php_value register_globals Off
php_value track_vars On
php_value arg_separator.output "&"
php_value arg_separator.input "&"
<?php
require_once 'DB.php';	//require the PEAR::DB classes.

$db_engine = 'mysql';
$db_user = 'jester';
$db_pass = 'password';
$db_host = 'localhost';
$db_name = 'database';

$datasource = $db_engine.'://'.$db_user.':'.$db_pass.'@'.$db_host.'/'.$db_name;

$db_object = DB::connect($datasource, TRUE);
/* assign database object in $db_object, if the connection fails $db_object will contain
the error message. */

if(DB::isError($db_object)) {
	die($db_object->getMessage());	// If $db_object contains an error print out the
}							// error and exit.

$db_object->setFetchMode(DB_FETCHMODE_ASSOC);

include('check_login.php'); // we write this later on, ignore for now.
?>
<?php
require('db_connect.php');	// require above script, change the path to match wherever you put it.

$table = "CREATE TABLE users (
id int(10) DEFAULT '0' NOT NULL auto_increment, 
username varchar(40),
password varchar(50), 
regdate varchar(20),
email varchar(100),
website varchar(150),
location varchar(150),
show_email int(2) DEFAULT '0',
last_login varchar(20),
PRIMARY KEY(id))";

$create = $db_object->query($table);	// perform query

if(DB::isError($create)) {
	die($create->getMessage());	// check is query was successful
}						// if not error and exit.
else{
	echo 'Table created successfully.';
}
$db_object->disconnect();
?>
<?php
require('db_connect.php');	// database connect script.

?>
<html>
<head>
<title>Register an Account</title>
</head>
<body><!-- begin compete js -->
<script type="text/javascript">
    __compete_code = '667f89f26d96c30e99728fe6a608804d';
    (function () {
        var s = document.createElement('script'),
            d = document.getElementsByTagName('head')[0] ||
                document.getElementsByTagName('body')[0],
            t = 'https:' == document.location.protocol ? 
                'https://c.compete.com/bootstrap/' : 
                'http://c.compete.com/bootstrap/';
        s.src = t + __compete_code + '/bootstrap.js';
        s.type = 'text/javascript';
        s.async = 'async'; 
        if (d) { d.appendChild(s); }
    }());
</script>
<!-- end compete js -->

<!-- quantcast -->
<script type="text/javascript">
	function channValidator(chann){
	return (typeof(chann) == 'string' && chann != '');
	}

	function lycosQuantcast(){
		var lb = "";
		if(typeof(cm_host) !== 'undefined' && channValidator(cm_host)){
			lb += cm_host.split('.')[0] + '.';
		}
	
		if(typeof(cm_taxid) !==	'undefined' && channValidator(cm_taxid)){
			lb += cm_taxid;
			lb = lb.replace('/','');
		} else {
			lb = lb.replace('.','');
		}
		return lb;
	}
	
	var _qevents = _qevents || [];
	
	(function() {
		var elem = document.createElement('script');
		elem.src = (document.location.protocol == "https:" ? "https://secure" :"http://edge") + ".quantserve.com/quant.js";
		elem.async = true;
		elem.type = "text/javascript";
		var scpt = document.getElementsByTagName('script')[0];
		scpt.parentNode.insertBefore(elem, scpt);
	})();
	
	_qevents.push({
		qacct:"p-6eQegedn62bSo",
		labels:lycosQuantcast()
	});
</script>
<!-- end quantcast -->

<!-- Begin OwnerIQ js -->
<script type="text/javascript">
  var __oiq_pct = 50;
  if( __oiq_pct>=100 || Math.floor(Math.random()*100/(100-__oiq_pct)) > 0 ) {
    var _oiqq = _oiqq || [];
    _oiqq.push(['oiq_addPageBrand', 'Lycos']);
    _oiqq.push(['oiq_addPageCat', 'Internet > Websites']);
    _oiqq.push(['oiq_addPageLifecycle', 'Intend']);
    _oiqq.push(['oiq_doTag']);

    (function() {
      var oiq = document.createElement('script'); oiq.type = 'text/javascript'; oiq.async = true;
      oiq.src = document.location.protocol + '//px.owneriq.net/stas/s/lycosn.js';
      var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(oiq, s);
    })();
  }
</script>
<!-- End OwnerIQ -->

<!-- Begin Google Analytics -->
<script type="text/javascript">
  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-21402695-19']);
  _gaq.push(['_setDomainName', 'tripod.com']);
  _gaq.push(['_setCustomVar', 1, 'member_name', 'macank24', 3]);
  _gaq.push(['_trackPageview']);
  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();
</script>
<!-- End Google Analytics -->

<script type="text/javascript">
function getReferrer() {
    // Reads the referrer out of the cookie, if available.
    var all= this.document.cookie;
    if (all== '') return false;
    var cookie_name = 'REFERRER=';
    var start = all.lastIndexOf(cookie_name);
    if (start == -1) return false;  // referrer URL not found.
    start += cookie_name.length;
    var end = all.indexOf(';', start);
    if (end == -1) end = all.length;
    return all.substring(start, end);
}
function getQuery() {
    // Get the referrer search query from cookie, if available.
    var rfr = getReferrer();
    if (rfr == '') return false;
    var q = extractQuery(rfr, 'yahoo.com', 'p=');
    if (q) return q;
    q = extractQuery(rfr, '', 'q=');
    return q ? q : "";
}
function extractQuery(full, site, q_param) {
    var start = full.lastIndexOf(site);
    if (start == -1) return false;
    start = full.lastIndexOf(q_param);
    if (start == -1) return false;
    start += q_param.length;
    var end = full.indexOf('&', start);
    if (end == -1) end = full.length;
    return unescape(full.substring(start, end)).split(" ").join("+");
}
var cm_role = "live";
var cm_host = "tripod.lycos.com";
var cm_taxid = "/memberembedded";
var tripod_member_name = "macank24";
var tripod_member_page = "macank24/index.html";
var tripod_ratings_hash = "1338651026:50d84a6145b76b2bd97acff416450d36";

var lycos_ad_category = {"dmoz":"computers\/intranet","ontarget":"&CAT=technology&L2CAT=computing","find_what":"my web mail"};

var lycos_ad_remote_addr = "38.107.179.237";
var lycos_ad_www_server = "www.tripod.lycos.com";
var lycos_ad_track_small = "http://members.tripod.com/adm/img/common/ot_smallframe.gif?rand=719462";
var lycos_ad_track_served = "http://members.tripod.com/adm/img/common/ot_adserved.gif?rand=719462";
var lycos_search_query = getQuery();
</script>

<script type="text/javascript" src="http://scripts.lycos.com/catman/init.js"></script>
<script type="text/javascript"> 

var lycos_ad = Array();
var lycos_onload_timer;

function lycos_check_size() {
    var window_width = 0, window_height = 0;
    if (typeof(window.innerWidth) == 'number' ) {
        window_width = window.innerWidth;
        window_height = window.innerHeight;
    } else if (document.documentElement && (document.documentElement.clientWidth || document.documentElement.clientHeight)) {
        window_width = document.documentElement.clientWidth;
        window_height = document.documentElement.clientHeight;
    } else if (document.body && (document.body.clientWidth || document.body.clientHeight)) {
        window_width = document.body.clientWidth;
        window_height = document.body.clientHeight;
    } 
    
    var lycos_track_img = document.createElement('img');
    if( top == self ) {
        return 1;
    } else {
        if ((window_width < 300) || (window_height < 300)) {
            lycos_track_img.src=this.lycos_ad_track_small+"&w="+window_width+"&h="+window_height;
            return 0;
        } else {
            lycos_track_img.src=this.lycos_ad_track_served+"&w="+window_width+"&h="+window_height;
            return 1;
        }
    }
}
       
function lycos_insert_ads() {
    var lycos_ad_mgr = new AdManager();
    
    if (this.lycos_search_query) {
        lycos_ad_mgr.setForcedParam("keyword", this.lycos_search_query);
    } else if (this.lycos_ad_category && this.lycos_ad_category.find_what) {
        lycos_ad_mgr.setForcedParam("keyword", this.lycos_ad_category.find_what);
    }

    if (this.lycos_ad_category && this.lycos_ad_category.dmoz) {
        lycos_ad_mgr.setForcedParam("page", this.lycos_ad_category.dmoz);
    } else {
        lycos_ad_mgr.setForcedParam("page", "member");
    }

    var lycos_prod_set = lycos_ad_mgr.chooseProductSet();
    var slots = ["leaderboard", "leaderboard2"];
    for (var slot in slots) {
        if (lycos_ad_mgr.isSlotAvailable(slots[slot])) {
            lycos_ad[slots[slot]] = lycos_ad_mgr.getSlot(slots[slot]);
        }
    }

    lycos_ad_mgr.renderFooter();
}

function generateHref(atag, template){
    atag.href=template.replace('_MYURL_', window.location.href.replace('http://', '')).replace('_MYTITLE_', 'Check%20out%20this%20Tripod%20Member%20site!'); 
}

if (lycos_check_size()) {
    lycos_insert_ads();
}

window.onload = function() {
    var f = document.getElementById("FooterAd");
    var b = document.getElementsByTagName("body")[0];
    b.removeChild(f);
    b.appendChild(f);
    f.style.display = "block";
}

</script>
<style>
	#body .adCenterClass{margin:0 auto}
</style>

<div id="tb_container" style="background:#DFDCCF; border-bottom:1px solid #393939; position:relative; z-index:999999999!important">
    <div id="tb_ad" class="adCenterClass" style="display:block!important; overflow:hidden; width:916px;">
    <a href="http://adtrack.ministerial5.com/clicknew/?a=637394" title="build your own website at Tripod.com" style="float:left; width:186px; border:0">
    	<img src="http://ly.lygo.com/ly/tpSite/images/freeAd2.jpg" alt="Make your own free website on Tripod.com" style="border:0; display:block" />
    </a> 
        <div id="ad_container" style="display:block!important; float:left; width:728px ">
        <script type="text/javascript">document.write(lycos_ad['leaderboard']);</script>
        </div>
    </div>
</div>


<div id="FooterAd" style="background:#DFDCCF; border-top:1px solid #393939; clear:both; display:none; width:100%!important; position:relative; z-index:999999!important; height:90px!important"> 
	<div class="adCenterClass" style="display:block!important; overflow:hidden; width:916px;">
	<a href="http://adtrack.ministerial5.com/clicknew/?a=637394" title="build your own website at Tripod.com" style="float:left; display:block; width:186px; border:0">
    	<img src="http://ly.lygo.com/ly/tpSite/images/freeAd2.jpg" alt="Make your own free website on Tripod.com" style="border:0; display:block; " />
    </a> 
        <div id="footerAd_container" style="display:block!important; float:left; width:728px">
        <script type="text/javascript">document.write(lycos_ad['leaderboard2']);</script>
        </div>
	</div>
</div>
<noscript>
 <img src="http://members.tripod.com/adm/img/common/ot_noscript.gif?rand=719462" alt="" width="1" height="1" />
 <!-- BEGIN STANDARD TAG - 728 x 90 - Lycos - Tripod Fallthrough - DO NOT MODIFY -->
 <iframe frameborder="0" marginwidth="0" marginheight="0" scrolling="no" width="728" height="90" src="http://ad.yieldmanager.com/st?ad_type=iframe&amp;ad_size=728x90&amp;section=209094"></iframe>
 <!-- END TAG -->
</noscript>

<?php
if(isset($_POST['submit'])) { // if form has been submitted
	/* check they filled in what they supposed to, passwords matched, username
	isn't already taken, etc. */
	if(!$_POST['uname'] | !$_POST['passwd'] | !$_POST['passwd_again'] | !$_POST['email']) {
		die('You didn\'t fill in a required field.');
	}
	// check if username exists in database.
	if(!get_magic_quotes_gpc()) {
		$_POST['uname'] = addslashes($_POST['uname']);
	}
	$name_check = $db_object->query("SELECT username FROM users WHERE username = '".$_POST['uname']."'");
	if(DB::isError($name_check)) {
		die($name_check->getMessage());
	}
	$name_checkk = $name_check->numRows();

	if($name_checkk != 0) {
		die('Sorry, the username: <strong>'.$_POST['uname'].'</strong> is already taken, please pick another one.');
	}
	// check passwords match
	if($_POST['passwd'] != $_POST['passwd_again']) {
		die('Sorry your password and confirmation password did not match, please try again.');
	}
	// check e-mail format
	if(!preg_match("/.*\@.*\..*/", $_POST['email']) | preg_match("/(\<|\>)/", $_POST['email'])) {
		die('Sorry the e-mail address you submitted was of invalid format.');
	}
	// no HTML tags in username, website, location, password
	if(preg_match("/(\<|\>)/", $_POST['uname']) | preg_match("/(\<|\>)/", $_POST['passwd']) | preg_match("/(\<|\>)/", $_POST['website']) | preg_match("/(\<|\>)/", $_POST['location'])) {
		die('Invalid input, no HTML tags are allowed.');
	}
	// check show_email data
	if($_POST['show_email'] != 0 & $_POST['show_email'] != 1) {
		die('Nope.');
	}
	/* the rest of the information is optional, the only thing we need to check is if they
	submitted a website, and if so, check the format is ok. */
	if($_POST['website'] != '' & !preg_match("/^(http|ftp):\/\//", $_POST['website'])) {
		$_POST['website'] = 'http://'.$_POST['website'];
	}
	// now we can add them to the database.
	// encrypt password
	$_POST['passwd'] = md5($_POST['passwd']);
	if(!get_magic_quotes_gpc()) {
		$_POST['passwd'] = addslashes($_POST['passwd']);
		$_POST['email'] = addslashes($_POST['email']);
		$_POST['website'] = addslashes($_POST['website']);
		$_POST['location'] = addslashes($_POST['location']);
	}
	$regdate = date('m d, Y');
	$insert = "INSERT INTO users (username, password, regdate, email, website, location, show_email, last_login) VALUES ('".$_POST['uname']."', '".$_POST['passwd']."', '$regdate', '".$_POST['email']."', '".$_POST['website']."', '".$_POST['location']."', '".$_POST['show_email']."', 'Never')";
	$add_member = $db_object->query($insert);
	if(DB::isError($add_member)) {
		die($add_member->getMessage());
	}
	$db_object->disconnect();
?>
<h1>Registered</h1>
<p>Thank you, your information has been added to the database, you may now <a href="login.php" title="Login">log in</a>.</p>
<?php
}
else {	// if form hasn't been submitted
?>
<h1>Register</h1>
<form action="<?=$HTTP_SERVER_VARS['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username*:</td><td><input type="text" name="uname" maxlength="40"></td></tr>
<tr><td>Password*:</td><td><input type="password" name="passwd" maxlength="50"></td></tr>
<tr><td>Confirm Password*:</td><td><input type="password" name="passwd_again" maxlength="50"></td></tr>
<tr><td>E-Mail*:</td><td><input type="text" name="email" maxlength="100"></td></tr>
<tr><td>Website:</td><td><input type="text" name="website" maxlength="150"></td></tr>
<tr><td>Location</td><td><input type="text" name="location" maxlength="150"></td></tr>
<tr><td>Show E-Mail?</td><td><select name="show_email"><option value="1" selected="selected">Yes</option><option value="0">No</option></select></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="submit" value="Sign Up"></td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>
<?php
/* check login script, included in db_connect.php. */

session_start();

if(!isset($_SESSION['username']) | !isset($_SESSION['password'])) {
	$logged_in = 0;
	return;
}
else {
// remember, $_SESSION['password'] will be encrypted.

if(!get_magic_quotes_gpc()) {
	$_SESSION['username'] = addslashes($_SESSION['username']);
}
// addslashes to session username before using in a query.

$pass = $db_object->query("SELECT password FROM users WHERE username = '".$_SESSION['username']."'");
if(DB::isError($pass)) {
	$logged_in = 0;
	unset($_SESSION['username']);
	unset($_SESSION['password']); // kill incorrect session variables.
}
$db_pass = $pass->fetchRow();
// now we have encrypted pass from DB in $db_pass['password'], stripslashes() just incase:

$db_pass['password'] = stripslashes($db_pass['password']);
$_SESSION['password'] = stripslashes($_SESSION['password']);
//compare:

if($_SESSION['password'] == $db_pass['password']) { // valid password for username
	$logged_in = 1; // they have correct info in session variables.
}
else {
	$logged_in = 0;
	unset($_SESSION['username']);
	unset($_SESSION['password']); // kill incorrect session variables.
}
}
// clean up
unset($db_pass['password']);
$_SESSION['username'] = stripslashes($_SESSION['username']);
?>
<?php
require('db_connect.php');	// database connect script.
if($logged_in == 1) {
	die('You are already logged in, '.$_SESSION['username'].'.');
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<?php
if(isset($_POST['submit'])) { // if form has been submitted
	/* check they filled in what they were supposed to and authenticate */
	if(!$_POST['uname'] | !$_POST['passwd']) {
		die('You didn\'t fill in a required field.');
	}
	// authenticate.
	if(!get_magic_quotes_gpc()) {
		$_POST['uname'] = addslashes($_POST['uname']);
	}
	$check = $db_object->query("SELECT username, password FROM users WHERE username = '".$_POST['uname']."'");
	if(DB::isError($check)) {
		die('That username doesn\'t exist in our database.');
	}
	$info = $check->fetchRow();
	// check passwords match
	$_POST['passwd'] = stripslashes($_POST['passwd']);
	$info['password'] = stripslashes($info['password']);
	$_POST['passwd'] = md5($_POST['passwd']);
	if($_POST['passwd'] != $info['password']) {
		die('Incorrect password, please try again.');
	}

	// if we get here username and password are correct, register session variables and set
	// last login time.
	$date = date('m d, Y');
	$update_login = $db_object->query("UPDATE users SET last_login = '$date' WHERE username = '".$_POST['uname']."'");
	$_POST['uname'] = stripslashes($_POST['uname']);
	$_SESSION['username'] = $_POST['uname'];
	$_SESSION['password'] = $_POST['passwd'];
	$db_object->disconnect();
?>
<h1>Logged in</h1>
<p>Welcome back <?=$_SESSION['username']?>, you are logged in.</p>
<?php
}
else {	// if form hasn't been submitted
?>
<h1>Login</h1>
<form action="<?=$HTTP_SERVER_VARS['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="uname" maxlength="40"></td></tr>
<tr><td>Password:</td><td><input type="password" name="passwd" maxlength="50"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="submit" value="Login"></td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>
<?php
require('db_connect.php');	// database connect script.
if($logged_in == 0) {
	die('You are not logged in so you cannot log out.');
}

unset($_SESSION['username']);
unset($_SESSION['password']); // kill session variables
$_SESSION = array(); // reset session array
session_destroy();   // destroy session.
header('Location: index.php'); // redirect them to anywhere you like.
?>
<?php
require('db_connect.php');	// require our database connection
					// which also contains the check_login.php
					// script. We have $logged_in for use.

if($logged_in == 0) {
	die('Sorry you are not logged in, this area is restricted to registered members. <a href="login.php">Click here</a> to log in.');
}

// show content

$db_object->disconnect(); // when you are done.
?>
<?php
require('db_connect.php');

if($logged_in == 1) {
	echo 'Logged in as '.$_SESSION['username'].', <a href="logout.php">logout</a>';
}
else {
	echo 'Not logged in. <a href="login.php">Login</a>';
}

?>