PHP用户验证和标签推荐的简单使用

<?php
require_once('output_fns.php');
require_once('db_fns.php');
require_once('data_valid_fns.php');
require_once('url_fns.php');
require_once('user_auth_fns.php');
?>

<?php
// test that each variable has a value
function filled_out($form_vars) {
foreach ($form_vars as $key => $value) {
if ((!isset($key)) || ($value == '')) {
return false;
} 
} 
return true;
}
// valid email
function valid_email($address) {
if (ereg('^[a-za-z0-9_\.\-]+@[a-za-z0-9\-]+\.[a-za-z0-9\-\.]+$', $address)) {
return true;
}else {
return false;
}
}
?>

<?php
//conncet to db 
function db_connect() {
$db = new mysqli('127.0.0.1', 'bm_user', 'password', 'bookmarks');
if (!$db) {
throw new exception("could not connect to database server", 1);
}else {
return $db;
}
}
?>

<?php
require_once('db_fns.php');
// register 
function register($username, $email, $password) {
$conn = db_connect();
$results = $conn -> query("select * from user where username = '".$username."'");
if (!$results) {
throw new exception("could not execute query", 1);
}
if ($results -> num_rows > 0) {
throw new exception("that username is taken - go back and choose another one.", 1);
} 
$results = $conn -> query("insert into user values ('".$username."', sha1('".$email."'), '".$password."')");
if (!$results) {
throw new exception('could not register you in database - please try again later.');
}
return true;
}
// log in 
function login($username, $password) {
$conn = db_connect();
$results = $conn -> query("select * from user where username = '".$username."' and passwd = sha1('".$password."')");
if (!$results) {
throw new exception('could not log you in.');
}
if ($results -> num_rows > 0) {
return true;
}else {
throw new exception('could not log you in.');
}
}
// check valid user 
function check_valid_user() {
if (isset($_session['valid_user'])) {
echo "logged in as ".$_session['valid_user'].".<br />";
}else {
do_html_header('problem:');
echo "you are not logged in.<br />";
do_html_url('login.php', 'login');
do_html_foot();
exit;
}
}
// change password 
function change_password($username, $old_password, $new_password) {
login($username, $old_password);
$conn = db_connect();

$result = $conn -> query("update user set passwd = sha1('".$new_password."') where username = '".$username."'");
if (!$result) {
throw new exception('password could not be changed.');
} else {
return true; // changed successfully
}
}
function get_random_word($min_length, $max_length) {
// grab a random word from dictionary between the two lengths
// and return it
// generate a random word
$word = '';
// remember to change this path to suit your system
$dictionary = '/usr/dict/words'; // the ispell dictionary
$fp = @fopen($dictionary, 'r');
if(!$fp) {
return false;
}
$size = filesize($dictionary);
// go to a random location in dictionary
$rand_location = rand(0, $size);
fseek($fp, $rand_location);
// get the next whole word of the right length in the file
while ((strlen($word) < $min_length) || (strlen($word)>$max_length) || (strstr($word, "'"))) {
if (feof($fp)) {
fseek($fp, 0); // if at end, go to start
}
$word = fgets($fp, 80); // skip first word as it could be partial
$word = fgets($fp, 80); // the potential password
}
$word = trim($word); // trim the trailing \n from fgets
return $word;
}
function reset_password($username) {
// set password for username to a random value
// return the new password or false on failure
// get a random dictionary word b/w 6 and 13 chars in length
$new_password = get_random_word(6, 13);

if($new_password == false) {
throw new exception('could not generate new password.');
}
// add a number between 0 and 999 to it
// to make it a slightly better password
$rand_number = rand(0, 999);
$new_password .= $rand_number;
// set user's password to this in database or return false
$conn = db_connect();
$result = $conn->query("update user
set passwd = sha1('".$new_password."')
where username = '".$username."'");
if (!$result) {
throw new exception('could not change password.'); // not changed
} else {
return $new_password; // changed successfully
}
}
function notify_password($username, $password) {
// notify the user that their password has been changed
$conn = db_connect();
$result = $conn->query("select email from user
where username='".$username."'");
if (!$result) {
throw new exception('could not find email address.');
} else if ($result->num_rows == 0) {
throw new exception('could not find email address.');
// username not in db
} else {
$row = $result->fetch_object();
$email = $row->email;
$from = "from: support@phpbookmark \r\n";
$mesg = "your phpbookmark password has been changed to ".$password."\r\n"
."please change it next time you log in.\r\n";
if (mail($email, 'phpbookmark login information', $mesg, $from)) {
return true;
} else {
throw new exception('could not send email.');
}
}
}
?>

<?php
require_once('db_fns.php');
// get user urls
function get_user_urls($username) {
$conn = db_connect();
$results = $conn -> query("select bm_url 
from bookmark 
where username = '" . $username . "'");
if (!$results) {
return false;
}
$url_array = array();
for ($i = 1;$row = $results -> fetch_row();++$i) {
$url_array[$i] = $row[0];
}
return $url_array;
}
// add url to db
function add_bm($new_url) {
echo "attempting to add ".htmlspecialchars($new_url)."<br />";
$valid_user = $_session['valid_user'];
$conn = db_connect();
$results = $conn -> query(" select * from bookmark 
where username = '".$valid_user."' 
and bm_url = '".$new_url."'");
if ($results && ($results -> num_rows > 0)) {
throw new exception("bookmark already exists.", 1); 
}
$insert_result = $conn -> query("insert into bookmark values ('".$valid_user."', '".addslashes($new_url)."')");
if (!$insert_result) {
throw new exception("bookmark could not be inserted.", 1); 
}
return true;
}
// delete url 
function delete_bm($user, $url) {
$conn = db_connect();
$results = $conn -> query(" delete from bookmark 
where username = '".$user."' 
and bm_url = '".$url."'");
if (!$results) {
throw new exception("bookmark could not be deleted.", 1); 
}
return true; 
}
function recommend_urls($valid_user, $popularity = 1) {
$conn = db_connect();
// $query = "select bm_url
// from bookmark
// where username in
// (select distinct(b2.username)
// from bookmark b1, bookmark b2
// where b1.username='".$valid_user."'
// and b1.username != b2.username
// and b1.bm_url = b2.bm_url)
// and bm_url not in
// (select bm_url
// from bookmark
// where username='".$valid_user."')
// group by bm_url
// having count(bm_url)>".$popularity;
$query = "select bm_url
from bookmark
where username in
(select distinct(b2.username)
from bookmark b1, bookmark b2
where b1.username='".$valid_user."'
and b1.username != b2.username
and b1.bm_url = b2.bm_url)
and bm_url not in
(select bm_url
from bookmark
where username='".$valid_user."')
group by bm_url
having count(bm_url)>".$popularity;
if (!($result = $conn->query($query))) {
throw new exception('could not find any bookmarks to recommend.');
}
if ($result->num_rows==0) {
throw new exception('could not find any bookmarks to recommend.');
}
$urls = array();
// build an array of the relevant urls
for ($count=0; $row = $result->fetch_object(); $count++) {
$urls[$count] = $row->bm_url;
}
return $urls;
}
?>

<?php
function do_html_header($title) {
// print an html header
?>
<html>
<head>
<title><?php echo $title;?></title>
<style>
body { font-family: arial, helvetica, sans-serif; font-size: 13px }
li, td { font-family: arial, helvetica, sans-serif; font-size: 13px }
hr { color: #3333cc; width=300; text-align=left}
a { color: #000000 }
</style>
</head>
<body>
<img src="005.png" alt="phpbookmark logo" border="0"
align="left" valign="bottom" height="55" width="57" />
<h1>phpbookmark</h1>
<hr />
<?php
if($title) {
do_html_heading($title);
}
}
function do_html_footer() {
// print an html footer
?>
</body>
</html>
<?php
}
function do_html_heading($heading) {
// print heading
?>
<h2><?php echo $heading;?></h2>
<?php
}
function do_html_url($url, $name) {
// output url as link and br
?>
<br /><a href="<?php echo $url;?>"><?php echo $name;?></a><br />
<?php
}
function display_site_info() {
// display some marketing info
?>
<ul>
<li>store your bookmarks online with us!</li>
<li>see what other users use!</li>
<li>share your favorite links with others!</li>
</ul>
<?php
}
function display_login_form() {
?>
<p><a href="register_form.php">not a member?</a></p>
<form method="post" action="member.php">
<table bgcolor="#cccccc">
<tr>
<td colspan="2">members log in here:</td>
<tr>
<td>username:</td>
<td><input type="text" name="username"/></td></tr>
<tr>
<td>password:</td>
<td><input type="password" name="passwd"/></td></tr>
<tr>
<td colspan="2" align="center">
<input type="submit" value="log in"/></td></tr>
<tr>
<td colspan="2"><a href="forgot_form.php">forgot your password?</a></td>
</tr>
</table></form>
<?php
}
function display_registration_form() {
?>
<form method="post" action="register_new.php">
<table bgcolor="#cccccc">
<tr>
<td>email address:</td>
<td><input type="text" name="email" size="30" maxlength="100"/></td></tr>
<tr>
<td>preferred username <br />(max 16 chars):</td>
<td valign="top"><input type="text" name="username"
size="16" maxlength="16"/></td></tr>
<tr>
<td>password <br />(between 6 and 16 chars):</td>
<td valign="top"><input type="password" name="passwd"
size="16" maxlength="16"/></td></tr>
<tr>
<td>confirm password:</td>
<td><input type="password" name="passwd2" size="16" maxlength="16"/></td></tr>
<tr>
<td colspan=2 align="center">
<input type="submit" value="register"></td></tr>
</table></form>
<?php
}
function display_user_urls($url_array) {
// display the table of urls
// set global variable, so we can test later if this is on the page
global $bm_table;
$bm_table = true;
?>
<br />
<form name="bm_table" action="delete_bms.php" method="post">
<table width="300" cellpadding="2" cellspacing="0">
<?php
$color = "#cccccc";
echo "<tr bgcolor=\"".$color."\"><td><strong>bookmark</strong></td>";
echo "<td><strong>delete?</strong></td></tr>";
if ((is_array($url_array)) && (count($url_array) > 0)) {
foreach ($url_array as $url) {
if ($color == "#cccccc") {
$color = "#ffffff";
} else {
$color = "#cccccc";
}
//remember to call htmlspecialchars() when we are displaying user data
echo "<tr bgcolor=\"".$color."\"><td><a href=\"".$url."\">".htmlspecialchars($url)."</a></td>
<td><input type=\"checkbox\" name=\"del_me[]\"
value=\"".$url."\"/></td>
</tr>";
}
} else {
echo "<tr><td>no bookmarks on record</td></tr>";
}
?>
</table>
</form>
<?php
}
function display_user_menu() {
// display the menu options on this page
?>
<hr />
<a href="member.php">home</a>  | 
<a href="add_bm_form.php">add bm</a>  | 
<?php
// only offer the delete option if bookmark table is on this page
global $bm_table;
if ($bm_table == true) {
echo "<a href=\"#\" onclick=\"bm_table.submit();\">delete bm</a>  | ";
} else {
echo "<span style=\"color: #cccccc\">delete bm</span>  | ";
}
?>
<a href="change_passwd_form.php">change password</a>
<br />
<a href="recommend.php">recommend urls to me</a>  | 
<a href="logout.php">logout</a>
<hr />
<?php
}
function display_add_bm_form() {
// display the form for people to ener a new bookmark in
?>
<form name="bm_table" action="add_bms.php" method="post">
<table width="250" cellpadding="2" cellspacing="0" bgcolor="#cccccc">
<tr><td>new bm:</td>
<td><input type="text" name="new_url" value="http://"
size="30" maxlength="255"/></td></tr>
<tr><td colspan="2" align="center">
<input type="submit" value="add bookmark"/></td></tr>
</table>
</form>
<?php
}
function display_password_form() {
// display html change password form
?>
<br />
<form action="change_passwd.php" method="post">
<table width="250" cellpadding="2" cellspacing="0" bgcolor="#cccccc">
<tr><td>old password:</td>
<td><input type="password" name="old_passwd"
size="16" maxlength="16"/></td>
</tr>
<tr><td>new password:</td>
<td><input type="password" name="new_passwd"
size="16" maxlength="16"/></td>
</tr>
<tr><td>repeat new password:</td>
<td><input type="password" name="new_passwd2"
size="16" maxlength="16"/></td>
</tr>
<tr><td colspan="2" align="center">
<input type="submit" value="change password"/>
</td></tr>
</table>
<br />
<?php
}
function display_forgot_form() {
// display html form to reset and email password
?>
<br />
<form action="forgot_passwd.php" method="post">
<table width="250" cellpadding="2" cellspacing="0" bgcolor="#cccccc">
<tr><td>enter your username</td>
<td><input type="text" name="username" size="16" maxlength="16"/></td>
</tr>
<tr><td colspan=2 align="center">
<input type="submit" value="change password"/>
</td></tr>
</table>
<br />
<?php
}
function display_recommended_urls($url_array) {
// similar output to display_user_urls
// instead of displaying the users bookmarks, display recomendation
?>
<br />
<table width="300" cellpadding="2" cellspacing="0">
<?php
$color = "#cccccc";
echo "<tr bgcolor=\"".$color."\">
<td><strong>recommendations</strong></td></tr>";
if ((is_array($url_array)) && (count($url_array)>0)) {
foreach ($url_array as $url) {
if ($color == "#cccccc") {
$color = "#ffffff";
} else {
$color = "#cccccc";
}
echo "<tr bgcolor=\"".$color."\">
<td><a href=\"".$url."\">".htmlspecialchars($url)."</a></td></tr>";
}
} else {
echo "<tr><td>no recommendations for you today.</td></tr>";
}
?>
</table>
<?php
}
?>
login.php
<?php
require_once('bookmark_fns.php');
do_html_header('');
display_site_info();
display_login_form();
do_html_footer();
?>
logout.php
<?php

// start session
session_start();
$old_user = $_session['valid_user'];
unset($_session['valid_user']);
$result_dest = session_destroy();
do_html_header('logging out');
if (!empty($old_user)) {
if ($result_dest) {
echo 'logged out.<br />';
do_html_url('login.php', 'login');
}else {
echo 'could not log you out.<br />';
}
}else {
echo 'you are not logged in ,so have not been logged out.<br />';
do_html_url('login.php', 'login');
}
do_html_footer();
?>

<?php
require_once('bookmark_fns.php');
do_html_header('user registration');
display_registration_form();
do_html_footer();
?>
register_new.php
<?php
require_once('bookmark_fns.php');
// vars
$email = $_post['email'];
$username = $_post['username'];
$passwd = $_post['passwd'];
$passwd2 = $_post['passwd2'];
// start session
session_start();
// valid data 
try {
if (!filled_out($_post)) {
throw new exception("you have not filled the form out correctly - please go back and try again.", 1);
}
if (!valid_email($email)) { 
throw new exception("that is not a valid email address - please go back and try again.", 1);
}
if ($passwd != $passwd2) { 
throw new exception("the passwords you entered do not match - please go back and try again.", 1);
}
if ((strlen($passwd) < 6) || (strlen($passwd) > 16)) { 
throw new exception("your password must be between 6 and 16 characters - please go back and try again.", 1);
}
register($username, $passwd, $email);
$_session['valid_user'] = $username;
do_html_header('rigistration successful');
do_html_url('member.php', 'go to members page');
do_html_footer();
} catch (exception $e) {
do_html_header('problem: ');
echo $e -> getmessage();
do_html_footer();
exit();
}
?>

<?php
require_once('bookmark_fns.php');
do_html_header('reset password');
display_forgot_form();
do_html_footer();
?>
forgot_passwd.php
<?php
require_once('bookmark_fns.php');
do_html_header('resetting password');
$username = $_post['username'];
try {
// get random password 
$password = reset_password($username);
notify_password($username, $password);
echo "your new password has been emailed to you.<br />";
}catch(exception $e){
echo "your password could not be reset - please try again later.";
}
do_html_url('login.php', 'login');
do_html_footer();
?>
change_passwd_form.php
<?php
require_once('bookmark_fns.php');
session_start();
do_html_header('change password');
check_valid_user();
display_password_form();
display_user_menu(); 
do_html_footer();
?>
change_passed.php
<?php
require_once('bookmark_fns.php');
session_start();
do_html_header('changing password');
$old_passwd = $_post['old_passwd'];
$new_passwd = $_post['new_passwd'];
$new_passwd2 = $_post['new_passwd2'];
try {
check_valid_user();
if (!filled_out($_post)) {
throw new exception("you have not filled the form out correctly - please go back and try again.", 1);
}
if ($new_passwd != $new_passwd2) { 
throw new exception("the passwords you entered do not match - please go back and try again.", 1);
}
if ((strlen($new_passwd) < 6) || (strlen($new_passwd) > 16)) { 
throw new exception("your password must be between 6 and 16 characters - please go back and try again.", 1);
}
change_password($_session['valid_user'], $old_passwd, $new_passwd2);
echo 'password changed.';
}catch(exception $e) {
echo $e -> getmessage();
}
display_user_menu(); 
do_html_footer();
?>
add_bm_form.php
<?php
// include function files for this application
require_once('bookmark_fns.php');
session_start();
// start output html
do_html_header('add bookmarks');
check_valid_user();
display_add_bm_form();
display_user_menu();
do_html_footer();
?>

<?php
require_once('bookmark_fns.php');
session_start();
$new_url = $_post['new_url'];
do_html_header('adding bookmarks');
try {
check_valid_user();
if (!filled_out($_post)) {
throw new exception('form not completely filled out.');
} 
if (strstr($new_url, 'http://') === false) {
$new_url = 'http://'.$new_url;
} 
// check url is valid
if (!@fopen($new_url, 'r')) {
throw new exception('not a valid url.');
} 
add_bm($new_url);
echo "bookmark added";
if ($mks = get_user_urls($_session['valid_user'])) {
display_user_urls($mks);
}
}catch(exception $e) {
echo $e -> getmessage();
}
display_user_menu();
do_html_footer();
?>

<?php
require_once('bookmark_fns.php');
session_start();
$del_me = $_post['del_me'];
$valid_user = $_session['valid_user'];
do_html_header('deleting bookmarks');
check_valid_user();
if (!filled_out($_post)) {
echo "<p>you have not chosen any bookmarks to delete.<br />
please try again.</p>";
display_user_menu();
do_html_footer();
exit;
}else {
if (count($del_me) > 0) {
foreach ($del_me as $url) {
if (delete_bm($valid_user, $url)) {
echo "deleted ".htmlspecialchars($url)."<br />";
}else {
echo "could not deleted ".htmlspecialchars($url)."<br />";
}
}
}else {
echo "no bookmarks selected for deletion.";
}
}
if ($mks = get_user_urls($_session['valid_user'])) {
display_user_urls($mks);
}
display_user_menu();
do_html_footer();
?>

<?php
require_once('bookmark_fns.php');

session_start();
do_html_header('recommending urls');
try {
check_valid_user();
$urls = recommend_urls($_session['valid_user'], 1);
display_recommended_urls($urls);
}catch(exception $e) {
echo $e -> getmessage();
}
display_user_menu();
do_html_footer();
?>

<?php
require_once('bookmark_fns.php');
session_start();
@$username = $_post['username'];
@$passwd = $_post['passwd'];
if ($username && $passwd) {
try {
// log in 
login($username, $passwd);
$_session['valid_user'] = $username;
}catch(exception $e) {
do_html_header('problem: ');
echo "you could not be logged in. you must be logged in to view this page.";
do_html_url('login.php', 'login');
do_html_footer();
exit;
}
}
do_html_header('home');
check_valid_user();
if ($url_array = get_user_urls($_session['valid_user'])) {
display_user_urls($url_array);
}
display_user_menu();
do_html_footer();
?>