477 Implementing the Database We will begin by implementing the MySQL database for this application as it will be required for virtually all the other functionality to work. Then we will work through the code in the order it was written, starting from the front page, going through the user authentication, to bookmark storage and retrieval, and finally to recommendations.This order is fairly logical—it’s just a question of working out the dependencies and building first the things that will be required for later mod- ules. Note For the code in this project to work as written, you will need to have switched on magic quotes. If you have not done this, then you will need to addslashes() to data being inserted to the MySQL database, and stripslashes() from data retrieved from the database. We have used this as a useful shortcut. Implementing the Database We only require a fairly simple schema for the PHPBookmark database.We need to store users and their email addresses and passwords.We also need to store the URL of a bookmark. One user can have many bookmarks, and many users can register the same bookmark.We therefore have two tables, user and bookmark, as shown in Figure 24.2. username passwd email laura 7cbf26201e73c29b laura@tangledweb.com.au luke 1fef10690eeb2e59 luke@tangledweb.com.au username user bookmark bm_URL laura http://slashdot.org laura http://php.net Figure 24.2 Database schema for the PHPBookmark system. The user table will store the user’s username (which is the primary key), password, and email address. The bookmark table will store username and bookmark (bm_URL) pairs.The user- name in this table will refer back to a username from the user table. The SQL to create this database, and to create a user for connecting to the database from the Web, is shown in Listing 24.1.You should edit it if you plan to use it on your system—change the user’s password to something more secure! 30 525x ch24 1/24/03 3:36 PM Page 477 478 Chapter 24 Building User Authentication and Personalization Listing 24.1 bookmarks.sql—SQL File to Set Up the Bookmark Database create database bookmarks; use bookmarks; create table user ( username varchar(16) primary key, passwd char(16) not null, email varchar(100) not null ); create table bookmark ( username varchar(16) not null, bm_URL varchar(255) not null, index (username), index (bm_URL) ); grant select, insert, update, delete on bookmarks.* to bm_user@localhost identified by 'password'; You can set up this database on your system by running this set of commands as the root MySQL user.You can do this with the following command on your system’s command line: mysql -u root -p < bookmarks.sql You will then be prompted to type in your password. With the database set up, let’s go on and implement the basic site. Implementing the Basic Site The first page we’ll build will be called login.php because it provides users with the opportunity to log in to the system.The code for this first page is shown in Listing 24.2. Listing 24.2 login.php—Front Page of the PHPBookmark System <?php require_once('bookmark_fns.php'); do_html_header(''); display_site_info(); display_login_form(); do_html_footer(); ?> 30 525x ch24 1/24/03 3:36 PM Page 478 479 Implementing the Basic Site This code looks very simple, as it is mostly calling functions from the function API that we will construct for this application.We’ll look at the details of these functions in a minute. Just looking at this file, we can see that we are including a file (containing the functions) and then calling some functions to render an HTML header, display some content, and render an HTML footer. The output from this script is shown in Figure 24.3. Figure 24.3 The front page of the PHPBookmark system is produced by the HTML rendering functions in login.php. The functions for the system are all included in the file bookmark_fns.php, shown in Listing 24.3. Listing 24.3 bookmark_fns.php—Include File of Functions for the Bookmark Application <?php // We can include this file in all our files // this way, every file will contain all our functions require_once('data_valid_fns.php'); require_once('db_fns.php'); require_once('user_auth_fns.php'); require_once('output_fns.php'); require_once('url_fns.php'); ?> As you can see, this file is just a container for the five other include files we will use in this application.We have structured it like this because the functions fall into logical 30 525x ch24 1/24/03 3:36 PM Page 479 480 Chapter 24 Building User Authentication and Personalization groups. Some of these groups might be useful for other projects, so we put each function group into a different file where we will know where to find them when we want them again.We constructed the bookmark_fns.php file because we will use most of the five function files in most of our scripts. It is easier to include this one file in each script rather than having five include statements. Note that the require_once() construct only exists in PHP from version 4.0.1pl2. If you are using a prior version, you will need to use require() or include() and ensure that the files do not get loaded multiple times. In this particular case, we are using functions from the file output_fns.php.These are all straightforward functions that output fairly plain HTML.This file includes the four functions we have used in login.php, that is, do_html_header(), display_site_info(), display_login_form(),and do_html_footer(),among others. We will not go through all these functions in detail, but we will look at one as an example.The code for do_html_header() is shown in Listing 24.4. Listing 24.4 do_html_header() Function from output_fns.php—This Function Outputs the Standard Header That Will Appear on Each Page in the Application function do_html_header($title) { // print an HTML header ?> <html> <head> <title><?php echo $title;?></title> <style> body { font-family: Arial, Helvetica, sans-serif; font-size: 13px } li, td { font-family: Arial, Helvetica, sans-serif; font-size: 13px } hr { color: #3333cc; width=300; text-align=left} a { color: #000000 } </style> </head> <body> <img src="bookmark.gif" alt="PHPbookmark logo" border="0" align="left" valign="bottom" height="55" width="57" /> <h1>&nbsp;PHPbookmark</h1> <hr /> <?php if($title) do_html_heading($title); } As you can see, the only logic in this function is to add the appropriate title and heading to the page.The other functions we have used in login.php are similar.The function 30 525x ch24 1/24/03 3:36 PM Page 480 481 Implementing User Authentication display_site_info() adds some general text about the site; display_login_form() displays the grey form shown in Figure 24.3; and do_html_footer() adds a standard HTML footer to the page. The advantages to isolating or removing HTML from your main logic stream are dis- cussed in Chapter 22,“Using PHP and MySQL for Large Projects.”We will use the function API approach here, and a template-based approach in the next chapter for con- trast. Looking at Figure 24.3, you can see that there are three options on this page—users can register, log in if they have already registered, or reset their password if they have for- gotten it.To implement these modules we will move on to the next section, user authentication. Implementing User Authentication There are four main elements to the user authentication module: user registration, login and logout, changing passwords, and resetting passwords.We will look at each of these in turn. Registering To register a user, we need to get his details via a form and enter him in the database. When a user clicks on the “Not a member?” link on the login.php page, they will be taken to a registration form produced by register_form.php.This script is shown in Listing 24.5. Listing 24.5 register_form.php—This Form Gives Users the Opportunity to Register with PHPBookmarks <?php require_once('bookmark_fns.php'); do_html_header('User Registration'); display_registration_form(); do_html_footer(); ?> Again, you can see that this page is fairly simple and just calls functions from the output library in output_fns.php.The output of this script is shown in Figure 24.4. The grey form on this page is output by the function display_registration_ form(), contained in output_fns.php.When the user clicks on the Register button, he will be taken to the script register_new.php. This script is shown in Listing 24.6. 30 525x ch24 1/24/03 3:36 PM Page 481 . your system by running this set of commands as the root MySQL user.You can do this with the following command on your system’s command line: mysql -u root -p < bookmarks.sql You will then be. header ?> <html> <head> <title>< ?php echo $title;?></title> <style> body { font-family: Arial, Helvetica, sans-serif; font-size: 13px } li, td { font-family: Arial, Helvetica, sans-serif; font-size: 13px. 24.3; and do_html_footer() adds a standard HTML footer to the page. The advantages to isolating or removing HTML from your main logic stream are dis- cussed in Chapter 22,“Using PHP and MySQL