Code: Select all
$dictionary = '/usr/dict/words'; // the ispell dictionary
$fp = fopen($dictionary, 'r');
$size = filesize($dictionary);Code: Select all
<?php
require_once('db_fns.php');
function register($email,$passwd,$secretquestion,$secretans
wer,$fname,$mname,$lname,$title,$company,$street,$
city,$state,$zip,$businesstype,$howlearned,$phone,
$faxphone,$cellphone,$membercategory,$paymentmetho
d,$website,$phonetocall,$timetocall)
// register new person with db
// return true or error message
{
// connect to db
$conn = db_connect();
if (!$conn)
return 'Could not connect to database server - please try later.';
// check if username is unique
$result = mysql_query("select * from mytable_tbl where email='$email'");
if (!$result)
return 'Could not execute query';
if (mysql_num_rows($result)>0)
return 'That username is taken - go back and choose another one.';
// if ok, put in db
$result = mysql_query("insert into mytable_tbl values
('$email',password('$passwd'),'$secretquestion','$
secretanswer','$fname','$mname','$lname','$title',
'$company','$street','$city','$state','$zip','$bus
inesstype','$howlearned','$phone','$faxphone','$ce
llphone','$membercategory','$paymentmethod','$webs
ite','$phonetocall','$timetocall',0)");
if (!$result)
return 'Could not register you in database - please try again later.';
return true;
}
function login($email, $passwd)
// check username and password with db
// if yes, return true
// else return false
{
// connect to db
$conn = db_connect();
if (!$conn)
return false;
// check if username is unique
$result = mysql_query("select * from mytable_tbl
where email='$email'
and passwd = password('$passwd')
and paidflag > '0'");
if (!$result)
return false;
if (mysql_num_rows($result)>0)
return true;
else
return false;
}
function confirm($email, $passwd, $confirm)
// check username and password with db
// if yes, update paidflag and return true
// else return false
{
// connect to db
$conn = db_connect();
if (!$conn)
return false;
// check if username is valid
$result = mysql_query("select * from mytable_tbl
where email='$email'
and passwd = password('$passwd')
and paidflag = '0'");
if (!$result)
return false;
else
{
if (mysql_num_rows($result)>0)
{
$result = mysql_query("update mytable_tbl
set paidflag='$confirm'
where email='$email'");
return true;
}
else
return false;
}
}
function check_valid_user()
// see if somebody is logged in and notify them if not
{
global $HTTP_SESSION_VARS;
if (isset($HTTP_SESSION_VARS['valid_user']))
{
return;
}
else
{
// they are not logged in
echo 'PROBLEM:';
echo 'You are not logged in.<br />';
do_html_url('memberlogin.php', 'Login');
exit;
}
}
function change_password($username, $old_password, $new_password)
// change password for username/old_password to new_password
// return true or false
{
// if the old password is right
// change their password to new_password and return true
// else return false
if (login($email, $old_password))
{
if (!($conn = db_connect()))
return false;
$result = mysql_query( "update mytable_tbl
set passwd = password('$new_password')
where email = '$email'");
if (!$result)
return false; // not changed
else
return true; // changed successfully
}
else
return false; // old password was wrong
}
function get_random_word($min_length, $max_length)
{
//determine the actual length of the word
$length = mt_rand($min_length,$max_length);
$word = '';
for($i=0;$i<$length;$i++) {
$gen_what = mt_rand(1,3);
switch ($gen_what) {
//append an upper case letter to the word
case 1:
$word .= chr(rand(65,90));
break;
//append an lower case letter to the word
case 2:
$word .= chr(rand(97,122));
break;
//append a number to the word
case 3:
$word .= chr(rand(48,57));
break;
} //end switch
} //end for
return $word;
}
function reset_password($email)
// set password for username to a random value
// return the new password or false on failure
{
// get a random dictionary word b/w 6 and 13 chars in length
$new_password = get_random_word(6, 13);
if($new_password==false)
return false;
// add a number between 0 and 999 to it
// to make it a slightly better password
srand ((double) microtime() * 1000000);
$rand_number = rand(0, 999);
$new_password .= $rand_number;
// set user's password to this in database or return false
if (!($conn = db_connect()))
return false;
$result = mysql_query( "update mytable_tbl
set passwd = password('$new_password')
where email = '$email'");
if (!$result)
return false; // not changed
else
return $new_password; // changed successfully
}
function notify_password($email, $passwd)
// notify the user that their password has been changed
{
if (!($conn = db_connect()))
return false;
$result = mysql_query("select email from mytable_tbl
where email='$email'");
if (!$result)
{
return false; // not changed
}
else if (mysql_num_rows($result)==0)
{
return false; // username not in db
}
else
{
$email = mysql_result($result, 0, 'email');
$from = "From: support@mydomaineheh.com \r\n";
$mesg = "Yourpassword has been changed to $password \r\n"
."Please change it next time you log in. \r\n";
if (mail($email, 'Your login information', $mesg, $from))
return true;
else
return false;
}
}
?>