Home      Products & Services      Contact Us      Links

WebHatchers will design & develop your site for you.

Website Menu Heaven: menus, buttons, etc.

Send us your questions.

site search by freefind

SEO, Google, Privacy
   and Anonymity
Browser Insanity
Popups and Tooltips
Free Website Search
HTML Form Creator
Buttons and Menus
Image Uploading
Website Poll
IM and Texting
   or Not MySQL
Personal Status Boards
Content Management
Article Content
   Management Systems
Website Directory
   CMS Systems
Photo Gallery CMS
Forum CMS
Blog CMS
Customer Records
   Management CMS
Address Book CMS
Private Messaging CMS
Chat Room CMS
JavaScript Charts
   and Graphs

Free Personal Status Boards (PSB™)

Free Standard Free PSB

Free PSB Pro Version

Free Social PSB

Free Social PSB Plus (with Email)

Free Business PSB

Free Business PSB Plus (with Email)

PSB demo

Social PSB demo

Business PSB demo

So what's all this PSB stuff about?

Chart comparing business status boards

PSB hosting diagram

PSB Licence Agreement

Copyright © 2002 -
MCS Investments, Inc. sitemap

PSBs, social networking, social evolution, microcommunities, personal status boards
PSBs, social networking, business personal status boards
website design, ecommerce solutions
website menus, buttons, image rotators
Ez-Architect, home design software
the magic carpet and the cement wall, children's adventure book
the squirrel valley railroad, model railroad videos, model train dvds
the deep rock railroad, model railroad videos, model train dvds

Register MC Group with Captcha

This script is called register-with-captcha.php

We begin by starting a session and saving the session id as a session variable. Then we define a named constant with the define() function. When we get to the config.php script, we encounter that it will check for that constant, and if it is not found, no MySQL database connection will occur. In addition to the db connection establishing—if you're allowed in because the constant was found to be named—are both the salting and hashing functions which are used for password safety. The Configure File for Database Connection file is in the includes folder that has a special htaccess file (see security levels) helping to protect it from prying eyes, etc.

Next we create the mc_members MySQL table if it does not already exist. It holds close to 80 separate fields. Most of the fields are of the tinyint data type since they allow only integers from 0 to 99. The last 13 fields are varchar(175), although only the Religion field could come even close to needing that much space, since multiple selections are allowed and there are 61 options in the HTML select tag named Religion. However, most of the fields are not dealt with in this registration script but in the MC Questionnaire instead. The registration script deals only with user/group profile data, not group configuration and preferences issues which the questionnaire deals with.

Next we come to the CSS styles—the only thing interesting here is that we use "position:absolute;top:50px;left:50%;margin-left:-300px;width:600px", and other similar styles to center our divs. If works much better than any other method. Note the margin-left property which is half the div width times -1. And the left property is 50%.

Next we get to the JavaScript section. We use both JavaScript and PHP validation to filter input from the user since the cardinal rule for user input is: NEVER TRUST IT. If you want to trust it, simply ensure that it will be safe for putting into your MySQL tables as well as displaying on your web pages. By far the best method here is to use the JavaScript for the users' benefit and the PHP for security. If JavaScript is turned off (in which case our scripts won't even work), the PHP validation scripts are your last line of defense to keep things safe. On the other hand, the JavaScript allows the user to get a user-friendly response to unacceptable or wrong input in fields. Rather than making the user restart the form when he goofs, good JavaScript validation scripts use the focus() method to put the cursor back on the field where the goof occured as well as alerting the user to his error. PHP-only validation forces form restart, which is maddening to users.

We use /^[A-Za-z0-9!@#$%^&*()_]{6,20}$/ types of regular expressions to force the data to conform to the needs of the data fields, with the first part showing the acceptable characters and the second part forcing the length—in this case—to be 6 to 20 characters. The email validator we wrote to allow even some of the weirder valid email configurations.

We now turn to the PHP section. First we grab all POSTed data that gets sent to the page after the submit button is clicked. Note that we stick the groupname and username into session variables. There is a captcha in the form and the user must give the correct answer to be registered. The correct answer will be figured in a different PHP script (more on that later) and stuck into the a__________a session variable. When the form is submitted, we check the answer the user gives against this a__________a variable and if it is incorrect, the user sees "Wrong captcha answer. Please try again." and is made to restart the registration process. The captchas are all simple: adding or substracting a 1-digit number to/from a 2-digit number.

If the user gets it right, the username and groupname they entered are checked for in the db table. If such a name already exists, the user sees "This User Name already exists. Please try again." or "This Group Name already exists. Please try again." and is made to restart the registration process. If the user is silly enough to disable JavaScript, the PHP will still force the data to be within certain length parameters. Too long data gets trimmed off and too short data causes an alert and the user is made to restart the registration process. If the email is not valid, the PHP program will say so and the user is made to restart the registration process.

Here is something to get you to sit up and take notice: the very standard preg_match-using PHP email validator takes standard data but not unusual data, but the regular expression filtration done later allows any character that is technically allowed according to standards we looked up. Of course, this email regular expression filtration will have no effect since the earlier email validator stops unusual characters in their tracks—a regular expression pattern with only \w\- in it allows alphanumerics and "_" and "-" and nothing else. So if they used unusual characters they have to start over—they will never even reach the email regular expression filtration script.

We added this to allow you, dear reader, to decide if you want to include more legal characters or not. The other filtration scripts use preg_replace and dump unacceptable characters, using our strict standards.

We also filtered out tags someone may try to sneak in by use of the strip_tags function. And, of course, since the data will be going into a MySQL database table, we sanitized it even further with the mysql_real_escape_string() function, which escapes all iffy data—also known as special characters—like quotes, etc.

Next we create the random-alphanumeric-character-laden salt. Then we use the salt and the entered password to create the hash. Both salt and hash go into the db. The password does not, so if anyone asks for theirs like in Forgot Password, we simply create a random string and email it to them and say "here's your new password." Few companies allow storing of passwords—it's dumb. As we are entering the profile data into the db, we stick ",0," in all the preferences fields as a default. The reason for this requires a bit of explaining and you will find the explanation here: MC (Microcommunity) Search and Match — PHP.

If the registration is successful, we stick the user's id in a session variable because in the private messaging aspects of our system it will be used to identify who sends and/or receives what message. People are allowed to change both group names and user names, but never IDs, so the messages will still be dealt with all right even if everyone changes group names and user names.

The }}}}}}}}}}}} is because of all the }else{ conditionals used earlier in the script. If the $Entry variable is not 1 but still 0, they haven't submitted the form yet, so we show them the form for entry and submission. On the other hand, if they have submitted it, we send them off to the questionnaire, which you will find at the end of the script after the final else conditional. We even send their username in a form, but we needn't have bothered since usernames are grabbed from session variables, not POSTs or GETs. Admittedly, there's a tad bit of overkill here and there in our scripts—just trying to cover all the bases.

The form itself is pretty standard stuff. It has maxlength attributes to keep lengths limited and it uses an onsubmit event to run the JavaScript validator. But the form also uses a captcha. We used the official captcha method in our Personal Status Board (PSB™) scripts, but designed a less cumbersome method for our MC registration scripts.

Take a gander at the captcha code: <IMG SRC="captcha-with-sessions.php" alt='captcha'>. A pretty strange type of image, to be sure! Browsers do NOT mind PHP scripts sitting in for PNG, BMP, GIF, or JPG images, believe it or not. The message "If you see no Captcha, disable your ad blocker" is displayed near the captcha because ad blockers with strong settings may knock the captcha out of the form. But Pop-up Blockers do not molest our captcha since it is NOT a pop-up. It's a random PNG image created using functions from the GD library, which is in all recent PHP versions. (To use the recommended bundled version of the GD library, which was first bundled in PHP 4.3.0, get your server hosts to use the configure option "--with-gd". Most already do this.)

The captcha image uses the font Holisb__.ttf, which is the Holiday Springs BTN True Type Font (get at MyFonts.com), but you may use other types if you wish. If you find arial.ttf in your C:\WINDOWS\Fonts\ directory on your computer, make sure it is in your folder with your PHP scripts on your server. Holisb__.ttf does a much cooler job, and will be harder for any automatic spambot script to read (and get the right answer for the arithmetic problem). For the captcha script, go to: Captcha Script for Registration and Login.

The script below is called: register-with-captcha.php

$_SESSION['sessionid'] = session_id();


$sql = "CREATE TABLE IF NOT EXISTS mc_members (
id int(4) NOT NULL auto_increment,
username varchar(20) NOT NULL,
score tinyint(4) NOT NULL DEFAULT '0',
password varchar(65) NOT NULL,
groupname varchar(20) NOT NULL,
city varchar(33) NOT NULL,
state varchar(2) NOT NULL,
zip int(5) NOT NULL,
email varchar(65) NOT NULL,
ip varchar(65) NOT NULL,
signup_date varchar(10) NOT NULL,
salt varchar(19) NOT NULL,
males03 tinyint(2) NOT NULL,
males47 tinyint(2) NOT NULL,
males811 tinyint(2) NOT NULL,
males1214 tinyint(2) NOT NULL,
males1517 tinyint(2) NOT NULL,
males1823 tinyint(2) NOT NULL,
males2434 tinyint(2) NOT NULL,
males3549 tinyint(2) NOT NULL,
males5065 tinyint(2) NOT NULL,
males6679 tinyint(2) NOT NULL,
males80 tinyint(2) NOT NULL,
females03 tinyint(2) NOT NULL,
females47 tinyint(2) NOT NULL,
females811 tinyint(2) NOT NULL,
females1214 tinyint(2) NOT NULL,
females1517 tinyint(2) NOT NULL,
females1823 tinyint(2) NOT NULL,
females2434 tinyint(2) NOT NULL,
females3549 tinyint(2) NOT NULL,
females5065 tinyint(2) NOT NULL,
females6679 tinyint(2) NOT NULL,
females80 tinyint(2) NOT NULL,
childless tinyint(2) NOT NULL,
emptynesters tinyint(2) NOT NULL,
widows tinyint(2) NOT NULL,
widowers tinyint(2) NOT NULL,
married tinyint(2) NOT NULL,
livingtogether tinyint(2) NOT NULL,
separated tinyint(2) NOT NULL,
divorced tinyint(2) NOT NULL,
engaged tinyint(2) NOT NULL,
single tinyint(2) NOT NULL,
gaymales tinyint(2) NOT NULL,
lesbian tinyint(2) NOT NULL,
white tinyint(2) NOT NULL,
black tinyint(2) NOT NULL,
asian tinyint(2) NOT NULL,
hispanic tinyint(2) NOT NULL,
hawaiian tinyint(2) NOT NULL,
mixed tinyint(2) NOT NULL,
criminal tinyint(2) NOT NULL,
homeschooled tinyint(2) NOT NULL,
publicschools tinyint(2) NOT NULL,
privateschools tinyint(2) NOT NULL,
religiousschools tinyint(2) NOT NULL,
specialschools tinyint(2) NOT NULL,
allergies tinyint(2) NOT NULL,
chronic tinyint(2) NOT NULL,
mental tinyint(2) NOT NULL,
disabilities tinyint(2) NOT NULL,
ramps tinyint(2) NOT NULL,
willingeldercare tinyint(2) NOT NULL,
availableeldercare tinyint(2) NOT NULL,
needeldercare tinyint(2) NOT NULL,
willingchildcare tinyint(2) NOT NULL,
availablechildcare tinyint(2) NOT NULL,
needchildcare tinyint(2) NOT NULL,
Smoking_Drinking varchar(175) NOT NULL,
Preferred_Housing_Type varchar(175) NOT NULL,
Willing_to_relocate varchar(175) NOT NULL,
MC_type_sought varchar(175) NOT NULL,
Open_to_be_in_mixed_race_MC varchar(175) NOT NULL,
Sexuality varchar(175) NOT NULL,
Religious_Openness varchar(175) NOT NULL,
Religion varchar(175) NOT NULL,
Childrearing_Style_and_Preferences varchar(175) NOT NULL,
Pets varchar(175) NOT NULL,
Personal_Entertainment varchar(175) NOT NULL,
Housing_Interested_in_Common_Shared_Space_for varchar(175) NOT NULL,
Employment varchar(175) NOT NULL,

// Execute query

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Register for MC Search and Match</TITLE>
<meta name="description" content="Register for MC Search and Match">
<meta name="keywords" content="Register for MC Search and Match,match,search,Register Script,registration,php,javascript, dhtml, DHTML">
<style type="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left}
p, li {font:13px Verdana; color:black;text-align:left}
h1 {font:bold 28px Verdana; color:black;text-align:center}
h2 {font:bold 24px Verdana;text-align:center}
h3 {font:bold 15px Verdana;}
.k {text-align:right}
.j {position:absolute;top:50px;left:50%;margin-left:-300px;width:600px}
#myform {position:absolute;top:100px;left:50%;margin-left:-225px;width:450px;border:2px solid black;background-color:#8aa;}
#links {position:absolute;top:210px;left:82%;width:222px}
#t {width:410px;padding:9px;margin-top:-25px}
#undisplayed {position:absolute;top:210px;left:5%;width:170px}
<script language="javascript">

function validatepassword(){

var ck_password = /^[A-Za-z0-9!@#$%^&*()_]{6,20}$/;
if (document.formpw.password.value.search(ck_password)==-1)
{alert("Please enter 6 to 20 letters, numbers and these for password: !@#$%^&*()_");document.formpw.password.focus();return false;}

var ck_username = /^[A-Za-z0-9_]{6,20}$/;
if (document.formpw.username.value.search(ck_username)==-1)
{alert("Please only enter 6 to 20 letters, numbers and underline for user name.");document.formpw.username.focus();return false}

var ck_city = /^[A-Za-z\s\-]{2,33}$/;
if (document.formpw.city.value.search(ck_city)==-1)
{alert("Please only enter 2 to 33 letters, space, or hyphen for city name.");document.formpw.city.focus();return false}

var ck_state = /^[A-Za-z]{2,2}$/;
if (document.formpw.state.value.search(ck_state)==-1)
{alert("Please select a State.");document.formpw.state.focus();return false}

var ck_zip = /^[0-9]{5,5}$/;
if (document.formpw.zip.value.search(ck_zip)==-1)
{alert("Please only enter 5 number zip code.");document.formpw.zip.focus();return false}

var ck_groupname = /^[A-Za-z0-9_]{6,20}$/;
if (document.formpw.groupname.value.search(ck_groupname)==-1)
{alert("Please only enter 6 to 20 letters, numbers and underline for group name.");document.formpw.groupname.focus();return false}

var ck_email = /^[A-Za-z0-9-_]+(\.[A-Za-z0-9-_]+)*@([A-Za-z0-9-_]+\.)?([A-Za-z0-9-_]+(\.[A-Za-z]{2,6})(\.[A-Za-z]{2})?)$/;
if (document.formpw.email.value.search(ck_email)==-1)
{alert("That email address is not valid.");document.formpw.email.focus();return false}

return true;}




$_SESSION['username'] = $U;
$_SESSION['groupname'] = $G;

if($Entry==1 && $A<>$_SESSION['a__________a']){$N=1;unset($U);echo '<script language="javascript">alert("Wrong captcha answer. Please try again.");window.location="register-with-captcha.php";</script>;';

if($Entry==1 && $A==$_SESSION['a__________a']){
$check_user_data = mysql_query("SELECT * FROM mc_members WHERE username = '$U' LIMIT 1") or die(mysql_error());
if(mysql_num_rows($check_user_data) > 0)
{$N=1;unset($U);echo '<script language="javascript">alert("This User Name already exists. Please try again.");window.location="register-with-captcha.php";</script>;';

if($Entry==1 && $A==$_SESSION['a__________a']){
$check_user_data = mysql_query("SELECT * FROM mc_members WHERE groupname = '$G' LIMIT 1") or die(mysql_error());
if(mysql_num_rows($check_user_data) > 0)
{$N=1;unset($U);echo '<script language="javascript">alert("This Group Name already exists. Please try again.");window.location="register-with-captcha.php";</script>;';


if (strlen($U)<6) {echo '<script language="javascript">alert("Please enter 6 to 20 characters for user name."); window.location = "register-with-captcha.php"; </script>';
if (strlen($G)<6) {echo '<script language="javascript">alert("Please enter 6 to 20 characters for group name."); window.location = "register-with-captcha.php"; </script>';
if (strlen($P)<6) {echo '<script language="javascript">alert("Please enter 6 to 20 characters for password."); window.location = "register-with-captcha.php"; </script>';
if (strlen($C)<2) {echo '<script language="javascript">alert("Please enter 2 to 33 characters for city."); window.location = "register-with-captcha.php"; </script>';
if (strlen($S)<2 || strlen($S)>2) {echo '<script language="javascript">alert("Please use dropdown list for state."); window.location = "register-with-captcha.php"; </script>';
if (strlen($Z)<5) {echo '<script language="javascript">alert("Please enter 5 characters for zip code."); window.location = "register-with-captcha.php"; </script>';
if (strlen($E)<6) {echo '<script language="javascript">alert("Please enter 6 to 65 characters for email address."); window.location = "register-with-captcha.php"; </script>';
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$E)) {
echo '<script language="javascript">alert("That email address is not valid."); window.location = "register-with-captcha.php"; </script>';
$pattern1 = '/[^a-zA-Z\\-\\s]/i';
$pattern2 = '/[^a-zA-Z0-9\\.\\,\\!\\;\\-\\_\\*\\@\\=\\+\\$\\/\\&\\[\\]\\#\\?\\047\\:\\(\\)]/i';
$pattern3 = '/[^a-zA-Z0-9\\_]/i';
$pattern4 = '/[^A-Za-z0-9\\!\\@\\#\\$\\%\\^\\&\\*\\(\\)\\_]/i';
$pattern5 = '/[^0-9]/';
$pattern6 = '/[^A-Z]/';
$replacement = '';
$C=preg_replace($pattern1, $replacement, $C);
$U=preg_replace($pattern3, $replacement, $U);
$E=preg_replace($pattern2, $replacement, $E);
$Z=preg_replace($pattern5, $replacement, $Z);
$P=preg_replace($pattern4, $replacement, $P);
$G=preg_replace($pattern3, $replacement, $G);
$S=preg_replace($pattern6, $replacement, $S);

$D = date("d-m-Y");$e=",0,";$score=0;
$sql="INSERT INTO mc_members(id,username,score,password,groupname,city,state,zip,email,ip,signup_date,
VALUES(NULL, '$U', '$score', '$h', '$G', '$C', '$S', '$Z', '$E', '$I', '$D', '$o', '$e', '$e', '$e', '$e', '$e', '$e', '$e', '$e', '$e', '$e', '$e', '$e', '$e')";
$sql = "SELECT id FROM mc_members WHERE username = '$U'";
$_SESSION['userid'] = $id;
echo '<script language="javascript">alert("Entries were made successfully.");</script>';

echo '<script language="javascript">alert("Entries were NOT made—something went wrong."); window.location="register-with-captcha.php";</script>';}


if($N==1||$Entry==0){ ?>

<center><h1>Register for MC Search and Match</h1></center>

<center><div class='j'><b>Before you Register for MC Search and Match, please meet with all your group members and agree on all the answers to the questions in the <a HREF="questionnaire.html">Questionnaire</a></b></div></center>

<div id='myform'><BR><center><h3>Basic Info—Submit This First, Then <a HREF="questionnaire.html">Questionnaire</a></h3></center><table id='t' border='0' cellspacing=0 cellpadding=2>
<form id='formpw' name="formpw" method="post" action="register-with-captcha.php" onsubmit="return validatepassword()">
<tr><td class='k'><label for="User Name"><b>User Name: </b></td><td><input type="text" name="username" size="20" maxlength="20" value=""></label></td></tr>
<tr><td class='k'><label for="Password"><b>Password: </b></td><td><input type="password" name="password" size="20" maxlength="20" value=""></label></td></tr>
<tr><td class='k'><label for="Group Name"><b>Group Name: </b></td><td><input type="text" name="groupname" size="20" maxlength="20" value=""></label></td></tr>
<tr><td class='k'><label for="City"><b>City: </b></td><td><input type="text" name="city" size="20" maxlength="33" value=""></label></td></tr>
<tr><td class='k'><label for="State"><b>State: </b></td><td>
<select name="state" size='4'>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<tr><td class='k'><label for="Zip"><b>Zip: </b></td><td><input type="text" name="zip" size="5" maxlength="5" value=""></label></td></tr>
<tr><td class='k'><label for="Email"><b>Email: </b></td><td><input type="text" name="email" size="20" maxlength="65" value=""></label></td></tr>
<tr><td class='k'><input type="hidden" name="entry" value="1">
&nbsp;</td><td><IMG SRC="captcha-with-sessions.php" alt='captcha'>
<tr><td class='k'><label for="Captcha answer"><b>Captcha answer: </b></td><td><input type="text" name="answer" size="20" maxlength="20" value=""></label></td></tr>
<tr><td align=left colspan=2>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;If you see no Captcha, disable your ad blocker.</td></tr>
<tr><td class='k'>&nbsp;</td><td><BR><input type="submit" value="Submit">
<input type="reset" value="Reset"></td></tr></form></table><BR>

<div id='links'><BR>
<a HREF="login-to-mc.php">Login (I've registered)</a><BR>
<a HREF="http://www.thebiganswer.info/">Home</a><BR>
<a href="http://www.css-resources.com/contact.html">Contact us</a><BR>
<a href='forgot-password.php'>I forgot my password</a><BR>
<a HREF='forgot-user-name.php'>I forgot my user name</a><BR>
<a HREF="http://www.thebiganswer.info/">The Big Answer</a>

<div id='undisplayed'><BR>
The User Name, Password, and Email data in your profile will never be displayed in searches or matches, nor revealed to third parties without your express permission.



<form name="MyForm" method="POST" action="questionnaire.php">
<input type="hidden" name="username" value=" ">


<script language="javascript">
var u = <?php echo json_encode($U); ?>;