Important: All the bulleted points’ headings are hyperlink to code) Common code link
2. img Folder: files in this folder serve as random backgrounds for captcha.
3. connect.php : This code loads db details and creates a connection to db.
4. dbHandler.php: This code provides common methods which are intermediate functionalities specific to application and use connect.php to talk to DB.
5. dbdetails.php: When code is deployed at new server, these DB details will change.
6. captcha.php: This is the code to generate captcha as an image output to browser. Treat this file as an image . As per config in htaccess , you can refer it as captcha.htm also. This will generate two random numbers and save the output in session for future input verification. Captcha puzzle is printed on random location in a random image chosen.
7. hkproject1.sql : This is to generate a table in db with required fields to save opt ins.
8. register.php : This is the main input form where user registers. Major php code for this form is in registersubmit.php
10. thankyou.php: This page is opened after successful submission on register.php and simply shows a success message based on query string parameters.
1 One mistake I did here was, I pay much attention to environment I used for and production. I developed on local using latest ( Windows based) and deployed on based . On box root was used as user and blank as password, lucky me that I kept configurations in separate file, so edits while deployment were easy. One more thing, after creation of new DB on , it takes a while , before you could actually connect to the DB, for me connection started working after 3 hrs, during these three hrs I was doing a lot of hook and crook to connect to db on production. Obviously, turned a waste of time after three hrs, since it was only first time issue to be faced after DB creation.
One more thing here, in the table we store opt ins, I created an extra column of type , so that it may be tracked when user actually signed up, just in case, this info is required in future. Also , The email was kept primary key here, to avoid multiple by same user again and again at DB level itself.
2. In PHP , which methods I use to connect to greatly depend on what version of PHP I am using on both and production environment. So be extra careful here to use similar box as production. For some fields, I wanted to allow deliberately some characters like in the field, so I had to do before putting value in the query.
· At many places, while development, I actually wanted to see errors and warning which were being suppressed by framework, so had to use :
· At one place session start code was required to be moved to top of the file, before any kind of even, this seems to be weird behavior of
· I thought, before actually starting session, it was always wise to check existing one like :
· On PHP side, it was easier to validate email format like :
Here I specifically converted email to lower, because I wanted to keep this field as primary, and you never know end users behaving as monkeys who sometime use same email with some characters upper case.
· On success of submission of data, I took user to page with variables in query string. But since I was trying to use query string I made sure to use and on sender and consumer side.
· It is always advisable to hide page extensions to make it difficult to hackers, so all my pages in my deployed version look like *. entry : This I achieved using .
· Default page in my application was different than index.*, so I used
4. For mathematical , I used sessions to validate user input. I had thousands of images in a fixed folder. I picked a random image from this folder using
On the top of this image , using , I printed the string, whose answer is saved in session.
Please note that text is also printed at random location on image.
On UI I also gave a refresh button, using code above mentioned was reloaded and new answer is saved in session with altogether new to display:
Please don’t get puzzled with Math.random in code, which is just to avoid caching of image content on client side.
5. Even though this assignment was specifically concentrated on PHP / , but moral responsibility of a developer is to make sure, it is usable. So I reverse engineered many templates to make something good looking , / validation obviously had to be form specific, but styles are easy to copy paste , so I did .