<&＃63;php
require_once('output_fns.php');
require_once('db_fns.php');
require_once('data_valid_fns.php');
require_once('url_fns.php');
require_once('user_auth_fns.php');
&＃63;>

<&＃63;php
// Test that each variable has a value
function filled_out($form_vars) {
foreach ($form_vars as $key => $value) {
if ((!isset($key)) || ($value == '')) {
return false;
} 
} 
return true;
}
// Valid email
function valid_email($address) {
if (ereg('^[a-zA-Z0-9_\.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$', $address)) {
return true;
}else {
return false;
}
}
&＃63;>

<&＃63;php
//Conncet to db 
function db_connect() {
$db = new mysqli('127.0.0.1', 'bm_user', 'password', 'bookmarks');
if (!$db) {
throw new Exception("Could not connect to database server", 1);
}else {
return $db;
}
}
&＃63;>

<&＃63;php
require_once('db_fns.php');
// register 
function register($username, $email, $password) {
$cOnn= db_connect();
$results = $conn -> query("select * from user where username = '".$username."'");
if (!$results) {
throw new Exception("Could not execute query", 1);
}
if ($results -> num_rows > 0) {
throw new Exception("That username is taken - go back and choose another one.", 1);
} 
$results = $conn -> query("insert into user values ('".$username."', sha1('".$email."'), '".$password."')");
if (!$results) {
throw new Exception('Could not register you in database - please try again later.');
}
return true;
}
// Log in 
function login($username, $password) {
$cOnn= db_connect();
$results = $conn -> query("select * from user where username = '".$username."' and passwd = sha1('".$password."')");
if (!$results) {
throw new Exception('Could not log you in.');
}
if ($results -> num_rows > 0) {
return true;
}else {
throw new Exception('Could not log you in.');
}
}
// Check valid user 
function check_valid_user() {
if (isset($_SESSION['valid_user'])) {
echo "Logged in as ".$_SESSION['valid_user'].".
";
}else {
do_html_header('Problem:');
echo "You are not logged in.
";
do_html_url('login.php', 'Login');
do_html_foot();
exit;
}
}
// change password 
function change_password($username, $old_password, $new_password) {
login($username, $old_password);
$cOnn= db_connect();

$result = $conn -> query("update user set passwd = sha1('".$new_password."') where username = '".$username."'");
if (!$result) {
throw new Exception('Password could not be changed.');
} else {
return true; // changed successfully
}
}
function get_random_word($min_length, $max_length) {
// grab a random word from dictionary between the two lengths
// and return it
// generate a random word
$word = '';
// remember to change this path to suit your system
$dictiOnary= '/usr/dict/words'; // the ispell dictionary
$fp = @fopen($dictionary, 'r');
if(!$fp) {
return false;
}
$size = filesize($dictionary);
// go to a random location in dictionary
$rand_location = rand(0, $size);
fseek($fp, $rand_location);
// get the next whole word of the right length in the file
while ((strlen($word) <$min_length) || (strlen($word)>$max_length) || (strstr($word, "'"))) {
if (feof($fp)) {
fseek($fp, 0); // if at end, go to start
}
$word = fgets($fp, 80); // skip first word as it could be partial
$word = fgets($fp, 80); // the potential password
}
$word = trim($word); // trim the trailing \n from fgets
return $word;
}
function reset_password($username) {
// set password for username to a random value
// return the new password or false on failure
// get a random dictionary word b/w 6 and 13 chars in length
$new_password = get_random_word(6, 13);

if($new_password == false) {
throw new Exception('Could not generate new password.');
}
// add a number between 0 and 999 to it
// to make it a slightly better password
$rand_number = rand(0, 999);
$new_password .= $rand_number;
// set user's password to this in database or return false
$cOnn= db_connect();
$result = $conn->query("update user
set passwd = sha1('".$new_password."')
where username = '".$username."'");
if (!$result) {
throw new Exception('Could not change password.'); // not changed
} else {
return $new_password; // changed successfully
}
}
function notify_password($username, $password) {
// notify the user that their password has been changed
$cOnn= db_connect();
$result = $conn->query("select email from user
where username='".$username."'");
if (!$result) {
throw new Exception('Could not find email address.');
} else if ($result->num_rows == 0) {
throw new Exception('Could not find email address.');
// username not in db
} else {
$row = $result->fetch_object();
$email = $row->email;
$from = "From: support@phpbookmark \r\n";
$mesg = "Your PHPBookmark password has been changed to ".$password."\r\n"
."Please change it next time you log in.\r\n";
if (mail($email, 'PHPBookmark login information', $mesg, $from)) {
return true;
} else {
throw new Exception('Could not send email.');
}
}
}
&＃63;>

<&＃63;php
require_once('db_fns.php');
// Get user urls
function get_user_urls($username) {
$cOnn= db_connect();
$results = $conn -> query("select bm_URL 
from bookmark 
where username = '" . $username . "'");
if (!$results) {
return false;
}
$url_array = array();
for ($i = 1;$row = $results -> fetch_row();++$i) {
$url_array[$i] = $row[0];
}
return $url_array;
}
// Add url to db
function add_bm($new_url) {
echo "Attempting to add ".htmlspecialchars($new_url)."
";
$valid_user = $_SESSION['valid_user'];
$cOnn= db_connect();
$results = $conn -> query(" select * from bookmark 
where username = '".$valid_user."' 
and bm_URL = '".$new_url."'");
if ($results && ($results -> num_rows > 0)) {
throw new Exception("Bookmark already exists.", 1); 
}
$insert_result = $conn -> query("insert into bookmark values ('".$valid_user."', '".addslashes($new_url)."')");
if (!$insert_result) {
throw new Exception("Bookmark could not be inserted.", 1); 
}
return true;
}
// Delete url 
function delete_bm($user, $url) {
$cOnn= db_connect();
$results = $conn -> query(" delete from bookmark 
where username = '".$user."' 
and bm_URL = '".$url."'");
if (!$results) {
throw new Exception("Bookmark could not be deleted.", 1); 
}
return true; 
}
function recommend_urls($valid_user, $popularity = 1) {
$cOnn= db_connect();
// $query = "select bm_URL
// from bookmark
// where username in
// (select distinct(b2.username)
// from bookmark b1, bookmark b2
// where b1.username='".$valid_user."'
// and b1.username != b2.username
// and b1.bm_URL = b2.bm_URL)
// and bm_URL not in
// (select bm_URL
// from bookmark
// where username='".$valid_user."')
// group by bm_url
// having count(bm_url)>".$popularity;
$query = "select bm_URL
from bookmark
where username in
(select distinct(b2.username)
from bookmark b1, bookmark b2
where b1.username='".$valid_user."'
and b1.username != b2.username
and b1.bm_URL = b2.bm_URL)
and bm_URL not in
(select bm_URL
from bookmark
where username='".$valid_user."')
group by bm_url
having count(bm_url)>".$popularity;
if (!($result = $conn->query($query))) {
throw new Exception('Could not find any bookmarks to recommend.');
}
if ($result->num_rows==0) {
throw new Exception('Could not find any bookmarks to recommend.');
}
$urls = array();
// build an array of the relevant urls
for ($count=0; $row = $result->fetch_object(); $count++) {
$urls[$count] = $row->bm_URL;
}
return $urls;
}
&＃63;>

<&＃63;php
function do_html_header($title) {
// print an HTML header
&＃63;>







PHPbookmark

<&＃63;php
if($title) {
do_html_heading($title);
}
}
function do_html_footer() {
// print an HTML footer
&＃63;>


<&＃63;php
}
function do_html_heading($heading) {
// print heading
&＃63;>
<&＃63;php echo $heading;&＃63;>
<&＃63;php
}
function do_html_URL($url, $name) {
// output URL as link and br
&＃63;>

<&＃63;php echo $name;&＃63;>

<&＃63;php
}
function display_site_info() {
// display some marketing info
&＃63;>

Store your bookmarks online with us!
See what other users use!
Share your favorite links with others!

<&＃63;php
}
function display_login_form() {
&＃63;>
Not a member&＃63;



Members log in here:

Username:


Password:





Forgot your password&＃63;


<&＃63;php
}
function display_registration_form() {
&＃63;>



Email address:


Preferred username 
(max 16 chars):


Password 
(between 6 and 16 chars):


Confirm password:





<&＃63;php
}
function display_user_urls($url_array) {
// display the table of URLs
// set global variable, so we can test later if this is on the page
global $bm_table;
$bm_table = true;
&＃63;>




<&＃63;php
$color = "#cccccc";
echo "";
echo "";
if ((is_array($url_array)) && (count($url_array) > 0)) {
foreach ($url_array as $url) {
if ($color == "#cccccc") {
$color = "#ffffff";
} else {
$color = "#cccccc";
}
//remember to call htmlspecialchars() when we are displaying user data
echo "";
}
} else {
echo "";
}
&＃63;>
Bookmark
Delete&＃63;
".htmlspecialchars($url)."

No bookmarks on record

<&＃63;php
}
function display_user_menu() {
// display the menu options on this page
&＃63;>

Home  | 
Add BM  | 
<&＃63;php
// only offer the delete option if bookmark table is on this page
global $bm_table;
if ($bm_table == true) {
echo "Delete BM  | ";
} else {
echo "Delete BM  | ";
}
&＃63;>
Change password


Recommend URLs to me  | 
Logout

<&＃63;php
}
function display_add_bm_form() {
// display the form for people to ener a new bookmark in
&＃63;>


New BM:





<&＃63;php
}
function display_password_form() {
// display html change password form
&＃63;>




Old password:


New password:


Repeat new password:








<&＃63;php
}
function display_forgot_form() {
// display HTML form to reset and email password
&＃63;>




Enter your username








<&＃63;php
}
function display_recommended_urls($url_array) {
// similar output to display_user_urls
// instead of displaying the users bookmarks, display recomendation
&＃63;>



<&＃63;php
$color = "#cccccc";
echo "";
if ((is_array($url_array)) && (count($url_array)>0)) {
foreach ($url_array as $url) {
if ($color == "#cccccc") {
$color = "#ffffff";
} else {
$color = "#cccccc";
}
echo "";
}
} else {
echo "";
}
&＃63;>

Recommendations

".htmlspecialchars($url)."
No recommendations for you today.
<&＃63;php
}
&＃63;>
login.php
<&＃63;php
require_once('bookmark_fns.php');
do_html_header('');
display_site_info();
display_login_form();
do_html_footer();
&＃63;>
logout.php
<&＃63;php

// start session
session_start();
$old_user = $_SESSION['valid_user'];
unset($_SESSION['valid_user']);
$result_dest = session_destroy();
do_html_header('Logging out');
if (!empty($old_user)) {
if ($result_dest) {
echo 'Logged out.
';
do_html_url('login.php', 'Login');
}else {
echo 'Could not log you out.
';
}
}else {
echo 'You are not logged in ,so have not been logged out.
';
do_html_url('login.php', 'Login');
}
do_html_footer();
&＃63;>

<&＃63;php
require_once('bookmark_fns.php');
do_html_header('User Registration');
display_registration_form();
do_html_footer();
&＃63;>
register_new.php
<&＃63;php
require_once('bookmark_fns.php');
// vars
$email = $_POST['email'];
$username = $_POST['username'];
$passwd = $_POST['passwd'];
$passwd2 = $_POST['passwd2'];
// start session
session_start();
// valid data 
try {
if (!filled_out($_POST)) {
throw new Exception("You have not filled the form out correctly - please go back and try again.", 1);
}
if (!valid_email($email)) { 
throw new Exception("That is not a valid email address - please go back and try again.", 1);
}
if ($passwd != $passwd2) { 
throw new Exception("The passwords you entered do not match - please go back and try again.", 1);
}
if ((strlen($passwd) <6) || (strlen($passwd) > 16)) { 
throw new Exception("Your password must be between 6 and 16 characters - please go back and try again.", 1);
}
register($username, $passwd, $email);
$_SESSION['valid_user'] = $username;
do_html_header('Rigistration successful');
do_html_url('member.php', 'Go to members page');
do_html_footer();
} catch (Exception $e) {
do_html_header('Problem: ');
echo $e -> getMessage();
do_html_footer();
exit();
}
&＃63;>

<&＃63;php
require_once('bookmark_fns.php');
do_html_header('Reset password');
display_forgot_form();
do_html_footer();
&＃63;>
forgot_passwd.php
<&＃63;php
require_once('bookmark_fns.php');
do_html_header('Resetting password');
$username = $_POST['username'];
try {
// get random password 
$password = reset_password($username);
notify_password($username, $password);
echo "Your new password has been emailed to you.
";
}catch(Exception $e){
echo "Your password could not be reset - please try again later.";
}
do_html_url('login.php', 'Login');
do_html_footer();
&＃63;>
change_passwd_form.php
<&＃63;php
require_once('bookmark_fns.php');
session_start();
do_html_header('Change password');
check_valid_user();
display_password_form();
display_user_menu(); 
do_html_footer();
&＃63;>
change_passed.php
<&＃63;php
require_once('bookmark_fns.php');
session_start();
do_html_header('Changing password');
$old_passwd = $_POST['old_passwd'];
$new_passwd = $_POST['new_passwd'];
$new_passwd2 = $_POST['new_passwd2'];
try {
check_valid_user();
if (!filled_out($_POST)) {
throw new Exception("You have not filled the form out correctly - please go back and try again.", 1);
}
if ($new_passwd != $new_passwd2) { 
throw new Exception("The passwords you entered do not match - please go back and try again.", 1);
}
if ((strlen($new_passwd) <6) || (strlen($new_passwd) > 16)) { 
throw new Exception("Your password must be between 6 and 16 characters - please go back and try again.", 1);
}
change_password($_SESSION['valid_user'], $old_passwd, $new_passwd2);
echo 'Password changed.';
}catch(Exception $e) {
echo $e -> getMessage();
}
display_user_menu(); 
do_html_footer();
&＃63;>
add_bm_form.php
<&＃63;php
// include function files for this application
require_once('bookmark_fns.php');
session_start();
// start output html
do_html_header('Add Bookmarks');
check_valid_user();
display_add_bm_form();
display_user_menu();
do_html_footer();
&＃63;>

<&＃63;php
require_once('bookmark_fns.php');
session_start();
$new_url = $_POST['new_url'];
do_html_header('Adding bookmarks');
try {
check_valid_user();
if (!filled_out($_POST)) {
throw new Exception('Form not completely filled out.');
} 
if (strstr($new_url, 'http://') === false) {
$new_url = 'http://'.$new_url;
} 
// check url is valid
if (!@fopen($new_url, 'r')) {
throw new Exception('Not a valid URL.');
} 
add_bm($new_url);
echo "Bookmark added";
if ($mks = get_user_urls($_SESSION['valid_user'])) {
display_user_urls($mks);
}
}catch(Exception $e) {
echo $e -> getMessage();
}
display_user_menu();
do_html_footer();
&＃63;>

<&＃63;php
require_once('bookmark_fns.php');
session_start();
$del_me = $_POST['del_me'];
$valid_user = $_SESSION['valid_user'];
do_html_header('Deleting bookmarks');
check_valid_user();
if (!filled_out($_POST)) {
echo "
You have not chosen any bookmarks to delete.

Please try again.
";
display_user_menu();
do_html_footer();
exit;
}else {
if (count($del_me) > 0) {
foreach ($del_me as $url) {
if (delete_bm($valid_user, $url)) {
echo "Deleted ".htmlspecialchars($url)."
";
}else {
echo "Could not deleted ".htmlspecialchars($url)."
";
}
}
}else {
echo "No bookmarks selected for deletion.";
}
}
if ($mks = get_user_urls($_SESSION['valid_user'])) {
display_user_urls($mks);
}
display_user_menu();
do_html_footer();
&＃63;>

<&＃63;php
require_once('bookmark_fns.php');

session_start();
do_html_header('Recommending URLS');
try {
check_valid_user();
$urls = recommend_urls($_SESSION['valid_user'], 1);
display_recommended_urls($urls);
}catch(Exception $e) {
echo $e -> getMessage();
}
display_user_menu();
do_html_footer();
&＃63;>

<&＃63;php
require_once('bookmark_fns.php');
session_start();
@$username = $_POST['username'];
@$passwd = $_POST['passwd'];
if ($username && $passwd) {
try {
// Log in 
login($username, $passwd);
$_SESSION['valid_user'] = $username;
}catch(Exception $e) {
do_html_header('Problem: ');
echo "You could not be logged in. You must be logged in to view this page.";
do_html_url('login.php', 'Login');
do_html_footer();
exit;
}
}
do_html_header('Home');
check_valid_user();
if ($url_array = get_user_urls($_SESSION['valid_user'])) {
display_user_urls($url_array);
}
display_user_menu();
do_html_footer();
&＃63;>