   <?php require_once(output_fns.php); require_once(db_fns.php); require_once(data_valid_fns.php); require_once(url_fns.php); require_once(user_auth_fns.php); ?>


   <?php // Test that each variable has a value function filled_out($form_vars) { foreach ($form_vars as $key => $value) { if ((!isset($key)) ($value == )) { return false; } } return true; } // Valid email function valid_email($address) { if (ereg(^[a-zA-Z0-9_\.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$, $address)) { return true; }else { return false; } } ?>


   <?php //Conncet to db function db_connect() { $db = new mysqli(, bm_user, password, bookmarks); if (!$db) { throw new Exception(Could not connect to database server, 1); }else { return $db; } } ?>


   <?php require_once(db_fns.php); // register function register($username, $email, $password) { $conn = db_connect(); $results = $conn -> query(select * from user where username = .$username.); if (!$results) { throw new Exception(Could not execute query, 1); } if ($results -> num_rows > 0) { throw new Exception(That username is taken - go back and choose another one., 1); } $results = $conn -> query(insert into user values (.$username., sha1(.$email.), .$password.)); if (!$results) { throw new Exception(Could not register you in database - please try again later.); } return true; } // Log in function login($username, $password) { $conn = db_connect(); $results = $conn -> query(select * from user where username = .$username. and passwd = sha1(.$password.)); if (!$results) { throw new Exception(Could not log you in.); } if ($results -> num_rows > 0) { return true; }else { throw new Exception(Could not log you in.); } } // Check valid user function check_valid_user() { if (isset($_SESSION[valid_user])) { echo Logged in as .$_SESSION[valid_user]..<br />; }else { do_html_header(Problem:); echo You are not logged in.<br />; do_html_url(login.php, Login); do_html_foot(); exit; } } // change password function change_password($username, $old_password, $new_password) { login($username, $old_password); $conn = db_connect(); $result = $conn -> query(update user set passwd = sha1(.$new_password.) where username = .$username.); if (!$result) { throw new Exception(Password could not be changed.); } else { return true; // changed successfully } } function get_random_word($min_length, $max_length) { // grab a random word from dictionary between the two lengths // and return it // generate a random word $word = ; // remember to change this path to suit your system $dictionary = /usr/dict/words; // the ispell dictionary $fp = @fopen($dictionary, r); if(!$fp) { return false; } $size = filesize($dictionary); // go to a random location in dictionary $rand_location = rand(0, $size); fseek($fp, $rand_location); // get the next whole word of the right length in the file while ((strlen($word) < $min_length) (strlen($word)>$max_length) (strstr($word, ))) { if (feof($fp)) { fseek($fp, 0); // if at end, go to start } $word = fgets($fp, 80); // skip first word as it could be partial $word = fgets($fp, 80); // the potential password } $word = trim($word); // trim the trailing \n from fgets return $word; } function reset_password($username) { // set password for username to a random value // return the new password or false on failure // get a random dictionary word b/w 6 and 13 chars in length $new_password = get_random_word(6, 13); if($new_password == false) { throw new Exception(Could not generate new password.); } // add a number between 0 and 999 to it // to make it a slightly better password $rand_number = rand(0, 999); $new_password .= $rand_number; // set users password to this in database or return false $conn = db_connect(); $result = $conn->query(update user set passwd = sha1(.$new_password.) where username = .$username.); if (!$result) { throw new Exception(Could not change password.); // not changed } else { return $new_password; // changed successfully } } function notify_password($username, $password) { // notify the user that their password has been changed $conn = db_connect(); $result = $conn->query(select email from user where username=.$username.); if (!$result) { throw new Exception(Could not find email address.); } else if ($result->num_rows == 0) { throw new Exception(Could not find email address.); // username not in db } else { $row = $result->fetch_object(); $email = $row->email; $from = From: support@phpbookmark \r\n; $mesg = Your PHPBookmark password has been changed to .$password.\r\n .Please change it next time you log in.\r\n; if (mail($email, PHPBookmark login information, $mesg, $from)) { return true; } else { throw new Exception(Could not send email.); } } } ?>



   <?php function do_html_header($title) { // print an HTML header ?> <html> <head> <title><?php echo $title;?></title> <style> body { font-family: Arial, Helvetica, sans-serif; font-size: 13px } li, td { font-family: Arial, Helvetica, sans-serif; font-size: 13px } hr { color: #3333cc; width=300; text-align=left} a { color: #000000 } </style> </head> <body> <img src=005.png alt=PHPbookmark logo border=0 align=left valign=bottom height=55 width=57 /> <h1>PHPbookmark</h1> <hr /> <?php if($title) { do_html_heading($title); } } function do_html_footer() { // print an HTML footer ?> </body> </html> <?php } function do_html_heading($heading) { // print heading ?> <h2><?php echo $heading;?></h2> <?php } function do_html_URL($url, $name) { // output URL as link and br ?> <br /><a href=<?php echo $url;?>><?php echo $name;?></a><br /> <?php } function display_site_info() { // display some marketing info ?> <ul> <li>Store your bookmarks online with us!</li> <li>See what other users use!</li> <li>Share your favorite links with others!</li> </ul> <?php } function display_login_form() { ?> <p><a href=register_form.php>Not a member?</a></p> <form method=post action=member.php> <table bgcolor=#cccccc> <tr> <td colspan=2>Members log in here:</td> <tr> <td>Username:</td> <td><input type=text name=username/></td></tr> <tr> <td>Password:</td> <td><input type=password name=passwd/></td></tr> <tr> <td colspan=2 align=center> <input type=submit value=Log in/></td></tr> <tr> <td colspan=2><a href=forgot_form.php>Forgot your password?</a></td> </tr> </table></form> <?php } function display_registration_form() { ?> <form method=post action=register_new.php> <table bgcolor=#cccccc> <tr> <td>Email address:</td> <td><input type=text name=email size=30 maxlength=100/></td></tr> <tr> <td>Preferred username <br />(max 16 chars):</td> <td valign=top><input type=text name=username size=16 maxlength=16/></td></tr> <tr> <td>Password <br />(between 6 and 16 chars):</td> <td valign=top><input type=password name=passwd size=16 maxlength=16/></td></tr> <tr> <td>Confirm password:</td> <td><input type=password name=passwd2 size=16 maxlength=16/></td></tr> <tr> <td colspan=2 align=center> <input type=submit value=Register></td></tr> </table></form> <?php } function display_user_urls($url_array) { // display the table of URLs // set global variable, so we can test later if this is on the page global $bm_table; $bm_table = true; ?> <br /> <form name=bm_table action=delete_bms.php method=post> <table width=300 cellpadding=2 cellspacing=0> <?php $color = #cccccc; echo <tr bgcolor=\.$color.\><td><strong>Bookmark</strong></td>; echo <td><strong>Delete?</strong></td></tr>; if ((is_array($url_array)) && (count($url_array) > 0)) { foreach ($url_array as $url) { if ($color == #cccccc) { $color = #ffffff; } else { $color = #cccccc; } //remember to call htmlspecialchars() when we are displaying user data echo <tr bgcolor=\.$color.\><td><a href=\.$url.\>.htmlspecialchars($url).</a></td> <td><input type=\checkbox\ name=\del_me[]\ value=\.$url.\/></td> </tr>; } } else { echo <tr><td>No bookmarks on record</td></tr>; } ?> </table> </form> <?php } function display_user_menu() { // display the menu options on this page ?> <hr /> <a href=member.php>Home</a> <a href=add_bm_form.php>Add BM</a> <?php // only offer the delete option if bookmark table is on this page global $bm_table; if ($bm_table == true) { echo <a href=\#\ onClick=\bm_table.submit();\>Delete BM</a> ; } else { echo <span style=\color: #cccccc\>Delete BM</span> ; } ?> <a href=change_passwd_form.php>Change password</a> <br /> <a href=recommend.php>Recommend URLs to me</a> <a href=logout.php>Logout</a> <hr /> <?php } function display_add_bm_form() { // display the form for people to ener a new bookmark in ?> <form name=bm_table action=add_bms.php method=post> <table width=250 cellpadding=2 cellspacing=0 bgcolor=#cccccc> <tr><td>New BM:</td> <td><input type=text name=new_url value=


   // start session session_start(); $old_user = $_SESSION[valid_user]; unset($_SESSION[valid_user]); $result_dest = session_destroy(); do_html_header(Logging out); if (!empty($old_user)) { if ($result_dest) { echo Logged out.<br />; do_html_url(login.php, Login); }else { echo Could not log you out.<br />; } }else { echo You are not logged in ,so have not been logged out.<br />; do_html_url(login.php, Login); } do_html_footer(); ?>


   <?php require_once(bookmark_fns.php); do_html_header(User Registration); display_registration_form(); do_html_footer(); ?> register_new.php <?php require_once(bookmark_fns.php); // vars $email = $_POST[email]; $username = $_POST[username]; $passwd = $_POST[passwd]; $passwd2 = $_POST[passwd2]; // start session session_start(); // valid data try { if (!filled_out($_POST)) { throw new Exception(You have not filled the form out correctly - please go back and try again., 1); } if (!valid_email($email)) { throw new Exception(That is not a valid email address - please go back and try again., 1); } if ($passwd != $passwd2) { throw new Exception(The passwords you entered do not match - please go back and try again., 1); } if ((strlen($passwd) < 6) (strlen($passwd) > 16)) { throw new Exception(Your password must be between 6 and 16 characters - please go back and try again., 1); } register($username, $passwd, $email); $_SESSION[valid_user] = $username; do_html_header(Rigistration successful); do_html_url(member.php, Go to members page); do_html_footer(); } catch (Exception $e) { do_html_header(Problem: ); echo $e -> getMessage(); do_html_footer(); exit(); } ?>


   <?php require_once(bookmark_fns.php); do_html_header(Reset password); display_forgot_form(); do_html_footer(); ?> forgot_passwd.php <?php require_once(bookmark_fns.php); do_html_header(Resetting password); $username = $_POST[username]; try { // get random password $password = reset_password($username); notify_password($username, $password); echo Your new password has been emailed to you.<br />; }catch(Exception $e){ echo Your password could not be reset - please try again later.; } do_html_url(login.php, Login); do_html_footer(); ?> change_passwd_form.php <?php require_once(bookmark_fns.php); session_start(); do_html_header(Change password); check_valid_user(); display_password_form(); display_user_menu(); do_html_footer(); ?> change_passed.php <?php require_once(bookmark_fns.php); session_start(); do_html_header(Changing password); $old_passwd = $_POST[old_passwd]; $new_passwd = $_POST[new_passwd]; $new_passwd2 = $_POST[new_passwd2]; try { check_valid_user(); if (!filled_out($_POST)) { throw new Exception(You have not filled the form out correctly - please go back and try again., 1); } if ($new_passwd != $new_passwd2) { throw new Exception(The passwords you entered do not match - please go back and try again., 1); } if ((strlen($new_passwd) < 6) (strlen($new_passwd) > 16)) { throw new Exception(Your password must be between 6 and 16 characters - please go back and try again., 1); } change_password($_SESSION[valid_user], $old_passwd, $new_passwd2); echo Password changed.; }catch(Exception $e) { echo $e -> getMessage(); } display_user_menu(); do_html_footer(); ?> add_bm_form.php <?php // include function files for this application require_once(bookmark_fns.php); session_start(); // start output html do_html_header(Add Bookmarks); check_valid_user(); display_add_bm_form(); display_user_menu(); do_html_footer(); ?>


   <?php require_once(bookmark_fns.php); session_start(); $new_url = $_POST[new_url]; do_html_header(Adding bookmarks); try { check_valid_user(); if (!filled_out($_POST)) { throw new Exception(Form not completely filled out.); } if (strstr($new_url,


   <?php require_once(bookmark_fns.php); session_start(); $del_me = $_POST[del_me]; $valid_user = $_SESSION[valid_user]; do_html_header(Deleting bookmarks); check_valid_user(); if (!filled_out($_POST)) { echo <p>You have not chosen any bookmarks to delete.<br /> Please try again.</p>; display_user_menu(); do_html_footer(); exit; }else { if (count($del_me) > 0) { foreach ($del_me as $url) { if (delete_bm($valid_user, $url)) { echo Deleted .htmlspecialchars($url).<br />; }else { echo Could not deleted .htmlspecialchars($url).<br />; } } }else { echo No bookmarks selected for deletion.; } } if ($mks = get_user_urls($_SESSION[valid_user])) { display_user_urls($mks); } display_user_menu(); do_html_footer(); ?>


   <?php require_once(bookmark_fns.php); session_start(); do_html_header(Recommending URLS); try { check_valid_user(); $urls = recommend_urls($_SESSION[valid_user], 1); display_recommended_urls($urls); }catch(Exception $e) { echo $e -> getMessage(); } display_user_menu(); do_html_footer(); ?>


   <?php require_once(bookmark_fns.php); session_start(); @$username = $_POST[username]; @$passwd = $_POST[passwd]; if ($username && $passwd) { try { // Log in login($username, $passwd); $_SESSION[valid_user] = $username; }catch(Exception $e) { do_html_header(Problem: ); echo You could not be logged in. You must be logged in to view this page.; do_html_url(login.php, Login); do_html_footer(); exit; } } do_html_header(Home); check_valid_user(); if ($url_array = get_user_urls($_SESSION[valid_user])) { display_user_urls($url_array); } display_user_menu(); do_html_footer(); ?>


