Now, the function starts by defining the chars that are going to be used to generate the new password:

$chars = "1234567890abcdefGHIJKLMNOPQRSTUVWxyz
ABCDEFghijklmnopqrstuvwXYZ1234567890";

Then it sets the $thepass to empty. This variable is going to be used to store the newly generated password, as you will see in a short while:

$thepass = '';

Then we come to the heart of the function. A for loop is run and random characters stored in the $chars variable are added to the $thepass variable with each iteration until the count reaches seven:

for($i=0;$i<7;$i++)

{

$thepass .= $chars{rand() % 39};

}

Once the loop reaches seven, the function returns the newly generated password:

return $thepass;

}

The final function in the include file is responsible for checking to see if a given email address is correctly formatted. It takes one parameter, which is the email address, and then tests it using regular expressions. This function will be used by any script that requires the user to enter an email address. It has the following code:

function checkEmail($email){

if(eregi('^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+.[a-z]{2,8}$',$email)){

return TRUE;

}else{

return FALSE;

}

}

It is used in the following way:

$Aemail = “jamespayne@webmail.com”;

if(checkEmail($Aemail)){

//Email address is correctly formatted do what ever

}else{

//set an error message

}

The function uses the eregi() function to find out if a given email address is correctly formatted:

if(eregi('^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+.[a-z]{2,8}$',$email)){

Let's break this line down. We know that an email address contains an [at] @ sign and that it contains a period [.] and three characters after the period. So in the regular expression above, the first half of the code before the at [@] sign checks to see if the email address contains letters, numbers and any other allowed characters:

^[[:alnum:]][a-z0-9_.-]*@

 The next part of the line then checks to see if the email address contains the allowed three characters plus a period [.], which normally appears after the at [@] sign:

[a-z0-9.-]+.[a-z]

The final part of the check simply indicates that the final part of the email address before the period, but after the [@] sign can be anything between two and eight characters long; the {2,8} indicates this, and then the value that is to be checked is given (which in this case is $email):

{2,8}$',$email))

If the email address evaluates to true, then the function returns true.

return TRUE;

Otherwise, it returns false:

return FALSE;

The last of the application-wide scripts is the global.php script. This script contains the database connection details and is made available to any script that needs to access the database. It has the following code:

<?php

session_start();

$host ="localhost";

$pw ="mypass";

$user = "myuser";

$dbname = "user";

$dbc=mysql_connect($host,$user,$pw) or die(mysql_error());

mysql_select_db($dbname) or die(mysql_error());

?>

The script is fairly easy to understand. It basically just fills some variables with the connection details that the database server requires to make a successful connection. At all stages of the connection attempt, an appropriate error message will be displayed if it occurs:

$dbc=mysql_connect($host,$user,$pw) or die(mysql_error());

mysql_select_db($dbname) or die(mysql_error());