花了一天时间实现了一个 简单的用户登录验证的小模型。

基本实现了现在 用户登录模块的绝大多数功能, 也算是 熟悉了一下系统的逻辑。

在这个小模型中, 实现了以下的基本功能 :

  •  Logging in and authenticating users .
  •  Managing passwords
  •  Recording user preferences
  •  Personalizing content
  •  Recommending content based on existing knowledge about a user

 简单来说,分为3个小模块组成 :

1. Register . 用户通过浏览 注册 成为 网站的 member 

2. Login . 已经注册的用户通过 已注册的用户名和密码 登录网站, 显示用户的 个性化页面(Personalize Page)

3. Forget Password. 用户忘记密码,利用 phpMailer 通过 Gmail 往用户注册的邮箱发送一个随机生成的新密码。 用户可使用重新新密码登录。

这个 小Model 逻辑比较简单, 整个模型的 框架 如图 :

 

其中是利用了 phpMailer 通过 Gmail STMP 往注册用户发送邮件(因为localhost本身是没有注册STMP,

发出的邮件基本会被当做 垃圾邮件 处理)。这个模块的 代码没有放在 这里, 具体可以参考 下一篇。

/***      add_bm_form.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:13 PM
 */

// Form for adding new bookmarks
// include function files for this application
require_once('bookmark_fns.php');
session_start();

// start output html
do_html_header('Add Bookmarks');

check_valid_user();
display_add_bm_form();

display_user_menu();
do_html_footer();

?>
View Code

/***      add_bms.php      ***/ 

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:13 PM
 */
 require_once('bookmark_fns.php');
 session_start();

  //create short variable name
  $new_url = $_POST['new_url'];

  do_html_header('Adding bookmarks');

  try
  {
      check_valid_user();
      if (!filled_out($_POST))
      {
          throw new Exception('Form not completely filled out.');
      }
      // check URL format
      if (strstr($new_url, 'http://')===false)
          $new_url = 'http://'.$new_url;

      // check URL is valid
      if (!(@fopen($new_url, 'r')))
          throw new Exception('Not a valid URL.');
      // try to add bm
      add_bm($new_url);
      echo 'Bookmark added.';

      // get the bookmarks this user has saved
      if ($url_array = get_user_urls($_SESSION['valid_user']))
          display_user_urls($url_array);
  }
  catch (Exception $e)
  {
      echo $e->getMessage();
  }
  display_user_menu();
  do_html_footer();
?>
View Code

/***      bookmark_fns.php      ***/ 

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:18 PM
 */


// A collection of includes for the application
// we can include this file in all our files
// this way, every file will contain all our functions and exceptions

    require_once('data_valid_fns.php');
    require_once('db_fns.php');
    require_once('user_auth_fns.php');
    require_once('output_fns.php');
    require_once('url_fns.php');
    require_once('PHPMailer-master/examples/gmail.php');
    
?>
View Code

/***      bookmark.sql      ***/ 

# SQL stateemnts to create the PHPbookmark database


CREATE database bookmarks;
use bookmarks;

CREATE TABLE user (
  username VARCHAR(16) NOT NULL PRIMARY KEY ,
  passwd CHAR(40) NOT NULL,
  email VARCHAR(100) NOT NULL
);

CREATE TABLE bookmark (
  username VARCHAR (16) NOT NULL ,
  bm_URL VARCHAR(255) NOT NULL ,
  index (username),
  index (bm_URL),
  PRIMARY KEY (username, bm_URL)
);

GRANT SELECT , INSERT , UPDATE , DELETE
ON bookmarks .*
TO bm_user@localhost identified by 'password';

#  set up this database on your system by running this set of commmands as the root MySQL suer.
#  You can do this with the following commond on your system's command line :
#  mysql -u root -p < bookmarks.sql
View Code

/***      change_passwd.php      ***/ 

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:17 PM
 */

//script to change a user's password in the database
    require_once('bookmark_fns.php');
    session_start();
    do_html_header('Changing passwd');

//create short varible names
    $old_passwd = $_POST['old_passwd'];
    $new_passwd = $_POST['new_passwd'];
    $new_passwd2 = $_POST['new_passwd2'];

    try{
        check_valid_user();
        if(!filled_out($_POST)) {
            throw new Exception('You have not filled out the form completely.
                                Please try again');
        }
        if($new_passwd != $new_passwd2) {
            throw new Exception('Passwords entered were not the same. Not changed');
        }
        // attempt update change_password
        change_password($_SESSION['valid_user'], $old_passwd, $new_passwd);
        echo 'Password changed';
    } catch (Exception $e) {
        echo $e->getMessage();
    }
    display_user_menu();
    do_html_footer();
View Code

/***      change_passwd_form.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:16 PM
 */


//Form for members to fill out if they want to change their passwords

 require_once('bookmark_fns.php');
 session_start();
 do_html_header('Change password');
 check_valid_user();

 display_password_form();

 display_user_menu();
 do_html_footer();
?>
View Code

/***      data_valid_fns.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:19 PM
 */

    function filled_out( $form_vars ) {
        //test that each variable has a value
        foreach($form_vars as $key => $value) {
            if( (!isset($key)) || ($value=='') ) {
                return false;
            }
        }
        return true;
    }

function valid_email($address)
{
    // check an email address is possibly valid
    if (ereg('^[a-zA-Z0-9_\.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$', $address))
        return true;
    else
        return false;
}
View Code

/***      db_fns.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:20 PM
 */

function db_connect() {
    $result = new mysqli('localhost', 'bm_user', 'password', 'bookmarks');
    if(!$result) {
        throw new Exception('Could not connect to database server');
    } else {
        return $result;
    }
}
View Code

/***      delete_bms.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:14 PM
 */


//Script to delete selected bookmarks from a user's list
    require_once('bookmark_fns.php');    
    session_start();
    
    //create short varible names
    $del_me = $_POST['del_me'];
    $valid_user = $_SESSION['valid_user'];

    do_html_header('Deleting bookmarks');
    check_valid_user();

    if(!filled_out($_POST)) {
        echo '<p> You have not chosen any bookmarks to delete.<br>
                    Please try again later .</p>';
        display_user_menu();
        do_html_footer();
        exit;
    } else {
        if(count($del_me)>0 ) {
           foreach($del_me as $url) {
                if( delete_bm($valid_user, $url)) {
                    echo 'Delete '.htmlspecialchars($url).'.<br />';
                } else {
                    echo 'Could not delete '.htmlspecialchars($url). '.<br />';
                }
           }
        } else {
            echo 'No bookmarks selected for deletion';
        }
    }

    // get the bookmarks this user has saved
    if( $url_array = get_user_urls($valid_user) ) {
        display_user_urls($url_array);
    }

    display_user_menu();
    do_html_footer();
View Code

/***      forgot_form.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:10 PM
 */

//Form for users to fill out if they've forgotten
 require_once('bookmark_fns.php');
 do_html_header('Reset password');

 display_forgot_form();

 do_html_footer();
?>
View Code

/***      forgot_passwd.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:11 PM
 */

//Scritp to reset forgotten passwords
    require_once('bookmark_fns.php');
    require_once('notify_passwd.php');

    do_html_header("Resetting password");

    //create short varible name
    $username = $_POST['username'];

    try{
        $password = reset_password($username);
        notify_password($username, $password);
        echo 'Your new password has been emailed to you. <br />';
    } catch (Exception $e) {
        echo 'Your password could not be reset - please try again later';
    }
    do_html_URL('login.php', 'Login');
    do_html_footer();
?>
View Code

/***      login.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:08 PM
 */

// Front page with login form for the system
    
    
//         require 'usr/file2.php';
//      require 'usr/dict/file1.php';
        
    
    
    require_once('bookmark_fns.php');
    do_html_header('');

    display_site_info();
    display_login_form();

    do_html_footer();

?>
View Code

/***      logout.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:17 PM
 */


//Script to log a user out of the application

require_once('bookmark_fns.php');
session_start();
$old_user = $_SESSION['valid_user'];

// store to test if they were logged in

unset($_SESSION['valid_user']);
$result_dest = session_destroy();

//start ouput html
do_html_header('Logging Out');

if( !empty($old_user) ){
    if($result_dest) {
        // if they were logged in and are now logged out
        echo 'Logged out.<br />';
        do_html_URL('login.php','Login');
    } else {
        //they were logged in and could not be logged out
        echo 'Could not log you out. <br />';
    }
} else {
    //if they were't logged in but came to this page somehow
    echo 'You were not logged in, and so have not been logged out.<br />';
    do_html_URL('login.php','Login');
}
do_html_footer();

?>
View Code

/***      member.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:12 PM
 */

// A user's main page, with a view of all his current bookmarks

require_once('bookmark_fns.php');
session_start();

$username = $_POST['username'];
$passwd = $_POST['passwd'];

if($username && $passwd) {
    //they have just tried logging in
    try {
        login($username, $passwd);
        $_SESSION['valid_user'] = $username;
    } catch(Exception $e) {
        //unsuccessful login
        do_html_header('Problem:');
        echo 'You could not be logged in.
                You must be logged in to view this page';
        do_html_URL('login.php','Login');
        do_html_footer();
        exit;
    }
}

do_html_header('Home');

// This function checks that the current user has a registered session.
// This is aimed at users who have not just logged in, but are mid-session
check_valid_user();
// get the bookmarks this user has saved
if($url_array = get_user_urls($_SESSION['valid_user'])) {
    display_user_urls($url_array);
}

// give menu of options
display_user_menu();
do_html_footer();
View Code

/***      notify_passwd.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/29/2015
 * Time: 1:50 PM
 */

    function notify_password($username, $password) {
        
        $conn = db_connect();
        $select_query = "SELECT email FROM user WHERE username = '$username' ";
        $result = $conn->query($select_query);

        if(!$result) {
            throw new Exception('Could not find email address');
        } else if ($result->num_rows == 0) {
            throw new Exception('Could not find email address');
        } else {

            $row = $result->fetch_object();
            $sendto_email = $row->email;
               $subject = "Please note that your password has changed";    
            $body = "Your PHPBookMark password has been changed to " .$password. "\r\n"
                               ."Please change it next time you log in. \r\n";
       
            $send_success = stmp_mail($sendto_email,$subject,$body,$username);
            if($send_success) {
                return true;
            } else {
                throw new Exception('Could not send email');
            }
        }

    }
View Code

/***      output_fns.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:21 PM
 */


function do_html_header($title)
{
  // print an HTML header
?>
<html>
<head>
    <title><?php echo $title;?></title>
    <style>
        body { font-family: Arial, Helvetica, sans-serif; font-size: 13px }
        li, td { font-family: Arial, Helvetica, sans-serif; font-size: 13px }
        hr { color: #3333cc; width=300; text-align=left}
        a { color: #000000 }
    </style>
</head>
<body>
<img src="bookmark.gif" alt="PHPbookmark logo" border=0
     align=left valign=bottom height = 55 width = 57 />
<h1>&nbsp;PHPbookmark</h1>
<hr />
<?php
if($title)
    do_html_heading($title);
}

function do_html_footer()
{
// print an HTML footer
?>
</body>
</html>
<?php
}

function do_html_heading($heading)
{
    // print heading
    ?>
    <h2><?php echo $heading;?></h2>
    <?php
}

function do_html_URL($url, $name)
{
    // output URL as link and br
    ?>
    <br /><a href="<?php echo $url;?>"><?php echo $name;?></a><br />
    <?php
}

function display_site_info()
{
    // display some marketing info
    ?>
    <ul>
        <li>Store your bookmarks online with us!</li>
        <li>See what other users use!</li>
        <li>Share your favorite links with others!</li>
    </ul>
    <?php
}

function display_login_form()
{
    ?>
    <a href='register_form.php'>Not a member?</a>
    <form method='post' action='member.php'>
        <table bgcolor='#cccccc'>
            <tr>
                <td colspan=2>Members log in here:</td>
            <tr>
                <td>Username:</td>
                <td><input type='text' name='username'></td></tr>
            <tr>
                <td>Password:</td>
                <td><input type='password' name='passwd'></td></tr>
            <tr>
                <td colspan=2 align='center'>
                    <input type='submit' value='Log in'></td></tr>
            <tr>
                <td colspan=2><a href='forgot_form.php'>Forgot your password?</a></td>
            </tr>
        </table></form>
    <?php
}

function display_registration_form()
{
    ?>
    <form method='post' action='register_new.php'>
        <table bgcolor='#cccccc'>
            <tr>
                <td>Email address:</td>
                <td><input type='text' name='email' size=30 maxlength=100></td></tr>
            <tr>
                <td>Preferred username <br />(max 16 chars):</td>
                <td valign='top'><input type='text' name='username'
                                        size=16 maxlength=16></td></tr>
            <tr>
                <td>Password <br />(between 6 and 16 chars):</td>
                <td valign='top'><input type='password' name='passwd'
                                        size=16 maxlength=16></td></tr>
            <tr>
                <td>Confirm password:</td>
                <td><input type='password' name='passwd2' size=16 maxlength=16></td></tr>
            <tr>
                <td colspan=2 align='center'>
                    <input type='submit' value='Register'></td></tr>
        </table></form>
    <?php

}

function display_user_urls($url_array)
{
    // display the table of URLs

    // set global variable, so we can test later if this is on the page
    global $bm_table;
    $bm_table = true;
    ?>
    <br />
    <form name='bm_table' action='delete_bms.php' method='post'>
        <table width=300 cellpadding=2 cellspacing=0>
            <?php
            $color = "#cccccc";
            echo "<tr bgcolor='$color'><td><strong>Bookmark</strong></td>";
            echo "<td><strong>Delete?</strong></td></tr>";
            if (is_array($url_array) && count($url_array)>0)
            {
                foreach ($url_array as $url)
                {
                    if ($color == "#cccccc")
                        $color = "#ffffff";
                    else
                        $color = "#cccccc";
                    // remember to call htmlspecialchars() when we are displaying user data
                    echo "<tr bgcolor='$color'><td><a href=\"$url\">".htmlspecialchars($url)."</a></td>";
                    echo "<td><input type='checkbox' name=\"del_me[]\"
             value=\"$url\"></td>";
                    echo "</tr>";
                }
            }
            else
                echo "<tr><td>No bookmarks on record</td></tr>";
            ?>
        </table>
    </form>
    <?php
}

function display_user_menu()
{
    // display the menu options on this page
    ?>
    <hr />
    <a href="member.php">Home</a> &nbsp;|&nbsp;
    <a href="add_bm_form.php">Add BM</a> &nbsp;|&nbsp;
    <?php
    // only offer the delete option if bookmark table is on this page
    global $bm_table;
    if($bm_table==true)
        echo "<a href='#' onClick='bm_table.submit();'>Delete BM</a>&nbsp;|&nbsp;";
    else
        echo "<font color='#cccccc'>Delete BM</font>&nbsp;|&nbsp;";
    ?>
    <a href="change_passwd_form.php">Change password</a>
    <br />
    <a href="recommend.php">Recommend URLs to me</a> &nbsp;|&nbsp;
    <a href="logout.php">Logout</a>
    <hr />

    <?php
}

function display_add_bm_form()
{
    // display the form for people to ener a new bookmark in
    ?>
    <form name='bm_table' action='add_bms.php' method='post'>
        <table width=250 cellpadding=2 cellspacing=0 bgcolor='#cccccc'>
            <tr><td>New BM:</td><td><input type='text' name='new_url'  value="http://"
                                           size=30 maxlength=255></td></tr>
            <tr><td colspan=2 align='center'><input type='submit' value='Add bookmark'></td></tr>
        </table>
    </form>
    <?php
}

function display_password_form()
{
// display html change password form
?>
<br />
<form action='change_passwd.php' method='post'>
    <table width=250 cellpadding=2 cellspacing=0 bgcolor='#cccccc'>
        <tr><td>Old password:</td>
            <td><input type='password' name='old_passwd' size=16 maxlength=16></td>
        </tr>
        <tr><td>New password:</td>
            <td><input type='password' name='new_passwd' size=16 maxlength=16></td>
        </tr>
        <tr><td>Repeat new password:</td>
            <td><input type='password' name='new_passwd2' size=16 maxlength=16></td>
        </tr>
        <tr><td colspan=2 align='center'><input type='submit' value='Change password'>
            </td></tr>
    </table>
    <br />
    <?php
    };

    function display_forgot_form()
    {
    // display HTML form to reset and email password
    ?>
    <br />
    <form action='forgot_passwd.php' method='post'>
        <table width=250 cellpadding=2 cellspacing=0 bgcolor='#cccccc'>
            <tr><td>Enter your username</td>
                <td><input type='text' name='username' size=16 maxlength=16></td>
            </tr>
            <tr><td colspan=2 align='center'><input type='submit' value='Change password'>
                </td></tr>
        </table>
        <br />
        <?php
        };

        function display_recommended_urls($url_array)
        {
            // similar output to display_user_urls
            // instead of displaying the users bookmarks, display recomendation
            ?>
            <br />
            <table width=300 cellpadding=2 cellspacing=0>
                <?php
                $color = "#cccccc";
                echo "<tr bgcolor=$color><td><strong>Recommendations</strong></td></tr>";
                if (is_array($url_array) && count($url_array)>0)
                {
                    foreach ($url_array as $url)
                    {
                        if ($color == "#cccccc")
                            $color = "#ffffff";
                        else
                            $color = "#cccccc";
                        echo "<tr bgcolor='$color'><td><a href=\"$url\">".htmlspecialchars($url)."</a></td></tr>";
                    }
                }
                else
                    echo "<tr><td>No recommendations for you today.</td></tr>";
                ?>
            </table>
            <?php
        };

        ?>
View Code

/***      recommend.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:15 PM
 */

//Script to suggest recommendations to a user, based on users with similar interests
View Code

/***      register_form.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:08 PM
 */

//Form for users to register in the system

    require_once('bookmark_fns.php');

    do_html_header('User registration');

    display_registration_form();

    do_html_footer();
?>
View Code

/***      register_new.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:10 PM
 */
    require_once('bookmark_fns.php');

//Script to process new registrations

    $email = $_POST['email'];
    $username = $_POST['username'];
    $passwd = $_POST['passwd'];
    $passwd2 = $_POST['passwd2'];

// start session which may be needed later
// start it now becuase it must go before headers
    session_start();
    try {
        //check forms filled in
        if(!filled_out($_POST)) {
            throw new Exception('You have not filled the form out correctly -
                                 Please go back and try again');
        }
        // email address not valid
        if(!valid_email($email)) {
            throw new Exception('That is not a valid email address -
                                 Please go back and try again');
        }
        // passwords not the same
        if( $passwd != $passwd2) {
            throw new Exception('The passwords you enteren do not match -
                                 Please go back and try again');
        }
        // check password length is ok
        // ok if username truncates, but passwords will get
        // munged if they are too long
        if((strlen($passwd) < 6) || (strlen($passwd) > 16)) {
            throw new Exception('Your password must be between 6 and 16 characters -
                                 Please go back and try again');
        }
        // attempt to register
        // this function can also throw an exception
        register($username, $email, $passwd) ;

        // register session variable
        $_SESSION['valid_user'] = $username;


        //provide link to members page
        do_html_header("Registration successful");
        echo 'Your registration was successful. Go to the memers page to start
                setting up your bookmarks!';
        do_html_URL('member.php', 'Go to members page');
        //end page
    } catch (Exception $e) {
        do_html_header('Problem:');
        echo $e->getMessage();
        do_html_footer();
        exit;
    }
View Code

/***      url_fns.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:20 PM
 */
require_once('db_fns.php');

function add_bm($new_url)
{
    // Add new bookmark to the database

    echo "Attempting to add ".htmlspecialchars($new_url).'<br />';
    $valid_user = $_SESSION['valid_user'];

    $conn = db_connect();

    // check not a repeat bookmark
    $result = $conn->query("select * from bookmark
                         where username='$valid_user'
                         and bm_URL='$new_url'");
    if ($result && ($result->num_rows>0))
        throw new Exception('Bookmark already exists.');

    // insert the new bookmark
    if (!$conn->query( "insert into bookmark values
                          ('$valid_user', '$new_url')"))
        throw new Exception('Bookmark could not be inserted.');

    return true;
}


function get_user_urls($username)
{
    //extract from the database all the URLs this user has stored
    $conn = db_connect();
    $result = $conn->query( "select bm_URL
                          from bookmark
                          where username = '$username'");
    if (!$result)
        return false;

    //create an array of the URLs
    $url_array = array();
    for ($count = 1; $row = $result->fetch_row(); ++$count)
    {
        $url_array[$count] = $row[0];
    }
    return $url_array;
}


function delete_bm($user, $url)
{
    // delete one URL from the database
    $conn = db_connect();
    // delete the bookmark
    if (!$conn->query( "delete from bookmark
                       where username='$user' and bm_url='$url'"))
        throw new Exception('Bookmark could not be deleted');
    return true;
}
View Code

/***      user_auth_fns.php      ***/

<?php
/**
 * Created by IntelliJ IDEA.
 * User: Administrator
 * Date: 9/25/2015
 * Time: 2:20 PM
 */


function register($username, $email, $password) {
    //register new person with db
    //return true or error message

    // connect to db
    $conn = db_connect();

    //check if username is unique
    $check_query = "SELECT * FROM user WHERE username= '$username' ";
    $result = mysqli_query($conn, $check_query);
    if( !$result ) {
        throw new Exception('Could not excute the check query');
    }
    if( $result->num_rows>0 ) {
        throw new Exception('That username is taken -
                             Go back and choose another one');
    }
    // if ok, put in db
    $insert_query = "INSERT INTO user VALUE ('$username', sha1('$password'), '$email')";
    $result = $conn->query($insert_query);

    if(!$insert_query) {
        throw new Exception('Could not register you in database -
                            Please try again later.');
    }
    return true;
}


//This function checks a User's Details Against the Database

function login($username, $password) {
    //check username and password with db
    //if yes, return true
    //else throw exception

    $conn = db_connect();

    $check_query = "SELECT * FROM user WHERE  username = '$username' AND passwd = sha1('$password')" ;
    $result = $conn->query($check_query);

    if(!result) {
        throw new Exception('Could not log you in');
    }
    if($result->num_rows > 0) {
        return true;
    } else {
        throw new Exception('Could not log you in');
    }

}


// This function Checks That the User Has a Valid Session
function check_valid_user() {
    //see if somebody is logged in and notify them if not
    if( isset($_SESSION['valid_user']) ) {
        echo "Logged in as " .$_SESSION['valid_user'] .".</br>";
    } else {
        // they are not logged in
        do_html_heading('Problem:');
        echo 'You are not logged in .</br>';
        do_html_URL('login.php', 'Login');
        do_html_footer();
        exit;
    }
}

//This function Updates a User Password in the DataBase
function change_password($username, $old_password, $new_password) {
    // change password for username / old_password to new_password

    // if the old password is right
    // change their password to new_password and return true
    // else throw an exception

    login($username, $old_password);
    $conn = db_connect();
    $update_query = "UPDATE user SET passwd = sha1('$new_password') WHERE username = '$username'";
    $result = $conn->query($update_query);
    if( !$result ) {
        throw new Exception('Password could not be changed');
    } else {
        return true;
    }

}

function get_random_word($min_length, $max_length)
// grab a random word from dictionary between the two lengths
// and return it
{
    // generate a random word
    $word = '';
    // remember to change this path to suit your system
    $dictionary = '\usr\dict\words';  // the ispell dictionary
    $fp = @fopen($dictionary, 'r');
    if(!$fp)
        return false;
    $size = filesize($dictionary);

    // go to a random location in dictionary
    srand ((double) microtime() * 1000000);
    $rand_location = rand(0, $size);
    fseek($fp, $rand_location);

    // get the next whole word of the right length in the file
    while (strlen($word)< $min_length || strlen($word)>$max_length || strstr($word, "'"))
    {
        if (feof($fp))
            fseek($fp, 0);        // if at end, go to start
        $word = fgets($fp, 80);  // skip first word as it could be partial
        $word = fgets($fp, 80);  // the potential password
    };
    $word=trim($word); // trim the trailing \n from fgets
    return $word;
}


//This function Resets a User's Password to a Random Value and Emails Her the New One
function reset_password($username)
// set password for username to a random value
// return the new password or false on failure
{
    // get a random dictionary word b/w 6 and 13 chars in length
    $new_password = get_random_word(6, 13);

    if($new_password==false)
        throw new Exception('Could not generate new password.');
    // add a number  between 0 and 999 to it
    // to make it a slightly better password
    srand ((double) microtime() * 1000000);
    $rand_number = rand(0, 999);
    $new_password .= $rand_number;

    // set user's password to this in database or return false
    $conn = db_connect();
    $result = $conn->query( "update user
                          set passwd = sha1('$new_password')
                          where username = '$username'");
    if (!$result)
        throw new Exception('Could not change password.');  // not changed
    else
        return $new_password;  // changed successfully
}
View Code

 

posted on 2015-09-29 21:10  beyond_Acm  阅读(177)  评论(0编辑  收藏  举报