SHARENLIVE.

COM

PROJECT REPORT
Submitted by BAIJU K.R SHINU GEORGE MATHEW
ABSTRACT

Sharenlive is a free matrimonial website developed in PHP.This website is available in

net nowadays. Many Matrimonial websites claim they have thousands of "members" profile but
one thing we want to mention here is sharenlive.com will offer you 99.9% genuine profiles. You
can able to find genuine brides and grooms in sharenlive.com. Sharenlive.com choose to stay
honest in our efforts of matrimonial and deliver you the best results without charging you
anything, because we realize the seriousness of your concern about finding your 'right' life
partner. For us, matrimonial matchmaking is not just a business, but also a social cause.
This attitude of ours that makes us unique amongst hundreds of other Matrimony and
Matrimonial websites. Once again we assure that you will get 99.9% genuine information from
our matrimonial website sharenlive.com .our main aim is to provide a unique matrimonial service
to whole community no matter where you are based, to help you to find your life partner. More
and more people are joining online matrimonial websites to find their match.
This website deals with the registration for various types of communities. Salient features
of the project are its user friendly. Data entry screen and the reports that provide the necessary
details to the user.

LIST OF TABLES
Tables

Page

4.1

personel

4.2

physical

4.3

photo

27

4.4

contacts

27

26
26

LIST OF FIGURES

Figure

Page

5.1

level 0DFD

28

5.2

level 1DFD

29

6.1

Login form

30

6.2

Registration

31

6.3

Registration

32

6.4

Photo upload

33

6.5

edit profile

34

6.6

mail sending

35

6.7

feedback

36

TABLE OF CONTENTS

CHAPTER

TITLE
PAGE NO.
ABSTRACT
v
LIST OF TABLES
viii
LIST OF FIGURES
ix

1.
1

INTRODUCTION

1.1 UNIQUENES S OF SHARENLIVE

1

1.2 HOW TO USE SHARENLIVE.COM

1

1.3 BENEFITS FOR SHARENLIVE

3

1.4 ADVANTAGES
5

1.5 DISADVANTAGES
6

2.
7

SOFTWARE DEVELOPMENT LIFE CYCLE

2.1 SYSTEM ANALYSIS

7

2.1.1 System study

7

2.1.2 Existing System

7
2.2 SOFTWARE AND HARDWARE REQUIREMENTS
8

2.2.1 Hardware Requirements

8

2.2.2 Software Requirements

7
2.3 SYSTEM DESIGN
9

2.3.1 Logical Design

9

2.3.2 Physical Design

9

CHAPTER

TITLE
PAGE NO

2.4 SYSTEM IMPLEMENTATION

2.5 SYSTEM TESTING
2.5.1 Static Testing Purpose
2.5.2 Dynamic Testing
2.5.3 Acceptance Testing
2.6 TEST PROCEDURES AND TEST REPORTS

2.7 MAINTENANCE
3.

TOOLS
3.1 INTRODUCTION TO PHP

3.1.1 What is PHP

3.1.2 Error Reporting
3.1.3 Connecting to Database
3.1.4 Encrypt Storage Model
3.1.5 Hiding PHP
3.2 HTTP Authentication With PHP

3.2.1 Cookies
3.2.2 Sessions
3.2.3 Installation
3.2.4 PHP vs. .ASP?
3.2.5 PHP vs.Perl
3.3 ABOUT MYSQL

3.3.1 Introduction
3.3.2 Installing MySQL
3.3.3 Simple Validation
3.3.4 Conclusion
4.

TABLES

26

5.

FIGURES

28

6.

SCREENSHOTS

30

7.

CONCLUSION
37 RESUME
38

REFERENCES

39

CHAPTER 1
INTRODUCTION
1.1 UNIQUNESS OF SHARENLIVE
Sharenlive (a web application for matrimonial) provides the efficient matrimonial website, a provision for
viewing the latest status of the service. It is a free matrimonial website. The web service provides you the maximum
benefit by providing the information about various users located at various places, there by managing them
effectively.
This system provides services in web server and bride and groom. That needs a particular person can
register their name in the system and get the username and password through which they can find their soul mates.

System also provides provision to view the profile of the registered user. provided that they give correct
username and password.
Welcome to Sharenlive.Com, the best Indian Matrimonial site with profiles of Indian brides and grooms that
includes listings of Hindu Matrimonials, Muslim Matrimonials, Sikh Matrimonials, Tamil Matrimonials, Telugu
Matrimonials, Oriya Matrimonials, Kannada Matrimonials and many more from all over the world. We provide the
most comprehensive listing of Indian matrimonial profiles for singles seeking love and marriage.
1.2 HOW TO USE SHARENLIVE.COM
Using Sharenlive.com is simple and easy. Here is a quick guide to help you make the best of your
Sharenlive.com membership. Get familiar with the various search options. Use the different search options and
begin your search for a life partner.
Photos lets you search for members with photos. Use 'City Search' to look for members from a city of your
choice. Search' has many criteria to search by, so your search is as specific as you'd like it. If you are searching for a
specific caste, profession, lifestyle etc. you could use the 'Keyword Search'. Describe yourself and your partner
preference
Register as a member and create your detailed profile. Your profile is the quickest way of letting others
know who you are. Just as you are more likely to express interest in a member with a detailed profile similarly
others too would respond to your detailed profile:
Add your photo - Our research shows that members with photos get 12 times more response. Add astro info,
hobbies, interests etc. - Encourages response from members more suited for you. Contact and be contacted. Once
you have found a likely match, show interest by clicking 'Express Interest' on the profile page of the member. The
member will then get a message and can accept or decline after viewing your profile.
Check and respond to the interests and messages you receive regularly. Also improves your Activity Factor
(an indication of how well you interact on the site) keeping you high in other's search results Once the other member
accepts your interest you can get to know the other person or share contact details by typing messages and initiating
mails Respond to messages and chat requests from Premium MembersLogin regularly. To ensure higher ranks in
search results login regularly. There are other advantages too: You can check interests you receive and respond to
them Thousands of new members join each week and your special someone may be one of them New features and
enhancements are regularly made to improve your experience here

1.3 BENEFITS

Publish photo & a detailed web page.

Keep your address and Email confidential and receive messages in your matrimonial message box.
Register once and create any number of profiles. Useful for matrimonial agencies.
Free for user registration and no payment.
Stop Waiting. Start living. Get Married!!
Here's how you can find your Indian matrimonial match.

Post your matrimonial profile for FREE

Thousands of Indian brides and grooms will view your profile
Browse thousands of Indian matrimonial profiles
Contact Profiles of your choice
Get Married. Be Happy.
Matrimonial web sites are gaining popularity among young men, women and their parents. A big attraction
for them is cost effectiveness of this idea.
Gone are the days when harried parents of the marriageable daughters waited for marriage brokers to come
up with proposals from prospective bridegrooms who could match their choice and pockets. The scene was almost
the same in the homes of bachelors; with the only difference that their parents were less harassed and less worried
about money.
Now, things have changed quite a lot. The education of women has brought with it the power of
independence. The Indian society has come a long way. There has been a drastic change in the attitude of both
parents and their daughters. Women nowadays exercise their veto more often while choosing their bridegrooms. The
situation for the boys too has improved; though even earlier their conditions were better off than the girls. One thing
that has become clear and loud with the change is that today the Indian marriage is increasingly becoming a union of
two individuals rather being a union of two families.

Marriages in India are categorized mainly under two types: love marriage and arranged marriage. Love
marriage is getting full-fledged support from our own dear dream weaver, the one and only Bollywood.
Things now have come a long way. It is not that the earlier two forms do not exist any more, but there has
been a perceptible change in the outlook of the educated middle and the upper middle class. The classifieds of the
renowned English and the vernacular dailies now have taken place of the marriage brokers. But, the ones who are
creating ripples in the business of finding the right match are the matrimonial sites. Shaadi.com, Jeevansaathi.com,
123India.com Matrimonials, BharatMatrimony.com, etc. are some of the popular matrimonial web sites.
Just a click of the mouse, and a whole world of information about men and women of marriageable age
unravel in front of the user. These sites provide free registrations for their users and also help them in creating

attractive looking profiles. The sites enable their user to search matches, that meet their respective criteria and can
even email or chat with the registered members. The site does not only help the prospective brides and bridegrooms
but are helpful for their parents also.
The choice is extensive for the netizens, who are hooked on to these sites. The user can avail many search
options. The member just has to mention about the desired community or the desired job profile or the choice of the
country or city for the match search. There are options for selecting the desired complexion and height in these
matrimonial web sites. Some sites are exclusively for the Non-Resident Indians (NRIs). India Canada Marriage is
one such web site for Indo-Canadians. India Matches is another matrimonial web site where one can search for a life
partner or find a date or meet a friend through the Internet.
The matrimonial sites do not restrict themselves to the role of an information provider of the ready-to-be
brides and the bridegrooms. They are just ready with all kinds of information associated with marriage starting from
the information about designers, renowned shops of trousseau, to even decorators, florists, caterers and wedding
halls. Now, the question that may come to everybody's mind is that whether people are really benefited by it or not.
The success stories that have been put up on these sites assert that the people do get benefits. But, there is also
another side of the story. Many young men and women log on to these sites just for chatting and dating on the net.
In many offices, guys are often seen these sites regularly just to see the pictures of the girls, to take their email
addresses, to chat and to meet them later on to be browsing through.
1.4 ADVANTAGES

1. Easy and simple to use.

2. Upload your photo for FREEit is said that a "Photo" is worth a thousand words" - Upload your
Digital Photo yourself OR send us your photo & we will scan & digitize& Upload it - Absolutely Free.
3. Free Registration--If you have not register yet, and then register now it will only take few minutes and
start searching for your soul mate. If you have any suggestions or comments on how to make this website
better then please do not hesitate to contact us. To ensure higher ranks in search results login regularly.
There are other advantages too:

4. You can check interests you receive and respond to them.

5. Thousands of new members join each week and your special someone may be one of them.
6. New features and enhancements are regularly made to improve your experience here.
7. Photo security.
8. The aficionados of the first type snub arrange marriage as the marriage of convenience. Moreover, the
second type really has a long fan following among the fraternity of parents. With even love marriages
breaking apart too often, some of the younger generations are also shifting their allegian.

DISADVANTAGES

1. Poor communication between users.

2. Photo size is small.
CHAPTER 2 SOFTWARE DEVELOPMENT
LIFE CYCLE

The prime objective of the system is to develop a application for satisfying all requirements of the client and
it should be capable of handling large volume of customers. The overall system must be fast and convenient. The
classical System Development life Cycle (SDLC) method, the Prototype model has been used here. It is the most
widely used paradigm for system development. This process demands a systematic, sequential approach to software
development. The life cycle involves the following activities:

2.1 SYSTEM ANALYSIS

2.1.1 System study
System studies results in finding out details of the existing methodologies that are being followed and that
whether any developments is to be made. These studies considered both the existing and the proposed system.
System study had been conducted to analyze the current existing system of matrimonial websites. All the
current websites have been analyzed
2.1.2 Existing system
In the existing system the advertisement and marriage is done through newspapers and marriage beauro. So
the current system is an old one in this computer world and it has many drawbacks. The main problem is regarding
time as well as cost. The cost of advertisement and searching of the partners through newspapers and consultancy
are difficult.
In the manual system we waist the time. Later it leads to confusion and lack of knowledge of the bride and
grooms.. As paper advertisement involved in the manual maintenance is high, keeping of unnecessary data, leading
piles of waster paper.
In this fast changing world, in each and every home there is a computer with net connection. So the present
system has become an easy, fast, and cost effective way of through mails.

2.2 SOFTWARE AND HARDWARE REQUIREMENTS SPECIFICATION

2.2.1 Hardware Requirements
PROCESSOR

: 500 MHZ

CLOCK SPEED

: 32 BIT

SYSTEM BUS

: 512 MB

RAM

: 40 GB

HDD

: SVGA COLOR

MONITOR KEY

: 108 KEYS

BOARD

: LOGITECH :

MOUSE FDD

1.44 MB

: PENTIUM IV

2.2.2 Software Requirements

OPERATING SYSTEM
ENVIRONMENT FRONT
END
SERVER SIDE SCRIPTING
WEB ADMINSTRATIOR
BACKEND BROWSER
: WINDOWS XP
: MACROMEDIA DREAM :
PHP : PHP : APACHE :
MYSQL
: INTERNET EXPLORER 6.0

WEAVER8

2.3 SYSTEM DESIGN

The importance of software design can be found with a single word, quality. Designing is the phase in which
quality is fastened in a software development. Design is the only way that can accurately translate the Customer's
requirements into a finished software product. A system, which is not properly designed, may fail when small changes
are made. Thus, the primary objective of design phase is to determine how the system has to be developed. System
design is a process that identifies inputs, outputs and explains functions of the system. This important phase is composed
of several steps. It provides understanding of the procedural details, necessary for implementing. Emphasis has been
given for translating the performance requirements. Understanding the data flow and the database that is to be designed
forms an important aspect of the designing process. Generally System Design includes the following types:

2.3.1 Logical Design

Logical design describes the format of inputs, outputs, and procedures that meets the user requirements.
The design covers the following:

> Reviews the current physical system.

> Prepares the output specification.
> Prepares the Input specifications.
> Prepares controls specifications.
2.3.2 Physical Design
This produces the working system by defining the design specifications that tell the programmers exactly
what the system must do. The programmers write the necessary programs that accept inputs from the user, perform the
necessary calculations, produce hardcopy of the report or display it on the screen Design the Physical system.

> Specify the Input/Output media.

> Design physical information flow through the system.
> Plan system implementation.
The flow of data through out the project was graphically represented using DFD so that the internal flow of
process can be easily understood. If design is performed in a detailed manner, then coding can be done mechanically.

2.4 SYSTEM IMPLEMENTATION

This is the stage of the project when the theoretical design is tuned into a working system. If the implementation
stage is not carefully controlled and planned, it can cause chaos. Thus it can be considered to be the most critical stage
in achieving a successful new system and in giving the users a confidence that the system will work and be effective.

The implementation stage in a project has its own right. It involves

> Careful planning

> Investigation of the current system and the constraints on implementation.
After the successful completion of the design phase, the next important step is the development of the system
according to the specified design. The main procedure of this phase is coding of the deigned system, in order to satisfy
the requirements. The detailed input/output, text manipulation, logic comparison and storage/retrieval operations during
the system analysis stage provide input for the program preparation. Coding was carried out in a step-by-step manner.
One or more programmers convert these operations into a program of instructions written in a language and form
acceptable to the computer hardware. In our project user inter-activeness was given stress and the system gives
maximum flexibility. Proper validations were done for every user-defined function.

The principal activities performed during the development phase can be divided into two major related sequences.
These are

1. External system development

2. Internal system development
The primary external system development activities include Implementation planning. The principal internal system
development activities are computer program development and performance.

2.5 SYSTEM TESTING

No system design is ever perfect. Communication problems, programmer's negligence, or time constraints create
errors that must be eliminated before the system is ready for user acceptance testing. A system is tested for online
response, volume of transactions, stress, recovery from failure and usability. Then comes system testing, which verifies
that the whole test of programs hangs together following system testing is acceptance testing, or running the system with
live data by the actual user.
2.5.1 Static Testing Purpose
Code should be reviewed where necessary to ensure it follows project coding and design standards. Code
reviews are not meant to check program logic. Adherence to acceptable programming standards is crucial for future
maintenance. These will change over time as technology develops.
2.5.2 Dynamic Testing
The traditional 'prototype' lifecycle breaks dynamic testing down into a number of phases such as unit,
integration, system and acceptance testing. Whatever methodology is being followed, a software system is typically
organized into a number of units comprising a single logical function or several related functions needing access to
shared data. It is sensible and efficient to test these 'units' as they are developed. Black box and white box testing may be
used for this purpose:
Functional (black-box) Testing means testing that the 'unit' does what it is supposed to do, and does not do what
it is not supposed to do. This was tested in our Email Flyer both in unit wise and units altogether after integration. In
other words, it is tested against its functional requirements, both positive and negative, as stated in the specification.
This is known as black box testing, since it requires no knowledge of the inner workings of the unit.
Structural (white-box) Testing is concerned with the degree to which test cases exercise or 'cover' the logic of
the program. The logic of the program was tested and checked whether it meet the requirements correctly.
2.5.3 Acceptance Testing
The need for acceptance testing will vary from project to project. It is worthwhile noting the purpose of
acceptance testing. It is not supposed to be an unsupervised ad hoc activity undertaken by the client. It should be strictly
controlled. For that reason there are a number of requirements, which are applicable if

acceptance testing proves necessary. The project manager should select these from the following that are applicable for
a particular project.
Acceptance tests relate to the functionality of the system as stated in the requirements specification, and
functional test cases must be selected to satisfy the agreed acceptance criteria. In the majority of cases, suitable test
cases will exist among those used for system testing.
These tests cover areas such as performance, security, reliability, load/stress testing, volume testing, human
computer interaction tests, configuration testing, compatibility testing, documentation, and human procedures.
Sufficient tests must be devised to satisfy the agreed acceptance criteria.
Since acceptance tests in particular can make heavy demands on resources, and will have been performed as
part of system testing, an alternative and equally acceptable procedure is to have the client witness a part of the system
test. In that case client witnessed system testing must conform to the requirements for acceptance testing with respect to
procedure, conduct, and documentation. It is recommended that this approach is adopted wherever possible as it ensures
that testing is performed under carefully controlled conditions.
2.6 TEST PROCEDURES AND TEST REPORTS

The acceptance test procedures must be documented. The acceptance test procedure should specify the steps to
be taken in carrying out the tests, and for formal acceptance tests needs to be rigorous, complete and unambiguous.
The acceptance test procedure specification must be subject to review prior to the dry run. The results of both
the dry run and the acceptance tests must be documented. A test log and any test observation reports should be
completed as the tests are conducted. A test summary review should be completed as soon after completion of the tests
as possible.

2.7 MAINTENANCE

Software will undoubtedly undergo changes after it has been delivered to the user. Change will occur because
errors have been encountered, because the software must be adapted to accommodate changes in external environment
or because the user requires functional or personal enhancements. Software maintenance reapplies each of the preceding
life cycle steps to an existing program rather than a new one.
The basic idea of the SDLC method is that there is well-defined process by which the application is conceived,
developed and implemented. It gives the structure to a creative process. The phases in the SDLC provides a basis for
management and control because they define segments of flow of work which can be identified for management
purpose and specify the documents or other deliverables to be procured in each phase.
A thorough analysis of the existing system is done and the new requirements for the proposed system are
studied. The entire application is modularized considering the features required for the proposed system.
CHAPTER 3
TOOLS

3.1 INTRODUCTION TO PHP

PHP is a powerful language and the interpreter, whether included in a web server as a module or executed as a
separate CGI binary, is able to access files, execute commands and open network connections on the server. These
properties make anything run on a web server insecure by default. PHP is designed specifically to be amore secure
language for writing CGI programs than Perl or c, and with correct selection of compile-time and runtime configuration
options, and proper coding practices, it can give you exactly the combination of freedom and security you need.
As there are many different ways to utilizing PHP, there are many configuration options controlling its behavior. A large selection of options guarantees you can use PHP for a
lot of purpose, but it also means there are combination of these options and server combinations that result in an insecure setup.

The configuration flexibility of PHP is equally reveled by the code flexibility .PHP can built complete server
applications, with all the power of shell user or it can be used for simple server- side includes with little risk in a tightly
controlled environment. how you build that environments, and how secure it is largely up to the PHP developer.
This chapter starts with some general security advice, explains the different configuration option combinations
and the situations they can be safely used and describes different considerations in coding for different level of security.

3.1.1 What Is PHP

PHP (recursive acronym for "PHP: Hypertext Preprocessor") is a widely used open source general purpose
scripting language that is especially suited for Web development and can be embedded in to HTML.
Notice how this is different from a script written in other languages like Perl or cinstead of writing a program
with lots of commands to output HTML, you write an HTML script with some embedded code to do something (in this
case, output some text). The PHP code is enclosed in special start and end tags that allow you to jump in to and out
of'PHP mode"
What distinguishes PHP from something like client-side JavaScript is that the code is executed on the server. If
you were to have a script similar to above on the server, the client would receive the result of running that script, with
no way of determining what they underlying code may be. You can even configure your web server to process all your
HTML files with PHP, and then there's really no way that users can tell what you have up your sleeve.
The best things in using PHP are that it is extremely simple for a newcomer, but offers many advanced features
for a professional programmer. Dont be afraid reading the long list of PHP's features. You can jump in a short time, and
start writing simple scripts in a few hours.
General Installation considerations
Before starting the installation, first you need to know what do you want to use PHP for. There are three main
fields you can use PHP

Server-side scripting

Command line scripting

Client-side GUI applications

For the first and most common form, you need three things: PHP itself, a web server and a web browser. You
probably already have a web browser, and depending on your operating system setup, you may also have a web server
(e.g. Apache on Linux and MacOS X;IIS on Windows). You may also rent web space at accompany. This way, you don't
set up anything on your own, only write your PHP scripts, upload it to the server you rent, and see the results in your
browser.
While setting up the server and PHP on your own, you have two choices for the method of connecting PHP to the
server. For many servers PHP has a direct module interface (also called SAPI). These servers include Apache, Microsoft
Internet Information Server, Netscape and iPlanet servers. Many other servers have support for ISAPI, the Microsoft
module interface (Omni HTTP for example). If PHP has no module support for your web server, you can always use it
as a CGI or Fast CGI processor. This means you setup your server to use the CGI executable of PHP to process all PHP
file requests on the server.
If you are also interested to use PHP for command line scripting (e.g. write scripts auto generating some images for
you offline, or processing text files depending on some arguments you pass to them), you always need the command
line executable.
With PHP you can also write to the desktop GUI application using the PHP-GTK extension. This is a completely
different approach than writing the pages, as you do not output any HTML, but manage windows and objects within
them.

3.1.2 Error Reporting

With PHP security, there are two sides to error reporting. One is beneficial to increasing security, the other is
detrimental.
A standard attack tactic involves profiling system by feeding it improper data, and checking for the kinds, and
context, of the errors, which are return. This allows the system cracker to probe for information about the server, to
determine possible weaknesses. For e.g. If an attacker an had gleaned information about a page based on prior form
submission, they may attempt to override variables, or modify them:
The PHP errors normally return can be quite helpful to a developer who is trying to debug a script, indicating
such things as the function or file that failed the PHP file it failed in, and the line number that occurred in. This is all
information that can be exploited. it is not uncommon for a PHP developer to use show source() ,highlight string(),or
highlight files() as a debugging measure, but in a live site , this can be expose hidden variables, unchecked syntax ,and
other dangerous information. Especially dangerous is running code from non-sources with built-in debugging handlers
or using common debugging technique. If the attacker can determine what general technique you are using, they may try
to brute-force a page, by sending various common debugging strings:
Regardless of the method of error handling, the ability to probe a system for error leads to providing attacker
with more information.

For example, the very style of a generic PHP error indicates system is running PHP.If the attacker was looking
at an .html page, and wanted probe for the back-end (To look for known weakness in the system), by feeding it the
wrong data they may be able to determine that a system pass built with PHP.
A function error can indicate whether a system may be running a specific database engine, or give clues as to
how a web page or programmed or designed. This allows for deeper investigation into open database ports, or to look
for specific bugs or weakness in a web page. By feeding different pieces or bad data, for example, an attacker can
determine the order of authentication in a script, (from the line number errors) as well as probe for exploits that may be
exploited in different locations in the scripts.
A file system or general PHP error can indicate what permissions the webserver has, as well as the structure and
organization of files on the web server. Developer written error code can aggravate this problem, leading to easy
exploitation of formerly "hidden" information.
There are three major solutions to this issue. The first is to scrutinize all functions, and attempt to compensate
for the bulk of the errors. The third is to use PHP's custom error handling functions to create your own error handler.
Depending on your security policy, you may find all three to be applicable to your situation.
One way of catching this issue ahead of time is to make use of PHP's own error reporting (), to help you secure
your code and find variable usage that may be dangerous. By testing your code, prior to deployment, with EALL, you
can quickly find you area where your variables may be open to poisoning or modification in other ways. Once you are
ready for deployment, you should either disable error reporting completely by setting error reporting () to 0, or turn off
the error display using the php.ini option display_ errors, to insulate your code from probing. If you choose to do the
latter, you should also define the path to your log file using the error log in directive, and turn log error on.

3.1.3 Connecting to Database

You may want to establish the connection over SSL to encrypt client/server communications for increased security,
or you can use the database server. If either of these is used, then monitoring your traffic and gaining information about
your database will be difficult for a would-be attacker.

3.1.4 Encrypt Storage Model

SSL/SSH protects data traveling from the client to the server SSL/SSH does not protect the persistent data
stored in a database. SSL is an on-the-wire protocol.
Once an attacker gains access to your database directly (bypassing the web server), the stored sensitive may be
exposed or misused, unless the information is protected by the database itself. Encrypting the data is a good way to
mitigate this threat, but very few databases offer this type of data encryption.

The easiest way to work around this problem is to first create your encryption package, and then use it from
within your PHP scripts.PHP can assist you in this with several extentions,such as Mcrypt and Mhash covering a wide
variety of encryption algorithms. The script encrypts the data before inserting it in to the database, and decrypts it when
retrieving. See the reference for further examples of how encryption works.
In case of truly hidden data, if its raw representation is not needed (i.e. not be displayed), hashing may also be
taken in to consideration. The well-known example for the hashing is storing the MD5 hash of a password in a database,
instead of password itself.

3.1.5 Hiding PHP

In general security by obscurity is one of the weakest forms of security. But in some cases, every little bit of
extra security is desirable.
A few simple techniques can help to hide PHP, possibly slowing down an attacker who is attempting to discover
weakness in your system. By setting expose_php=off in your php.ini file, you reduce the amount of information
available to them.
Another tactic is to configure is to configure web servers such as apache to parse different file types through
PHP, either with a hatches directive, or in the apache configuration file itself. You can then use misleading file
extensions:

3.2 HTTP AUTHENTICATION WITH PHP

The HTTP Authentication hooks in PHP are only available when it is running as an Apache module and is hence
not available in the CGI version .In an Apache module PHP script, it is possible to use the header () function to send an
"Authentication Required " message to the client browser causing it to pop up a Username /Password input window.
Once the user has filled in a username and password, the URL containing the PHP script will be called again with the
predefined variables_PHP_AUTH_USER, PHP_AUTH_PW, and AUTH_TYPE set to the username, password and
authentication type respectively. These predefined variables are found in the $SERVER and $HTTP_SERVER_VARS
arrays. Only "Basic" authentication is supported.
3.2.1 Cookies

PHP transparently supports HTTP cookies. Cookies are a mechanism for storing data in the remote browser and
thus tracking or identifying return users. You can set cookies using the set cookie or set raw cookie () function. Cookies
are part of the HTTP header; so set cookie () must be called before any output is sent to the browser. This is the same

limitation that header () has. You can use the output buffering functions to delay the script output until you have decided
whether or not to set any cookies or sent any headers.

Any cookies sent to you from the client will

automatically be turned in to a PHP variable just like
GET and POST method data, depending on the register
global and variables order configuration variables .If
you wish to assign multiple values to a single cookie,
just add [] to the cookie name.
In PHP 4.1.0and later, the $_COOKIE auto global array will always be sent with any cookies sent from the client.
$HTTP_COOKIE_VARS is also set in earlier versions of PHP when the track vars configuration variable is set

3.2.2 Sessions

Session supports in PHP consist of a way to preserve certain data across subsequent accesses. This enables you to
build more customized applications and increase the appeal of your web site. The session module cannot guarantee that
the information you store in a session .You need to take additional measure to actively protect the integrity of the
session, depending on the value associated with it.
Assess the importance of the data carried by your sessions and deploy additional protections _this usually comes
at a price, reduced convenience for the user. For example, if you want to protect users from simple social engg: tactics,
you need to enable session. Use _only _cookies. In that case, cookies must be enabled unconditionally on the user side,
or sessions will not work.
There are several ways to leak an existing session id to third parties. A leaked session id enables the third party to
access all resources, which are associated with a specific id. First URLs caring session ides' you link to an external site,
the URL including the session id might be stored in the external sites referrer logs. Seacond,a more attacker might listen
to your network traffic .If it is not encrypted ,session ids will flow in plain text or the network the solution here is to
implement SSL on your server and make it mandatory for users .

Optionally you can use shared memory allocation (mm) developed by Ralf S.englehall for session storage you have
to download mm and install it. This option is not available to windows platforms .not that the session storage module for
mm does not guaranty that concurrent access to the same session is properly locked.

3.2.3 Installation

Session support is enable in PHP by default if you would not like to build your PHP with session support you
should specify the disable session options to configure to use shared memory allocation (mm) for session storage
configure PHP -with-mm [=DIR].
The windows version of PHP has built in support for this extension you do not need to load any additional
extension in order use this functions.
BY default all data related to particular session will be stored in file in the directory specified by the session. Save path
INI option. File for each session (regardless if any data if associated with that session) will be created. This is due to the
fact that session is opened (file is created) but no data is even return to that file not that these behavior is aside effect of
limitation of working with the file system and it is possible that accustom session handler (such as one which uses
database) does not keep track of session which store no data

3.2.4 PHP vs. .ASP?

ASP is no really a language in itself, it's an aroma for active server pages the actual language is used to program asp
with is Visual Basic Script or Jscript.The biggest draw of ASP is that a it's a proprietary system that is natively used on
Microsoft internet information server (IIS). This limit it's availability to win 32-based servers there are a couple of
projects in the works that allows ASP to run in other environments and webservers. InstantASP from Halcyon
(commercial) chily! Soft ASP from chily! Soft (commercial) ASP is said to be slower and comp some language than
script it's
Relatively easy to pick up the language you already know how to program in Visual Basic. ASP support is also enabled
by default in the IIS server making it easy to get up and running. The components built in ASP are really limited, so if
you need to use" advanced" features like interacting with FTP servers you need to buy additional components.
PHP is commonly said to be faster and more efficient for complex programming tasks and trying out new ideas.
PHP generally referred to as more stable and less resource intensive as well. Cold Fusion has better error handling,
database abstraction and date parsing although database abstraction is addressed in PHP 4.Another thing that is listed as
one of Cold Fusion's strength is its excellent search engine, but it has been mentioned that a search engine is not
something should be included in a web scripting language .PHP runs on almost every platform there is Cold Fusion is
only available on Win 32,Solaris, Linux and HP/UX.Cold Fusion has a good IDE and Is generally easier to get started
with where as PHP initially requires more programming knowledge. Cold Fusion is designed with nonprogrammers in
mind while PHP is focused on programmers

3.2.5 PHP vs. Perl

The biggest advantage of PHP over perl is that PHP was designed for scripting for the web where Perl was
designed to do a lot more and can because of these get very complicated the flexibility or complexity of Perl makes it
easier to write code that another author or coder has a hard time reading PHP was a less confusing and stricter format
without losing flexibility. PHP is easier to integrate in to existing HTML than

Perl PHP
has pretty much all the" good" functionality of Perl constructs, syntax and so on ,without making it as complicated as
Perl can be.Perl is very tried and true language its been around since late eighties but PHP is maturing very quickly.
3.3 ABOUT MYSQL

3.3.1 Introduction

PHP and MySQL, two make up what must be the best combination for data-driven Web sites on the planet. You
needn't take my word for it. An unofficial Netcraft survey shows that PHP usage has jumped from 7,500 hosts in June
1998 to 410,000 in March 1999.That's not bad. The combination was also awarded Database of the year at Webcon98,
where it received a lovely tiara.
MySQL is a small, compact database server ideal for small - and not so small - applications. In addition to
supporting standard SQL (ANSI), it compiles on a number of platforms and has multithreading abilities on Unix servers,
which make for great performance. For non-Unix people, MySQL can be run as a service on Windows NT and as a
normal process in Windows 95/98 machines.
In addition to being free (My SQL does have some licensing restrictions though), the PHP- MySQL combination is
also cross-platform, which means you can develop in Windows and serve on a Unix platform. Also, PHP can be run as
an external CGI process, a stand-alone script interpreter, or an embedded Apache module.

3.3.2 Installing MySQL

MySQL central is http://www.mysql.com/._As befits a program of its stature, there are a zillion mirrors located all
over the globe, so do the internet a favor and pick the one closet to you.
You've got plenty of choices at this point. If you're a do-it yourselfer, then grab the source code. If you're not that
brave, there are some precompiled binaries for other platforms already available for download.
In addition, there is a shareware version of MySQL for windows users. It is an older version of MySQL. If you
want the latest version, you'll have to purchase a license. There are also ODBC drivers that let your applications talk to
MySQL.Various other exciting bits and pieces are lurking about on the site, too, so take a look.
The precompiled Unix versions and the Windows version are as simple as unpacking and going, and they don't
require much explanation. So let's compile from the source code. Windows users, please keep in mind that you need to
run MYSQL in the mysql/bin directory.

MySQL comes with a handy configuration script. Simply type. /configure and let things take care of them. If you
need to specify what happens and where, typing. /configurehelp gives you a list of options to choose from. For
example, if you're compiling on a machine with little memory, you can opt for the -with-low-memory flag. I like

MySQL to install in one handy directory tree rather than in various locations on my machine, so I specify an install
location with the -prefix flag.
You can also specify lots of other options, such as what to compile and what to skip. Let's assume that we want
everything under /user/local/mysql on our server. This means we'd type. /configure -prefix=/user/local/mysql.
The configure script will run and inspect your system and then build the necessary files to successfully compile. If
it fails, you'll usually get a helpful error message saying why. Quite often, you'll find the script will fail when it's
looking for threading libraries. Check that you've got MIT-pthreads installed on your machine, and if not, add them.
Linux users will have to download Linux Threads.
These are critical libraries that allow MySQL to multithread (i.e. run multiple versions of itself). Recent distributions of
Linux may already have these libraries installed.
If everything goes according to plan, simply type make and go get a coffee. MySQL is a complex program and
takes some time to compile. If you get an error, check the documentation to see if there is anything specific that you've
missed for your particular OS.
Next, type makes install and all the necessary files will be installed in all the necessary spots. Now you're
almost ready to roll! If you are a MySQL virgin and you've never installed MySQL before, you need to create the
default permissions, so type... scripts/mysql_install_db to set these up.

3.3.3 Simple Validation

Imagine for a moment that we've got our database nicely laid out and we're now requesting information from
users that will be inserted into the database. Further, let's imagine that you have a field in your database waiting for
some numeric input, such as a price. Finally, imagine your application falling over in a screaming heap because some
smart aleck put text in that field. MySQL doesn't want to see text in that portion of your SQL statement- and it
complains bitterly.

Validation simply means that we'll examine a piece of data, usually from an HTML form, and check to make sure
that it fits a certain model. This can range from ensuring that an element is not blank to validating that an element meets
certain criteria (for example, that a numeric value is stipulated or that an email address contains an @ for an email
address).

Validation can be done on the server side or on the client side. PHP is used for server-side validation, while
JavaScript or another client-based scripting language can provide client-side validation. This article is about PHP, so
we're going to concentrate on the server end of things.

Let's ignore our database for the moment and concentrate on PHP validation. If you wish, you can add additional
fields to our employee database quite simply by using the MySQL ALTER statement that is, if you want to commit to
the values that we'lljvalidate.

There are several useful PHP functions we can use to validate our data and they range from simple to highly
complex. a simple function we could use might be strlen (),which tells us the length of the variable.

A more complex function would be ereg (), which uses full regular expressionjiandling for complex queries. I
wont delve in to the complexities of regex here, as entire books have been written on the subject, but I will provide
some examples on the next page.

To select a value from the database we can use the following script inside PHP tags
$sql="SELECT * from my table"; $result=db_query ($sql);
3.3.4 Conclusion

When it comes to databasing, there's lot to page learn. If you haven't done it already, find a good book about
database design and learn to put together a slid database-on any platform. It's a complex but interesting database with a
wealth of useful documentation. Learn about table structure, data types and SQL.You can actually achieve some pretty
impressive stuff if you know enough SQL.

Finally there's PHP.web site has nearly everything you need, from a comprehensive manual to mailing list
archives to code repositories. An excellent way to learn about PHP is to study the examples used in the manual and to
check out the code archives. Manny of the posted scripts consist of functions or classes that you can use for free in your
own scripts consist of functions or classes that you can use for free in your own scripts without having to reinvent the
wheel. Additionally the mailing list is an excellent spot to check out if you get stuck. The developers themselves read
the list and there are plenty of knowledge people there who can help you along the way.

CHAPTER 4.
TABLES
Table
4.2.

Table 4.1.
Personel

motoccupationvarcharbrothersintsistersintaboutpartnervarcharStores the user details

Stores the user
Field ValueData
typenamevarchardobvarcharageintgendervarcharmstatusvarcharnocintclsva
details
rcharcommunityvarcharstatevarcharempinvarcharunamevarcharpwordvarc
harcpwordvarcharemailvarcharheightintweightintbodytypevarcharcomplexi
onvarcharpstatusvarcharbgroupvarchareducategoryvarcharedudetailtextocc
ucategoryvarcharoccudetailtextannualincomeintsmokingvarchareatingvarc
hardrinkingvarcharaddressvarcharmyselftextprofilecreationvarcharfvalueva
Table
4.3
rcharftypevarcharfstatusvarcharfatoccupationvarchar
:Photo

Physical

Stores the
contact details
of users

Field value
photoid
photoname
uname
Stores the details of photos

Data type
int
varchar
varchar

Table 4.4: Contacts

Field value
uname
Contact name

Data type
varchar
varchar
CHAPTER 5
DFD

Request
Administrator
Response

Register
Matrimony

0 DFD

Response
Request

User

Fig
LEVEL

5.1

Log File

User

Searc
h

Fig 5.2 Level

DFD

Fig: 6.1 Login form

CHAPTER 6
SCREEN SHOT

Fig 6.2:Registration

Fig: 6.3 Registration

Fig: 6.4:Photo Upload

Fig 6.5:Edit Profile

Fig 6.6:Mail sending

Fig 6.7:Feedback

CHAPTER 7
CONCLUSION
The project was successfully completed within the time span allotted. Every effort has been made to present the
system in more user-friendly manner. All the activities provide a feeling like an easy walk over to the user who is
interfacing with the system. All the disadvantages of the existing system have been overcome using the present system
of "Sharenlive" which has been successfully implemented at clients location. A trial run of the system has been made
and is giving good results.
The system has been developed in an attractive dialogs fashion and the entire user interface is attractive and
user friendly and suits all the necessities laid down by the clients initially. So user with minimum knowledge about the
computers and the system can easily work with the system.
RESUME

We are planning to implement videoconferencing, and chat.

www.w3schools.c
om www.php.net

REFERENCES