WebReference.com has posted part six of their "user personalization" series - adding in some of the final scripts to add in bookmarks and other various validation.

Part six of this series looks at the last scripts that make up the main section of the application. We will look at how to add, remove and change bookmark information, in particular.

Complete code and HTML (as well as some example output) is provided to make the connections to the MySQL backend and output a form to allow the user to specify their email address, background color and picture for the system.

WebReference.com has posted the fourth part of their series on user personalization. This article focuses on the registration page for their sample application.

In this article we look at the registration script for our bookmark system. The script is basically responsible for admitting new users to our system. As you will see, it sets certain requirements that a new user must meet before they are admitted and also implements some data checking for security purposes, since it is going to receive a lot of 'outside' data that it needs to incorporate into the application.

The script takes in a username, password, email address and optional values for an image and a personalized color scheme. Some simple validation is done and escaping on the strings before they're put into the MySQL database. They also briefly mention some error handling that can be done by logging issues to the web server's error log.

WebReference.com has posted the third part of their "user personalization" series today with a look at the gateway to your protected application - the login script.

This script does the very important job of authenticating a user and can make or break the application in the sense that if it is weak security wise, then any attacker can easily penetrate our application and cause damage. In this case, we will try to make it as difficult as possible for attackers to break our application.

Their script is a simple username/password form with some validation on the input - not empty, password is above a certain length and that the random number generated is the same as the one in the session. Only if it passes these is the user information checked via a database query. They also include a logout and user confirmation script that uses an md5 hash to validate the link.

WebReference.com continues their look at user personalization with the second part of the series - how to validate that the users signing up for your site are valid. (Here's part one, the introduction).

In this article, we will be looking at user authentication. User authentication simply means verifying that a particular user has the right to access a part of our application. Because our application deals with user preferences, access control is even more pertinent especially since multiple users are going to try to access this application at any given time.

As a part of this user validation and customization, they need to create a form that non-human scripts have a harder time using (hopefully weeding them out and getting better user information). The article steps you through a few lines of code that you can use to create a simple image of a four-digit number whose value is placed in a session variable so it can be validated on submission of the form.