Home      Products & Services      Contact Us      Links

WebHatchers will design & develop your site for you.

Website Menu Heaven: menus, buttons, etc.

Send us your questions.

site search by freefind

SEO, Google, Privacy
   and Anonymity
Browser Insanity
Popups and Tooltips
Free Website Search
HTML Form Creator
Buttons and Menus
Image Uploading
Website Poll
IM and Texting
   or Not MySQL
Personal Status Boards
Content Management
Article Content
   Management Systems
Website Directory
   CMS Systems
Photo Gallery CMS
Forum CMS
Blog CMS
Customer Records
   Management CMS
Address Book CMS
Private Messaging CMS
Chat Room CMS
JavaScript Charts
   and Graphs

Free Personal Status Boards (PSB™)

Free Standard Free PSB

Free PSB Pro Version

Free Social PSB

Free Social PSB Plus (with Email)

Free Business PSB

Free Business PSB Plus (with Email)

PSB demo

Social PSB demo

Business PSB demo

So what's all this PSB stuff about?

Chart comparing business status boards

PSB hosting diagram

PSB Licence Agreement

Copyright © 2002 -
MCS Investments, Inc. sitemap

PSBs, social networking, social evolution, microcommunities, personal status boards
PSBs, social networking, business personal status boards
website design, ecommerce solutions
website menus, buttons, image rotators
Ez-Architect, home design software
the magic carpet and the cement wall, children's adventure book
the squirrel valley railroad, model railroad videos, model train dvds
the deep rock railroad, model railroad videos, model train dvds

HTML Form Creator—Configure File for Database Connection CMS

This script is called config.php

The HTML Form Creator—Configure File for Database Connection CMS script is one of a group of PHP scripts that handle both the administrative and end-user aspects of a general purpose HTML Form Creator that allows not just input boxes but multiple selection enabled select/option lists as well. In addition to the expectable editing scripts for both administrative and end-user functions, there's also a Search and Match script so that users can use the scripts to find other users with various individual or group commonalities, including proximity searches, i.e., find all the users within various distances. There are even private messaging scripts.

The purpose of this script is to provide a way in which the user can connect to the database successfully.

We store the config.php file in an includes folder. We put a special htaccess file in that folder, which denies access to prying eyes but allows it to be used for connection purposes (the second file protected is irrelevant to the config.php file discussion as well as the rest of the files whose links are above, but it shows how to put multiple files in your htaccess file):

<Files "config.php">
order deny,allow
deny from all
<Files "includefileonly.php">
order deny,allow
deny from all
Options -Indexes

For the config.php file, first we use the defined() function to check whether a given named constant exists named '_NODIRECTACCESS'. If not, the user is booted out of the script. The reason we check for this named constant is that the various scripts that include the config.php file all use the define() function to define a named constant named '_NODIRECTACCESS' just prior to including config.php. This protects against anyone using the config.php file without first naming that constant with the define() function—a wise security precaution.

Next we have the PHP make_salt() function (which is run from other scripts that include config.php) that makes a salt to use with passwords and hashes for better security. We use the PHP function array_merge() to merge 3 arrays, which we build using the range() function, which creates an array with a specified range of elements. In this case, we want A to Z, a to z, and 0 to 9. Then we use the mt_rand() function and the count() function to loop through 19 iterations, getting random characters from the array, concatenating them together into a new salt 19 characters long.

Next we have the hashing function z_____z() (which is run from other scripts that include config.php). It expects a salt in the $o variable and an entered password in the $P variable. We start by creating a hash() of the concatenation of the password and salt, using the sha512 hashing algorithm. Next we loop through 6979 iterations of hashing a concatenation of the just made hash and the password and the salt, so that we are getting hashes of hashes of hashes . . . etc. Then we use the substr() function to get the first 65 characters of the hashed hash. This is the value we return from the function.

The reason we do not combine the hash and salt functions into one function is simple. We use $o=$get_user_data['salt'];$h=z_____z(); in the login script, but $o=make_salt();$h=z_____z(); in the registration script. We need a new salt to register, but need to grab the old salt from the database to login.

Finally we define the MySQL db connection for connecting PHP scripts to the MySQL server, using the mysql_connect() function. We give password, username, database name and throw in the email address for good measure (optional). Users must edit this config.php file in order to make connections to their own MySQL database.

Note that we use weird variable names like $psbhostusername. We could just as easily have called it $u, as long as you call it $u in the mysql_connect() function too! We use a name that relates to the first configure file we ever made, and have been too lazy to change it since then. Leave it as is—or change it—whatever.

The script below is called: config.php

if(!defined('_NODIRECTACCESS')){exit("No access!");}

function make_salt(){
$aZ09 = array_merge(range('A', 'Z'), range('a', 'z'),range(0, 9));
return $o;}

function z_____z(){
global $P;global $o;$s=$o;$p=$P;
$h = hash('sha512',$p.$s);
for ($i=0;$i<6979;$i++){$h=hash('sha512',$h.$p.$s);}
$h = substr($h,0,65);return $h;}

$psbhostemailaddress = "yoursite@yoursite.com"; //EDIT ME
$roothostname = "localhost";
$psbhostusername = "yourusername"; //EDIT ME
$psbhostpassword = "yourpassword"; //EDIT ME
$psbhostdatabasename = "yourdb"; //EDIT ME
mysql_connect("".$roothostname."","".$psbhostusername."","".$psbhostpassword."") or die(mysql_error());
mysql_select_db("".$psbhostdatabasename."") or die(mysql_error());