google Gmail API (v1), Google Identity Services (OAuth 2.0)
- Authentication: Secure OAuth flow with
credentials.json
Search and filter emails with real-time results
Double confirmation before deleting emails
Seamless dark mode with persistent preferences
Nuclear option with multiple confirmations
View all unique senders and batch delete by sender
- PHP 7.4 or higher
- A Google Cloud Project with Gmail API enabled
- Web server (Apache, Nginx, or PHP built-in server)
git clone https://github.com/yourusername/gmail-manager.git
cd gmail-manager- Go to Google Cloud Console
- Create a new project or select an existing one
- Enable the Gmail API:
- Navigate to "APIs & Services" > "Library"
- Search for "Gmail API"
- Click "Enable"
- Go to "APIs & Services" > "Credentials"
- Click "Create Credentials" > "OAuth client ID"
- Configure the consent screen if prompted
- Choose "Web application" as the application type
- Add authorized JavaScript origins:
http://localhost:8000(for local development)- Your production domain (e.g.,
https://yourdomain.com)
- Add authorized redirect URIs:
http://localhost:8000- Your production domain
- Click "Create"
- Download the JSON file
- Copy the example file:
cp credentials.json.example credentials.json
- Open
credentials.jsonand paste your OAuth credentials - IMPORTANT: Never commit
credentials.jsonto version control (it's already in.gitignore)
For production, install Tailwind CSS locally:
npm install
npm run build:cssThen update the PHP files to use the compiled CSS instead of CDN:
<!-- Replace this -->
<script src="https://cdn.tailwindcss.com"></script>
<!-- With this -->
<link rel="stylesheet" href="css/output.css">php -S localhost:8000Configure your web server to serve the project directory.
Open your browser and navigate to:
- Main Manager:
http://localhost:8000/manage_gmail.php - Senders Manager:
http://localhost:8000/senders.phpβ NEW! - Stats & Cleanup:
http://localhost:8000/all_emails.php
- Click the "Authorize" button
- Sign in with your Google account
- Grant the requested permissions:
- Read, compose, send, and permanently delete all your email from Gmail
- View and modify but not delete your email
- Use
localhostor127.0.0.1for testing - Keep
credentials.jsonsecure and never commit it - Use HTTPS in production
- Use HTTPS: Always use SSL/TLS certificates
- Restrict OAuth Origins: Only add your production domain
- Environment Variables: Consider using environment variables for sensitive data
- Update CSP: Adjust Content Security Policy for your domain
- Regular Updates: Keep dependencies updated
- Backup: Always backup before using destructive operations
Gmail API has the following quotas:
- 250 quota units per user per second
- 1 billion quota units per day
Operations cost:
- List messages: 5 units
- Get message: 5 units
- Batch delete: 50 units
- Modify labels: 5 units
The app includes client-side rate limiting (100 requests per minute) to help prevent quota exhaustion.
The Senders Manager provides a streamlined way to clean up your inbox by sender:
How to Use:
- Navigate to
http://localhost:8000/senders.php - Click "Load Senders" to fetch all unique sender email addresses
- Browse the list of senders (sorted alphabetically)
- Use the search box to find specific senders
- Select one or more senders using checkboxes
- Click "Delete Selected" to remove ALL emails from selected senders
- Or click individual "Delete All" buttons for single senders
Features:
- β‘ Fast loading - only fetches unique sender emails
- π Real-time search and filtering
- β Multi-select with "Select All" option
- π Live statistics showing total and selected senders
- ποΈ Uses the same proven deletion logic as "Delete by Sender"
- π Progress tracking with visual progress bar
- π― Searches and deletes ALL emails from sender (not limited to first 2000)
When to Use:
- Unsubscribe from multiple newsletters at once
- Clean up promotional emails from various senders
- Remove old emails from former colleagues or contacts
- Bulk cleanup of automated notification emails
Comparison:
| Feature | Senders Manager | Delete by Sender | Bulk Delete |
|---|---|---|---|
| View all senders | β Yes | β No | β No |
| Search senders | β Yes | β No | β No |
| Multi-select | β Yes | β No | β Yes |
| Delete ALL emails | β Yes | β Yes | β No |
| Progress tracking | β Yes | β Yes | β No |
| Best for | Bulk sender cleanup | Single sender | Selected emails |
- Select an email from the sender (optional - pre-fills the email)
- Click "Delete All from Sender"
- Enter or confirm the sender's email address
- Confirm the action twice
- Wait for the batch deletion to complete
Use Gmail search operators:
from:sender@example.com- Emails from specific sendersubject:keyword- Emails with keyword in subjectis:unread- Unread emails onlyhas:attachment- Emails with attachmentsafter:2024/01/01- Emails after a date
- Click the moon/sun icon to toggle
- Preference is saved automatically
- Respects system preference by default
- Make sure you've created
credentials.jsonfrom the example file - Check that the file is in the root directory
- Verify your OAuth credentials are correct
- Check that your domain is in the authorized origins
- Clear browser cache and try again
- Wait a minute before making more requests
- The app has built-in rate limiting (100 req/min)
- Check browser console for specific CSP violations
- Update
config.phpto allow necessary domains
- Check browser console for JavaScript errors
- Verify all script files are loading correctly
- Ensure PHP session is working (
session_start())
gmail-manager/
βββ manage_gmail.php # Page entry: main email management interface
βββ all_emails.php # Page entry: stats & cleanup dashboard
βββ senders.php # Page entry: senders analysis & batch delete
βββ config.php # Bootstrap: wires session/headers/config (BC entry)
βββ credentials.json # OAuth credentials (DO NOT COMMIT)
βββ credentials.json.example # Template for credentials
βββ .gitignore # Git ignore rules
βββ package.json # NPM dependencies (optional CSS build)
βββ tailwind.config.js # Tailwind configuration
βββ README.md # This file
βββ app/ # PHP backend (not the page entry points)
β βββ Config.php # Credential loader
β βββ Security/
β β βββ Session.php # Secure session start
β β βββ Csrf.php # CSRF token issue/verify
β β βββ Headers.php # CSP + security headers
β βββ views/
β βββ partials/
β βββ head.php # Shared <head>
β βββ header.php # Shared nav/header bar
β βββ theme-toggle.php # Theme toggle button
βββ assets/
β βββ css/
β βββ app.css # Shared component styles (was inline <style>)
βββ js/
β βββ core/ # Auth + API + session logic
β β βββ session.js # Token persistence
β β βββ gmailClient.js # gapi/GIS bootstrap + rate limiting
β β βββ auth.js # Sign-in/out flow + auth UI state
β βββ ui/ # Presentation behavior
β β βββ toast.js # Status notifications
β β βββ modal.js # Alert/confirm dialogs
β β βββ theme.js # Light/dark theme
β βββ pages/ # Per-page logic
β βββ manager.js # manage_gmail.php
β βββ stats.js # all_emails.php
β βββ senders.js # senders.php
βββ src/
β βββ input.css # Tailwind source (for optional production build)
βββ snaps/ # Screenshots
βββ confirm_delete.png
βββ delete_all_mail.png
βββ delete_all_mails.png
βββ search_mail.png
βββ sender_manager.png # Senders Manager page
βββ ThemeToggle.png
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
This tool has the ability to permanently delete emails. Use with caution:
- Always test with a test account first
- Double-check before confirming deletions
- There is NO undo for deleted emails
- The authors are not responsible for data loss
MIT License - See LICENSE file for details
Built with β€οΈ by AdxStackDev
β If you find this project useful, please consider giving it a star!