eldileepa

The important part is the logical part. Because coding is nothing. First we should look at what’s going on there. When we register on a website we have to submit name, user name, password, address etc. in the registration form. After we click submit button it appears a thing like this. “Your confirmation link has been sent to your email address”. To activate the registration we have to follow that link. That’s the simple steps anyone can see from the out side.

Behind the screen logic part is like this.
One user register on the registration page and generate a random code.
The keep the data which user has entered in a temporary table. And send the confirmation link through an email.
When the user click on the confirmation link the data move in to a permanent table and keep safe.

That’s the simple logic.

First we have to create a registration form. I use this simple registration form.

Registration


Name
:




E-mail
:




password
:




 
 

  

Then we have to use a database and create relevant tables.
One table with fields of code, name, email, password.

Other table with id, name, email, password.

After user submit details, page redirect to a page called process.php . In there it generates a random code, insert data into the temp_users table and send the confirmation email to the user.

<?
include('db.ini');

$temp="temp_members";

//retrieve data from the registration form
$code=md5(uniqid(rand()));
$name=$_POST['name'];
$email=$_POST['email'];
$password=$_POST['password'];

// Insert data into the temp_users table
$sql="INSERT INTO $temp(code, name, email, password)VALUES('$code', '$name', '$email', '$password')";
$result=mysql_query($sql);

if($result){

// ---------------- SEND MAIL FORM ----------------

$to=$email;
$subject="Your confirmation link here";
$header="from: your name ";
$message="Your Comfirmation link \r\n";
$message.="Click on this link to activate your account \r\n";
$message.="http://www.myweb.com/confirmation.php?key=$code";

// send email
$sentmail = mail($to,$subject,$message,$header);
}

else {
echo "Not found your email";
}

if($sentmail){
echo "Your confirmation link has been sent to your email address.";
}
else {
echo "Cannot send Confirmation link to your e-mail address";
}
?>

When the user click the confirmation link it redirect to a page called confirmation.php . In there it checks the code with the database. If the code is match with the code with the table, it moves that row to the registered_users table. And delete the code from the temp_users table.

<?
include('db.ini');

$key=$_GET['key'];

$temp_members="temp_members";

// comare the key with the table data
$sql1="SELECT * FROM $temp_members WHERE code ='$key'";
$result1=mysql_query($sql1);

// If key matched
if($result1){

$count=mysql_num_rows($result1);

// if found the key in the database, retrieve data from the temp_members_db
if($count==1){

$rows=mysql_fetch_array($result1);
$name=$rows['name'];
$email=$rows['email'];
$password=$rows['password'];

$registered="registered_members";

// Insert data from temp_members_db to registered_members
$sql2="INSERT INTO $registered(name, email, password)VALUES('$name', '$email', '$password')";
$result2=mysql_query($sql2);
}

// if key is not found
else {
echo "Confirmation code is incorrect";
}

// After the inserting the data to registered_members table then activate the account
if($result2){

echo "Your account has been activated";

//Delete the relevent data from the temp_users table
$sql3="DELETE FROM $temp_members WHERE code = '$key'";
$result3=mysql_query($sql3);
}
}
?>

And this works fine for me many times. And here’s the db.ini file.

<?
$host=""; // Host name
$username=""; //  username
$password=""; //  password
$db_name=""; // Database name

//Connect to the server
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");
?>

One of my friend(Heshan) wanted to install in his Sony VAIO. But at that time I couldn’t find a latest ubuntu version with me. I had only Lucid(10.04) one. He also wanted to try that just now. Even he didn’t wait until I download the latest version. Then he installed Lucid. It seems everything is working except sound. Then I checked the alsa version(Advanced Linux Sound Architecture).

cat /proc/asound/version

It displayed as Advanced Linux Sound Architecture Driver Version 1.0.21.

Ubuntu Lucid by default came with version 1.0.21. Then I checked for latest version. Yes. At that time version 1.0.23 also there.( Now 1.0.24 also there)

Then I upgraded to alsa version into latest one.

First I stop the alsa-utils.

sudo /sbin/alsa-utils stop

we need three packages to upgrade the version.
alsa-driver-1.0.23
alsa-lib-1.0.23
alsa-utils-1.0.23

Downloaded them using wget.

wget ftp://ftp.alsa-project.org/pub/driver/alsa-driver-1.0.23.tar.bz2
wget ftp://ftp.alsa-project.org/pub/lib/alsa-lib-1.0.23.tar.bz2
wget ftp://ftp.alsa-project.org/pub/utils/alsa-utils-1.0.23.tar.bz2

Then unpack, compile and install.

tar -xjvf alsa-driver-1.0.23.tar.bz2
cd alsa-driver-1.0.23
./configure && make
make install

tar -xjvf alsa-lib-1.0.23.tar.bz2
cd alsa-lib-1.0.23
./configure && make
make install

tar -xjvf alsa-utils-1.0.23.tar.bz2
cd alsa-utils-1.0.23
./configure && make
make install

That’s it. Then reboot the machine and now you can see alsa version as updated. And finally sound also worked perfectly.

“Maintaining a self-hosted wordpress blog is a PITA”. Yes that’s true. I felt it. I saw this phrase from a tweet of laktek.

I also moved my blog to my own host. I installed wordpress. Then the problems has began. Because of web based software wordpress sometimes contains minor bugs. That’s why wordpress programmers improve this software and update to make wordpress stable. Simple step that we can do for protect our blog is, update the wordpress version when update released. Not only the wordpress update, we should update worpress plugins and themes also.

The biggest mistake we usually do is, password. Most of the time people used to use their name, birthday or phone number as their password. But password is the access point to the web or blog. So the best thing is, make it so complex. It’s better to use a combination of lower-case, upper-case, numeric and special characters. It’s not enough. We should try to change it regularly.

Other thing we usually forget is, backup the site regularly. Database, theme files, Plugins and upload folder is the major things we should backup regularly.

Changing the file permission is an another thing we can do to protect our site or blog. Using a ftp client programme we can easily manage that.

In header.php file of the template, it shows the version of wordpress which is currently using. I mostly do is, removing this line.

<meta name="generator" content="WordPress <?php bloginfo('version'); ?>" />

Managing the .htaccess file is the another major thing. Because this is one of the most powerful configuration files that controls the web server. This is the key file which helps to control access rights to directories. From this file we can mange and limit the access to folders. I found more information to setup this file from here.

Whatever things you have done I feel we can’t maintain a hack proof site . I did those things to reduce the risk. Not to prevent.

Welcome all of you to my technical blog page. In my previous blog also I tried to write my technical experience. But most of the time it contains rant.

So I have decided to maintain a blog for my technical experience.
Please don’t expect any programming tutorial or guide from this blog. Because I messed up with programming a long time ago. But still I love programming.
According to wtfcode.net this is true. “Programming is like sex: one mistake and you’re providing support for a lifetime”.

My first programme was, print hello world in C. If I’m correct this is it.

#include <stdio.h>
int main()
{
printf ("hello world\n");
return 0;
}

In here I hope to write some tips, my linux experience and more. I wish you will enjoy with my blog and stay with me.