SHARENLIVE.

COM

PROJECT REPORT Submitted by BAIJU K.R SHINU GEORGE MATHEW ABSTRACT

Sharenlive is a free matrimonial website developed in PHP.This website is available in net nowadays. Many Matrimonial websites claim they have thousands of "members" profile but one thing we want to mention here is sharenlive.com will offer you 99.9% genuine profiles. ou

can able to find genuine brides and grooms in sharenlive.com. Sharenlive.com choose to stay honest in our efforts of matrimonial and deliver you the best results without charging you anything! because we reali"e the seriousness of your concern about finding your #right# life partner. $or us! matrimonial matchma%ing is not &ust a business! but also a social cause. This attitude of ours that ma%es us uni'ue amongst hundreds of other Matrimony and Matrimonial websites. (nce again we assure that you will get 99.9% genuine information from our matrimonial website sharenlive.com .our main aim is to provide a uni'ue matrimonial service to whole community no matter where you are based! to help you to find your life partner. More and more people are &oining online matrimonial websites to find their match. This website deals with the registration for various types of communities. Salient features of the pro&ect are its user friendly. )ata entry screen and the reports that provide the necessary details to the user.

*+ST ($ T,-*.S Tab e! Pa"e

/.0 /.1 /.3 /./

personel physical photo contacts

12 12 14 14

LIST O# #IGURES

#i"u$e

Pa"e

5.0 5.1 2.0 2.1 2.3 2./ 2.5 2.2 2.4

level 6)$) level 0)$) *ogin form 8egistration 8egistration Photo upload edit profile mail sending feedbac% TABLE O# CONTENTS

17 19 36 30 31 33 3/ 35 32

CHAPTER

TITLE PAGE NO. ABSTRACT % LIST O# TABLES %iii LIST O# #IGURES i&

'. '

INTRO(UCTION

0.0 9:+;9.:.S S ($ SH,8.:*+<.

0

0.1 H(= T( 9S. SH,8.:*+<..>(M

0

0.3 -.:.$+TS $(8 SH,8.:*+<.

3

0./ ,)<,:T,?.S
5

0.5 )+S,)<,:T,?.S
2

). +

SO#TWARE (EVELOPMENT LI#E C*CLE

1.0 S ST.M ,:,* S+S 4

1.0.0 System study

4

1.0.1 .@isting System

4 1.1 S($T=,8. ,:) H,8)=,8. 8.;9+8.M.:TS 7

1.1.0 Hardware 8e'uirements

7

1.1.1 Software 8e'uirements

4 1.3 S ST.M ).S+?: 9

1.3.0 *ogical )esign

9

1.3.1 Physical )esign

9

CHAPTER

TITLE PAGE NO

1./ S ST.M +MP*.M.:T,T+(: 1.5 S ST.M T.ST+:? 1.5.0 Static Testing Purpose 1.5.1 )ynamic Testing 1.5.3 ,cceptance Testing 1.2 T.ST P8(>.)98.S ,:) T.ST 8.P(8TS

06 00 06 00 01 03

1.4 M,+:T.:,:>.
,. TOOLS 3.0 +:T8()9>T+(: T( PHP

03

'0/

3.0.0 =hat is PHP 3.0.1 .rror 8eporting 3.0.3 >onnecting to )atabase 3.0./ .ncrypt Storage Model 3.0.5 Hiding PHP
3.1 HTTP ,uthentication =ith PHP 03 0/ 0/ 02

3.1.0 >oo%ies 3.1.1 Sessions 3.1.3 +nstallation 3.1./ PHP vs. .,SPA 3.1.5 PHP vs.Perl
3.3 ,-(9T M S;*

09 16 10 11 11 11 11 13 1/ 15 ). )/ ,0 CONCLUSION ,+ RESUME ,/

3.3.0 +ntroduction 3.3.1 +nstalling MyS;* 3.3.3 Simple <alidation 3.3./ >onclusion /. 5. 2.
TABLES #IGURES SCREENSHOTS

4.

RE#ERENCES CHAPTER ' INTRO(UCTION 0.0 9:+;9:.SS ($ SH,8.:*+<.

,1

Sharenlive Ba web application for matrimonialC provides the efficient matrimonial website! a provision for viewing the latest status of the service. +t is a free matrimonial website. The web service provides you the ma@imum benefit by providing the information about various users located at various places! there by managing them effectively. This system provides services in web server and bride and groom. That needs a particular person can register their name in the system and get the username and password through which they can find their soul mates.

System also provides provision to view the profile of the registered user. provided that they give correct username and password. =elcome to Sharenlive.>om! the best +ndian Matrimonial site with profiles of +ndian brides and grooms that includes listings of Hindu Matrimonials! Muslim Matrimonials! Si%h Matrimonials! Tamil Matrimonials! Telugu Matrimonials! (riya Matrimonials! Dannada Matrimonials and many more from all over the world. =e provide the most comprehensive listing of +ndian matrimonial profiles for singles see%ing love and marriage. 0.1 H(= T( 9S. SH,8.:*+<..>(M 9sing Sharenlive.com is simple and easy. Here is a 'uic% guide to help you ma%e the best of your Sharenlive.com membership. ?et familiar with the various search options. 9se the different search options and begin your search for a life partner. Photos lets you search for members with photos. 9se #>ity Search# to loo% for members from a city of your choice. Search# has many criteria to search by! so your search is as specific as you#d li%e it. +f you are searching for a specific caste! profession! lifestyle etc. you could use the #Deyword Search#. )escribe yourself and your partner preference 8egister as a member and create your detailed profile. our profile is the 'uic%est way of letting others

%now who you are. Eust as you are more li%ely to e@press interest in a member with a detailed profile similarly others too would respond to your detailed profileF ,dd your photo G (ur research shows that members with photos get 01 times more response. ,dd astro info! hobbies! interests etc. G .ncourages response from members more suited for you. >ontact and be contacted. (nce you have found a li%ely match! show interest by clic%ing #.@press +nterest# on the profile page of the member. The member will then get a message and can accept or decline after viewing your profile. >hec% and respond to the interests and messages you receive regularly. ,lso improves your ,ctivity $actor Ban indication of how well you interact on the siteC %eeping you high in other#s search results (nce the other member accepts your interest you can get to %now the other person or share contact details by typing messages and initiating mails 8espond to messages and chat re'uests from Premium Members*ogin regularly. To ensure higher ran%s in search results login regularly. There are other advantages tooF ou can chec% interests you receive and respond to

them Thousands of new members &oin each wee% and your special someone may be one of them :ew features and enhancements are regularly made to improve your e@perience here

0.3 -.:.$+TS

H Publish photo I a detailed web page. H Deep your address and .mail confidential and receive messages in your matrimonial message bo@. H 8egister once and create any number of profiles. 9seful for matrimonial agencies. H $ree for user registration and no payment. Stop Waiting. Start living. Get Married!!
Here#s how you can find your +ndian matrimonial match.

H Post your matrimonial profile for $8.. H Thousands of +ndian brides and grooms will view your profile H -rowse thousands of +ndian matrimonial profiles H >ontact Profiles of your choice H ?et Married. -e Happy.
Matrimonial web sites are gaining popularity among young men! women and their parents. , big attraction for them is cost effectiveness of this idea. ?one are the days when harried parents of the marriageable daughters waited for marriage bro%ers to come up with proposals from prospective bridegrooms who could match their choice and poc%ets. The scene was almost the same in the homes of bachelorsJ with the only difference that their parents were less harassed and less worried about money. :ow! things have changed 'uite a lot. The education of women has brought with it the power of independence. The +ndian society has come a long way. There has been a drastic change in the attitude of both parents and their daughters. =omen nowadays e@ercise their veto more often while choosing their bridegrooms. The situation for the boys too has improvedJ though even earlier their conditions were better off than the girls. (ne thing that has become clear and loud with the change is that today the +ndian marriage is increasingly becoming a union of two individuals rather being a union of two families.

Marriages in +ndia are categori"ed mainly under two typesF love marriage and arranged marriage. *ove marriage is getting fullGfledged support from our own dear dream weaver! the one and only -ollywood. Things now have come a long way. +t is not that the earlier two forms do not e@ist any more! but there has been a perceptible change in the outloo% of the educated middle and the upper middle class. The classifieds of the renowned .nglish and the vernacular dailies now have ta%en place of the marriage bro%ers. -ut! the ones who are creating ripples in the business of finding the right match are the matrimonial sites. Shaadi.com! Eeevansaathi.com! 013+ndia.com Matrimonials! -haratMatrimony.com! etc. are some of the popular matrimonial web sites. Eust a clic% of the mouse! and a whole world of information about men and women of marriageable age unravel in front of the user. These sites provide free registrations for their users and also help them in creating

attractive loo%ing profiles. The sites enable their user to search matches! that meet their respective criteria and can even email or chat with the registered members. The site does not only help the prospective brides and bridegrooms but are helpful for their parents also. The choice is e@tensive for the neti"ens! who are hoo%ed on to these sites. The user can avail many search options. The member &ust has to mention about the desired community or the desired &ob profile or the choice of the country or city for the match search. There are options for selecting the desired comple@ion and height in these matrimonial web sites. Some sites are e@clusively for the :onG8esident +ndians B:8+sC. +ndia >anada Marriage is one such web site for +ndoG>anadians. +ndia Matches is another matrimonial web site where one can search for a life partner or find a date or meet a friend through the +nternet. The matrimonial sites do not restrict themselves to the role of an information provider of the readyGtoGbe brides and the bridegrooms. They are &ust ready with all %inds of information associated with marriage starting from the information about designers! renowned shops of trousseau! to even decorators! florists! caterers and wedding halls. :ow! the 'uestion that may come to everybody#s mind is that whether people are really benefited by it or not. The success stories that have been put up on these sites assert that the people do get benefits. -ut! there is also another side of the story. Many young men and women log on to these sites &ust for chatting and dating on the net. +n many offices! guys are often seen these sites regularly &ust to see the pictures of the girls! to ta%e their email addresses! to chat and to meet them later on to be browsing through. 0./ ,)<,:T,?.S

0. .asy and simple to use. 1. 9pload your photo for $8..Kit is said that a "Photo" is worth a thousand words" G 9pload your
)igital Photo yourself (8 send us your photo I we will scan I digiti"eI 9pload it G ,bsolutely $ree. 3. $ree 8egistrationGG+f you have not register yet! and then register now it will only ta%e few minutes and start searching for your soul mate. +f you have any suggestions or comments on how to ma%e this website better then please do not hesitate to contact us. To ensure higher ran%s in search results login regularly. There are other advantages tooF

/. ou can chec% interests you receive and respond to them. 5. Thousands of new members &oin each wee% and your special someone may be one of them. 2. :ew features and enhancements are regularly made to improve your e@perience here. 4. Photo security. 7. The aficionados of the first type snub arrange marriage as the marriage of convenience. Moreover! the
second type really has a long fan following among the fraternity of parents. =ith even love marriages brea%ing apart too often! some of the younger generations are also shifting their allegian.

)+S,)<,:T,?.S

0. Poor communication between users. 1. Photo si"e is small.

CHAPTER ) SO#TWARE (EVELOPMENT LI#E C*CLE

The prime ob&ective of the system is to develop a application for satisfying all re'uirements of the client and it should be capable of handling large volume of customers. The overall system must be fast and convenient. The classical System )evelopment life >ycle BS)*>C method! the Prototype model has been used here. +t is the most widely used paradigm for system development. This process demands a systematic! se'uential approach to software development. The life cycle involves the following activitiesF

1.0 S ST.M ,:,* S+S 2.1.1 System study System studies results in finding out details of the e@isting methodologies that are being followed and that whether any developments is to be made. These studies considered both the e@isting and the proposed system. System study had been conducted to analy"e the current e@isting system of matrimonial websites. ,ll the current websites have been analy"ed 2.1.2 Existing system +n the e@isting system the advertisement and marriage is done through newspapers and marriage beauro. So the current system is an old one in this computer world and it has many drawbac%s. The main problem is regarding time as well as cost. The cost of advertisement and searching of the partners through newspapers and consultancy are difficult. +n the manual system we waist the time. *ater it leads to confusion and lac% of %nowledge of the bride and grooms.. ,s paper advertisement involved in the manual maintenance is high! %eeping of unnecessary data! leading piles of waster paper. +n this fast changing world! in each and every home there is a computer with net connection. So the present system has become an easy! fast! and cost effective way of through mails.

1.1 S($T=,8. ,:) H,8)=,8. 8.;9+8.M.:TS SP.>+$+>,T+(: 1.1.0 Hardware 8e'uirements P8(>.SS(8 >*(>D SP..) S ST.M -9S 8,M H)) M(:+T(8 D. -(,8) M(9S. $)) F P.:T+9M +< F 566 MHL F 31 -+T F 501 MF /6 ?F S<?, >(*(8 F 067 D. S F *(?+T.>H F 0.// M-

1.1.1 Software 8e'uirements

(P.8,T+:? S ST.M .:<+8(:M.:T $8(:T .:) S.8<.8 S+). S>8+PT+:? =.- ,)M+:ST8,T+(8 -,>D.:) -8(=S.8 F =+:)(=S MP F M,>8(M.)+, )8.,M F PHP F PHP F ,P,>H. F M S;* F +:T.8:.T .MP*(8.8 2.6 =.,<.87

1.3 S ST.M ).S+?:

The importance of software design can be found with a single word! 'uality. )esigning is the phase in which 'uality is fastened in a software development. )esign is the only way that can accurately translate the >ustomer#s re'uirements into a finished software product. , system! which is not properly designed! may fail when small changes are made. Thus! the primary ob&ective of design phase is to determine how the system has to be developed. System design is a process that identifies inputs! outputs and e@plains functions of the system. This important phase is composed of several steps. +t provides understanding of the procedural details! necessary for implementing. .mphasis has been given for translating the performance re'uirements. 9nderstanding the data flow and the database that is to be designed forms an important aspect of the designing process. ?enerally System )esign includes the following typesF

1.3.0 *ogical )esign *ogical design describes the format of inputs! outputs! and procedures that meets the user re'uirements. The design covers the followingF

N 8eviews the current physical system. N Prepares the output specification. N Prepares the +nput specifications. N Prepares controls specifications.
1.3.1 Physical )esign This produces the wor%ing system by defining the design specifications that tell the programmers e@actly what the system must do. The programmers write the necessary programs that accept inputs from the user! perform the necessary calculations! produce hardcopy of the report or display it on the screen )esign the Physical system.

N Specify the +nputO(utput media. N )esign physical information flow through the system. N Plan system implementation.
The flow of data through out the pro&ect was graphically represented using )$) so that the internal flow of process can be easily understood. +f design is performed in a detailed manner! then coding can be done mechanically.

1./ S ST.M +MP*.M.:T,T+(:

This is the stage of the pro&ect when the theoretical design is tuned into a wor%ing system. +f the implementation stage is not carefully controlled and planned! it can cause chaos. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the users a confidence that the system will wor% and be effective.

The implementation stage in a pro&ect has its own right. +t involves

N >areful planning N +nvestigation of the current system and the constraints on implementation.
,fter the successful completion of the design phase! the ne@t important step is the development of the system according to the specified design. The main procedure of this phase is coding of the deigned system! in order to satisfy the re'uirements. The detailed inputOoutput! te@t manipulation! logic comparison and storageOretrieval operations during the system analysis stage provide input for the program preparation. >oding was carried out in a stepGbyGstep manner. (ne or more programmers convert these operations into a program of instructions written in a language and form acceptable to the computer hardware. +n our pro&ect user interGactiveness was given stress and the system gives ma@imum fle@ibility. Proper validations were done for every userGdefined function.

The principal activities performed during the development phase can be divided into two ma&or related se'uences. These are

0. .@ternal system development 1. +nternal system development

The primary e@ternal system development activities include +mplementation planning. The principal internal system development activities are computer program development and performance.

1.5 S ST.M T.ST+:?

:o system design is ever perfect. >ommunication problems! programmer#s negligence! or time constraints create errors that must be eliminated before the system is ready for user acceptance testing. , system is tested for online response! volume of transactions! stress! recovery from failure and usability. Then comes system testing! which verifies that the whole test of programs hangs together following system testing is acceptance testing! or running the system with live data by the actual user. 2.5.1 Static Testing Purpose >ode should be reviewed where necessary to ensure it follows pro&ect coding and design standards. >ode reviews are not meant to chec% program logic. ,dherence to acceptable programming standards is crucial for future maintenance. These will change over time as technology develops. 2.5.2 Dynamic Testing The traditional #prototype# lifecycle brea%s dynamic testing down into a number of phases such as unit! integration! system and acceptance testing. =hatever methodology is being followed! a software system is typically organi"ed into a number of units comprising a single logical function or several related functions needing access to shared data. +t is sensible and efficient to test these #units# as they are developed. -lac% bo@ and white bo@ testing may be used for this purposeF $unctional Bblac%Gbo@C Testing means testing that the #unit# does what it is supposed to do! and does not do what it is not supposed to do. This was tested in our .mail $lyer both in unit wise and units altogether after integration. +n other words! it is tested against its functional re'uirements! both positive and negative! as stated in the specification. This is %nown as blac% bo@ testing! since it re'uires no %nowledge of the inner wor%ings of the unit. Structural BwhiteGbo@C Testing is concerned with the degree to which test cases e@ercise or #cover# the logic of the program. The logic of the program was tested and chec%ed whether it meet the re'uirements correctly. 2.5.3 Acceptance Testing The need for acceptance testing will vary from pro&ect to pro&ect. +t is worthwhile noting the purpose of acceptance testing. +t is not supposed to be an unsupervised ad hoc activity underta%en by the client. +t should be strictly controlled. $or that reason there are a number of re'uirements! which are applicable if

acceptance testing proves necessary. The pro&ect manager should select these from the following that are applicable for a particular pro&ect. ,cceptance tests relate to the functionality of the system as stated in the re'uirements specification! and functional test cases must be selected to satisfy the agreed acceptance criteria. +n the ma&ority of cases! suitable test cases will e@ist among those used for system testing. These tests cover areas such as performance! security! reliability! loadOstress testing! volume testing! human computer interaction tests! configuration testing! compatibility testing! documentation! and human procedures. Sufficient tests must be devised to satisfy the agreed acceptance criteria. Since acceptance tests in particular can ma%e heavy demands on resources! and will have been performed as part of system testing! an alternative and e'ually acceptable procedure is to have the client witness a part of the system test. +n that case client witnessed system testing must conform to the re'uirements for acceptance testing with respect to procedure! conduct! and documentation. +t is recommended that this approach is adopted wherever possible as it ensures that testing is performed under carefully controlled conditions. 2.6 TEST PRO ED!RES A"D TEST REPORTS

The acceptance test procedures must be documented. The acceptance test procedure should specify the steps to be ta%en in carrying out the tests! and for formal acceptance tests needs to be rigorous! complete and unambiguous. The acceptance test procedure specification must be sub&ect to review prior to the dry run. The results of both the dry run and the acceptance tests must be documented. , test log and any test observation reports should be completed as the tests are conducted. , test summary review should be completed as soon after completion of the tests as possible.

1.4 M,+:T.:,:>.

Software will undoubtedly undergo changes after it has been delivered to the user. >hange will occur because errors have been encountered! because the software must be adapted to accommodate changes in e@ternal environment or because the user re'uires functional or personal enhancements. Software maintenance reapplies each of the preceding life cycle steps to an e@isting program rather than a new one. The basic idea of the S)*> method is that there is wellGdefined process by which the application is conceived! developed and implemented. +t gives the structure to a creative process. The phases in the S)*> provides a basis for management and control because they define segments of flow of wor% which can be identified for management purpose and specify the documents or other deliverables to be procured in each phase. , thorough analysis of the e@isting system is done and the new re'uirements for the proposed system are studied. The entire application is modulari"ed considering the features re'uired for the proposed system. CHAPTER , TOOLS

3.0 +:T8()9>T+(: T( PHP

PHP is a powerful language and the interpreter! whether included in a web server as a module or e@ecuted as a separate >?+ binary! is able to access files! e@ecute commands and open networ% connections on the server. These properties ma%e anything run on a web server insecure by default. PHP is designed specifically to be amore secure language for writing >?+ programs than Perl or c! and with correct selection of compileGtime and runtime configuration options! and proper coding practices! it can give you e@actly the combination of freedom and security you need.
,s there are many different ways to utili"ing PHP! there are many configuration options controlling its behavior. , large selection of options guarantees you can use PHP for a lot of purpose! but it also means there are combination of these options and server combinations that result in an insecure setup.

The configuration fle@ibility of PHP is e'ually reveled by the code fle@ibility .PHP can built complete server applications! with all the power of shell user or it can be used for simple serverG side includes with little ris% in a tightly controlled environment. how you build that environments! and how secure it is largely up to the PHP developer. This chapter starts with some general security advice! e@plains the different configuration option combinations and the situations they can be safely used and describes different considerations in coding for different level of security.

3.0.0 =hat +s PHP

PHP Brecursive acronym for "PHPF Hyperte@t Preprocessor"C is a widely used open source general purpose scripting language that is especially suited for =eb development and can be embedded in to HTM*. :otice how this is different from a script written in other languages li%e Perl or cKinstead of writing a program with lots of commands to output HTM*! you write an HTM* script with some embedded code to do something Bin this case! output some te@tC. The PHP code is enclosed in special start and end tags that allow you to &ump in to and out of#PHP mode" =hat distinguishes PHP from something li%e clientGside EavaScript is that the code is e@ecuted on the server. +f you were to have a script similar to above on the server! the client would receive the result of running that script! with no way of determining what they underlying code may be. ou can even configure your web server to process all your

HTM* files with PHP! and then there#s really no way that users can tell what you have up your sleeve. The best things in using PHP are that it is e@tremely simple for a newcomer! but offers many advanced features for a professional programmer. )ont be afraid reading the long list of PHP#s features. ou can &ump in a short time! and start writing simple scripts in a few hours. ?eneral +nstallation considerations -efore starting the installation! first you need to %now what do you want to use PHP for. There are three main fields you can use PHP

H H

ServerGside scripting >ommand line scripting

>lientGside ?9+ applications

$or the first and most common form! you need three thingsF PHP itself! a web server and a web browser.

ou

probably already have a web browser! and depending on your operating system setup! you may also have a web server Be.g. ,pache on *inu@ and Mac(S MJ++S on =indowsC. ou may also rent web space at accompany. This way! you

don#t set up anything on your own! only write your PHP scripts! upload it to the server you rent! and see the results in your browser. =hile setting up the server and PHP on your own! you have two choices for the method of connecting PHP to the server. $or many servers PHP has a direct module interface Balso called S,P+C. These servers include ,pache! Microsoft +nternet +nformation Server! :etscape and iPlanet servers. Many other servers have support for +S,P+! the Microsoft module interface B(mni HTTP for e@ampleC. +f PHP has no module support for your web server! you can always use it as a >?+ or $ast >?+ processor. This means you setup your server to use the >?+ e@ecutable of PHP to process all PHP file re'uests on the server. +f you are also interested to use PHP for command line scripting Be.g. write scripts auto generating some images for you offline! or processing te@t files depending on some arguments you pass to themC! you always need the command line e@ecutable. =ith PHP you can also write to the des%top ?9+ application using the PHPG?TD e@tension. This is a completely different approach than writing the pages! as you do not output any HTM*! but manage windows and ob&ects within them.

3.0.1 .rror 8eporting

=ith PHP security! there are two sides to error reporting. (ne is beneficial to increasing security! the other is detrimental. , standard attac% tactic involves profiling system by feeding it improper data! and chec%ing for the %inds! and conte@t! of the errors! which are return. This allows the system crac%er to probe for information about the server! to determine possible wea%nesses. $or e.g. +f an attac%er an had gleaned information about a page based on prior form submission! they may attempt to override variables! or modify themF The PHP errors normally return can be 'uite helpful to a developer who is trying to debug a script! indicating such things as the function or file that failed the PHP file it failed in! and the line number that occurred in. This is all information that can be e@ploited. it is not uncommon for a PHP developer to use show sourceBC !highlight stringBC!or highlight filesBC as a debugging measure! but in a live site ! this can be e@pose hidden variables! unchec%ed synta@ !and other dangerous information. .specially dangerous is running code from nonGsources with builtGin debugging handlers or using common debugging techni'ue. +f the attac%er can determine what general techni'ue you are using! they may try to bruteGforce a page! by sending various common debugging stringsF 8egardless of the method of error handling! the ability to probe a system for error leads to providing attac%er with more information.

$or e@ample! the very style of a generic PHP error indicates system is running PHP.+f the attac%er was loo%ing at an .html page! and wanted probe for the bac%Gend BTo loo% for %nown wea%ness in the systemC! by feeding it the wrong data they may be able to determine that a system pass built with PHP. , function error can indicate whether a system may be running a specific database engine! or give clues as to how a web page or programmed or designed. This allows for deeper investigation into open database ports! or to loo% for specific bugs or wea%ness in a web page. -y feeding different pieces or bad data! for e@ample! an attac%er can determine the order of authentication in a script! Bfrom the line number errorsC as well as probe for e@ploits that may be e@ploited in different locations in the scripts. , file system or general PHP error can indicate what permissions the webserver has! as well as the structure and organi"ation of files on the web server. )eveloper written error code can aggravate this problem! leading to easy e@ploitation of formerly "hidden" information. There are three ma&or solutions to this issue. The first is to scrutini"e all functions! and attempt to compensate for the bul% of the errors. The third is to use PHP#s custom error handling functions to create your own error handler. )epending on your security policy! you may find all three to be applicable to your situation. (ne way of catching this issue ahead of time is to ma%e use of PHP#s own error reporting BC! to help you secure your code and find variable usage that may be dangerous. -y testing your code! prior to deployment! with .,**! you can 'uic%ly find you area where your variables may be open to poisoning or modification in other ways. (nce you are ready for deployment! you should either disable error reporting completely by setting error reporting BC to 6! or turn off the error display using the php.ini option displayP errors! to insulate your code from probing. +f you choose to do the latter! you should also define the path to your log file using the error log in directive! and turn log error on.

3.0.3 >onnecting to )atabase

ou may want to establish the connection over SS* to encrypt clientOserver communications for increased security! or you can use the database server. +f either of these is used! then monitoring your traffic and gaining information about your database will be difficult for a wouldGbe attac%er.

3.0./ .ncrypt Storage Model

SS*OSSH protects data traveling from the client to the server SS*OSSH does not protect the persistent data stored in a database. SS* is an onGtheGwire protocol. (nce an attac%er gains access to your database directly Bbypassing the web serverC! the stored sensitive may be e@posed or misused! unless the information is protected by the database itself. .ncrypting the data is a good way to mitigate this threat! but very few databases offer this type of data encryption.

The easiest way to wor% around this problem is to first create your encryption pac%age! and then use it from within your PHP scripts.PHP can assist you in this with several e@tentions!such as Mcrypt and Mhash covering a wide variety of encryption algorithms. The script encrypts the data before inserting it in to the database! and decrypts it when retrieving. See the reference for further e@amples of how encryption wor%s. +n case of truly hidden data! if its raw representation is not needed Bi.e. not be displayedC! hashing may also be ta%en in to consideration. The wellG%nown e@ample for the hashing is storing the M)5 hash of a password in a database! instead of password itself.

3.0.5 Hiding PHP

+n general security by obscurity is one of the wea%est forms of security. -ut in some cases! every little bit of e@tra security is desirable. , few simple techni'ues can help to hide PHP! possibly slowing down an attac%er who is attempting to discover wea%ness in your system. -y setting e@posePphpQoff in your php.ini file! you reduce the amount of information available to them. ,nother tactic is to configure is to configure web servers such as apache to parse different file types through PHP! either with a hatches directive! or in the apache configuration file itself. e@tensionsF ou can then use misleading file

3.1 HTTP ,9TH.:T+>,T+(: =+TH PHP

The HTTP ,uthentication hoo%s in PHP are only available when it is running as an ,pache module and is hence not available in the >?+ version .+n an ,pache module PHP script! it is possible to use the header BC function to send an ",uthentication 8e'uired " message to the client browser causing it to pop up a 9sername OPassword input window. (nce the user has filled in a username and password! the 98* containing the PHP script will be called again with the predefined variablesPPHPP,9THP9S.8! PHPP,9THPP=! and ,9THPT P. set to the username! password and authentication type respectively. These predefined variables are found in the RS.8<.8 and

RHTTPPS.8<.8P<,8S arrays. (nly "-asic" authentication is supported. 3.1.0 >oo%ies

PHP transparently supports HTTP coo%ies. >oo%ies are a mechanism for storing data in the remote browser and thus trac%ing or identifying return users. ou can set coo%ies using the set coo%ie or set raw coo%ie BC function. >oo%ies are part of the HTTP headerJ so set coo%ie BC must be called before any output is sent to the browser. This is the same

limitation that header BC has. ou can use the output buffering functions to delay the script output until you have decided whether or not to set any coo%ies or sent any headers.

,ny coo%ies sent to you from the client will automatically be turned in to a PHP variable &ust li%e ?.T and P(ST method data! depending on the register global and variables order configuration variables .+f you wish to assign multiple values to a single coo%ie! &ust add ST to the coo%ie name.
+n PHP /.0.6and later! the RP>((D+. auto global array will always be sent with any coo%ies sent from the client. RHTTPP>((D+.P<,8S is also set in earlier versions of PHP when the trac% vars configuration variable is set

3.1.1 Sessions

Session supports in PHP consist of a way to preserve certain data across subse'uent accesses. This enables you to build more customi"ed applications and increase the appeal of your web site. The session module cannot guarantee that the information you store in a session . ou need to ta%e additional measure to actively protect the integrity of the session! depending on the value associated with it. ,ssess the importance of the data carried by your sessions and deploy additional protections Pthis usually comes at a price! reduced convenience for the user. $or e@ample! if you want to protect users from simple social enggF tactics! you need to enable session. 9se Ponly Pcoo%ies. +n that case! coo%ies must be enabled unconditionally on the user side! or sessions will not wor%. There are several ways to lea% an e@isting session id to third parties. , lea%ed session id enables the third party to access all resources! which are associated with a specific id. $irst 98*s caring session ides# you lin% to an e@ternal site! the 98* including the session id might be stored in the e@ternal sites referrer logs. Seacond!a more attac%er might listen to your networ% traffic .+f it is not encrypted !session ids will flow in plain te@t or the networ% the solution here is to implement SS* on your server and ma%e it mandatory for users .

(ptionally you can use shared memory allocation BmmC developed by 8alf S.englehall for session storage you have to download mm and install it. This option is not available to windows platforms .not that the session storage module for mm does not guaranty that concurrent access to the same session is properly loc%ed.

3.1.3 +nstallation

Session support is enable in PHP by default if you would not li%e to build your PHP with session support you should specify the disable session options to configure to use shared memory allocation BmmC for session storage configure PHP GwithGmm SQ)+8T. The windows version of PHP has built in support for this e@tension you do not need to load any additional e@tension in order use this functions. default all data related to particular session will be stored in file in the directory specified by the session. Save path

+:+ option. $ile for each session Bregardless if any data if associated with that sessionC will be created. This is due to the fact that session is opened Bfile is createdC but no data is even return to that file not that these behavior is aside effect of limitation of wor%ing with the file system and it is possible that accustom session handler Bsuch as one which uses databaseC does not %eep trac% of session which store no data

3.1./ PHP vs. .,SPA ,SP is no really a language in itself! it#s an aroma for active server pages the actual language is used to program asp with is <isual -asic Script or Escript.The biggest draw of ,SP is that a it#s a proprietary system that is natively used on Microsoft internet information server B++SC. This limit it#s availability to win 31Gbased servers there are a couple of pro&ects in the wor%s that allows ,SP to run in other environments and webservers. +nstant,SP from Halcyon BcommercialC chilyU Soft ,SP from chilyU Soft BcommercialC ,SP is said to be slower and comp some language than script it#s 8elatively easy to pic% up the language you already %now how to program in <isual -asic. ,SP support is also enabled by default in the ++S server ma%ing it easy to get up and running. The components built in ,SP are really limited! so if you need to use" advanced" features li%e interacting with $TP servers you need to buy additional components. PHP is commonly said to be faster and more efficient for comple@ programming tas%s and trying out new ideas. PHP generally referred to as more stable and less resource intensive as well. >old $usion has better error handling! database abstraction and date parsing although database abstraction is addressed in PHP /.,nother thing that is listed as one of >old $usion#s strength is its e@cellent search engine! but it has been mentioned that a search engine is not something should be included in a web scripting language .PHP runs on almost every platform there is >old $usion is only available on =in 31!Solaris! *inu@ and HPO9M.>old $usion has a good +). and +s generally easier to get started with where as PHP initially re'uires more programming %nowledge. >old $usion is designed with nonprogrammers in mind while PHP is focused on programmers

3.1.5 PHP vs. Perl

The biggest advantage of PHP over perl is that PHP was designed for scripting for the web where Perl was designed to do a lot more and can because of these get very complicated the fle@ibility or comple@ity of Perl ma%es it easier to write code that another author or coder has a hard time reading PHP was a less confusing and stricter format without losing fle@ibility. PHP is easier to integrate in to e@isting HTM* than

Perl PHP has pretty much all the" good" functionality of Perl constructs! synta@ and so on !without ma%ing it as complicated as Perl can be.Perl is very tried and true language its been around since late eighties but PHP is maturing very 'uic%ly. 3.3 ,-(9T M S;*

3.3.0 +ntroduction

PHP and MyS;*! two ma%e up what must be the best combination for dataGdriven =eb sites on the planet. ou needn#t ta%e my word for it. ,n unofficial :etcraft survey shows that PHP usage has &umped from 4!566 hosts in Eune 0997 to /06!666 in March 0999.That#s not bad. The combination was also awarded )atabase of the year at =ebcon97! where it received a lovely tiara. MyS;* is a small! compact database server ideal for small G and not so small G applications. +n addition to supporting standard S;* B,:S+C! it compiles on a number of platforms and has multithreading abilities on 9ni@ servers! which ma%e for great performance. $or nonG9ni@ people! MyS;* can be run as a service on =indows :T and as a normal process in =indows 95O97 machines. +n addition to being free BMy S;* does have some licensing restrictions thoughC! the PHPG MyS;* combination is also crossGplatform! which means you can develop in =indows and serve on a 9ni@ platform. ,lso! PHP can be run as an e@ternal >?+ process! a standGalone script interpreter! or an embedded ,pache module.

3.3.1 +nstalling MyS;*

MyS;* central is httpFOOwww.mys'l.comO.P,s befits a program of its stature! there are a "illion mirrors located all over the globe! so do the internet a favor and pic% the one closet to you. ou#ve got plenty of choices at this point. +f you#re a doGit yourselfer! then grab the source code. +f you#re not that brave! there are some precompiled binaries for other platforms already available for download. +n addition! there is a shareware version of MyS;* for windows users. +t is an older version of MyS;*. +f you want the latest version! you#ll have to purchase a license. There are also ()-> drivers that let your applications tal% to MyS;*.<arious other e@citing bits and pieces are lur%ing about on the site! too! so ta%e a loo%. The precompiled 9ni@ versions and the =indows version are as simple as unpac%ing and going! and they don#t re'uire much e@planation. So let#s compile from the source code. =indows users! please %eep in mind that you need to run M S;* in the mys'lObin directory.

MyS;* comes with a handy configuration script. Simply type. Oconfigure and let things ta%e care of them. +f you need to specify what happens and where! typing. OconfigureKhelp gives you a list of options to choose from. $or e@ample! if you#re compiling on a machine with little memory! you can opt for the GwithGlowGmemory flag. + li%e

MyS;* to install in one handy directory tree rather than in various locations on my machine! so + specify an install location with the Gprefi@ flag. ou can also specify lots of other options! such as what to compile and what to s%ip. *et#s assume that we want everything under OuserOlocalOmys'l on our server. This means we#d type. Oconfigure Gprefi@QOuserOlocalOmys'l. The configure script will run and inspect your system and then build the necessary files to successfully compile. +f it fails! you#ll usually get a helpful error message saying why. ;uite often! you#ll find the script will fail when it#s loo%ing for threading libraries. >hec% that you#ve got M+TGpthreads installed on your machine! and if not! add them. *inu@ users will have to download *inu@ Threads. These are critical libraries that allow MyS;* to multithread Bi.e. run multiple versions of itselfC. 8ecent distributions of *inu@ may already have these libraries installed. +f everything goes according to plan! simply type ma%e and go get a coffee. MyS;* is a comple@ program and ta%es some time to compile. +f you get an error! chec% the documentation to see if there is anything specific that you#ve missed for your particular (S. :e@t! type ma%es install and all the necessary files will be installed in all the necessary spots. :ow you#re almost ready to rollU +f you are a MyS;* virgin and you#ve never installed MyS;* before! you need to create the default permissions! so type... scriptsOmys'lPinstallPdb to set these up.

3.3.3 Simple <alidation

+magine for a moment that we#ve got our database nicely laid out and we#re now re'uesting information from users that will be inserted into the database. $urther! let#s imagine that you have a field in your database waiting for some numeric input! such as a price. $inally! imagine your application falling over in a screaming heap because some smart alec% put te@t in that field. MyS;* doesn#t want to see te@t in that portion of your S;* statementG and it complains bitterly.

<alidation simply means that we#ll e@amine a piece of data! usually from an HTM* form! and chec% to ma%e sure that it fits a certain model. This can range from ensuring that an element is not blan% to validating that an element meets certain criteria Bfor e@ample! that a numeric value is stipulated or that an email address contains an V for an email addressC.

<alidation can be done on the server side or on the client side. PHP is used for serverGside validation! while EavaScript or another clientGbased scripting language can provide clientGside validation. This article is about PHP! so we#re going to concentrate on the server end of things.

*et#s ignore our database for the moment and concentrate on PHP validation. +f you wish! you can add additional fields to our employee database 'uite simply by using the MyS;* ,*T.8 statement that is! if you want to commit to the values that we#ll&validate.

There are several useful PHP functions we can use to validate our data and they range from simple to highly comple@. a simple function we could use might be strlen BC!which tells us the length of the variable.

, more comple@ function would be ereg BC! which uses full regular e@pression&iandling for comple@ 'ueries. + wont delve in to the comple@ities of rege@ here! as entire boo%s have been written on the sub&ect! but + will provide some e@amples on the ne@t page.

To select a value from the database we can use the following script inside PHP tags Rs'lQ"S.*.>T W from my table"J RresultQdbP'uery BRs'lCJ 3.3./ >onclusion

=hen it comes to databasing! there#s lot to page learn. +f you haven#t done it already! find a good boo% about database design and learn to put together a slid databaseGon any platform. +t#s a comple@ but interesting database with a wealth of useful documentation. *earn about table structure! data types and S;*. ou can actually achieve some pretty impressive stuff if you %now enough S;*.

$inally there#s PHP.web site has nearly everything you need! from a comprehensive manual to mailing list archives to code repositories. ,n e@cellent way to learn about PHP is to study the e@amples used in the manual and to chec% out the code archives. Manny of the posted scripts consist of functions or classes that you can use for free in your own scripts consist of functions or classes that you can use for free in your own scripts without having to reinvent the wheel. ,dditionally the mailing list is an e@cellent spot to chec% out if you get stuc%. The developers themselves read the list and there are plenty of %nowledge people there who can help you along the way.

CHAPTER -. TABLES

Table /.0. Personel

Tab e -.).

motoccupationvarcharbrothersintsistersintaboutpartnervarcharStores the user details

Stores the user $ield <alue)ata typenamevarchardobvarcharageintgendervarcharmstatusvarcharnocintclsva details rcharcommunityvarcharstatevarcharempinvarcharunamevarcharpwordvarc harcpwordvarcharemailvarcharheightintweightintbodytypevarcharcomple@i onvarcharpstatusvarcharbgroupvarchareducategoryvarcharedudetailte@tocc ucategoryvarcharoccudetailte@tannualincomeintsmo%ingvarchareatingvarc hardrin%ingvarcharaddressvarcharmyselfte@tprofilecreationvarcharfvalueva Table /.3 rcharftypevarcharfstatusvarcharfatoccupationvarchar FPhoto

P3y!i4a

Stores the contact details of users

#ie d %a ue photoid photoname uname Stores the details of photos

(ata ty2e int varchar varchar

Tab e -.-5 C67ta4t!

#ie d %a ue uname >ontact name CHAPTER 8 (#(

(ata ty2e varchar varchar

8e'uest ,dministrator 8esponse

8egister Matrimony

8esponse 8e'uest 9ser

0 (#(

#i" LEVEL

8.'

9ser

*og $ile

Searc h

#i" 8.) Le%e (#(

'

Fig: 6.1 Login form

CHAPTER . SCREEN SHOT

Fig 6.2:Registration

Fig: 6.3 Registration

Fig: 6.4:Photo Upload

Fig 6.5:Edit Profile

Fig 6.6:Mail sending

Fig 6. :Feed!a"#

CHAPTER + CONCLUSION The pro&ect was successfully completed within the time span allotted. .very effort has been made to present the system in more userGfriendly manner. ,ll the activities provide a feeling li%e an easy wal% over to the user who is interfacing with the system. ,ll the disadvantages of the e@isting system have been overcome using the present system of "Sharenlive" which has been successfully implemented at clients location. , trial run of the system has been made and is giving good results. The system has been developed in an attractive dialogs fashion and the entire user interface is attractive and user friendly and suits all the necessities laid down by the clients initially. So user with minimum %nowledge about the computers and the system can easily wor% with the system. RESUME

=e are planning to implement videoconferencing! and chat.

www.w3schools. com www.php.net

8.$.8.:>.S