# HG changeset patch
# User Alex McMahon <alex.mcmahon@cs.tcd.ie>
# Date 1246990452 -3600
# Node ID 3ad193634e5d37ffda4a083aa1f40afbbee1533e
# Parent  e2ac834162fb58ddca30729067ae768e4adf3313
WIP for anonymous/squid caching & testing

diff -r e2ac834162fb -r 3ad193634e5d .index.php.swp
Binary file .index.php.swp has changed
diff -r e2ac834162fb -r 3ad193634e5d HTMLaccess.html
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/HTMLaccess.html	Tue Jul 07 19:14:12 2009 +0100
@@ -0,0 +1,8 @@
+<html>
+<head>
+</head>
+<body>
+	<form action="/HTMLrequester/details.php" 
+	</form>
+</body>
+</html>
diff -r e2ac834162fb -r 3ad193634e5d details.php
--- a/details.php	Tue Jun 23 13:41:45 2009 +0100
+++ b/details.php	Tue Jul 07 19:14:12 2009 +0100
@@ -1,47 +1,105 @@
 <?php 
-	function remove_http($url = '')
+function remove_http($url = '')
+{
+	if ($url == 'http://' OR $url == 'https://')
 	{
-		if ($url == 'http://' OR $url == 'https://')
-		{
-			return $url;
-		}
-		$matches = substr($url, 0, 7);
-		if ($matches=='http://') 
-		{
-			$url = substr($url, 7);		
-		}
-		else
-		{
-			$matches = substr($url, 0, 8);
-			if ($matches=='https://') 
-			$url = substr($url, 8);
-		}
 		return $url;
 	}
+	$matches = substr($url, 0, 7);
+	if ($matches=='http://') 
+	{
+		$url = substr($url, 7);		
+	}
+	else
+	{
+		$matches = substr($url, 0, 8);
+		if ($matches=='https://') 
+		$url = substr($url, 8);
+	}
+	return $url;
+}
 
 	// read user ID from cookie, if cookie doesn't exist, set to 1 (master)
+        $currSID1 = $_COOKIE['sid1'];
+	$sid1 = $currSID1;
+                if (!isset($_COOKIE['sid1']))
+                        {
+                        $sid1 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
+                        $currSID1 = $sid1;
+                        }
+
 	$currID = $_COOKIE['uid'];
-	
-	if ($currID == "") 
+	$uid = $currID;
+                if (!isset($_COOKIE['uid']))
+                        {
+                        $uid = '1';
+			$currID = '1';
+	                $mysql = new mysqli("localhost", "www-data", "www-data", "members");
+ #              $result = $mysql->query("SELECT sid, sid_dir FROM sessions WHERE ((uid = '$currID' or uid = 1) AND (expiration_date = DATE_ADD(NOW(), INTERVAL 24 HOUR)))");
+			$result = $mysql->query("SELECT sid_dir, enum FROM sessions WHERE ((uid = '$currID' or uid = 1) AND (sid = '$sid1') AND (expiration_date = DATE_ADD(NOW(), INTERVAL 1440 MINUTE)))");
+                	$row = $result->fetch_assoc();
+                	$tsid2 = $row["sid_dir"];
+			$enum = $row["enum"];
+                	$result->close();
+
+                        }
+
+/*        if ($currID == "")
+        {
+                $currID = "1";
+echo $currID;
+	}	
+*/
+/*	if ($currID == "") 
 	{
 		$currID = 1;
+		$mysql = new mysqli("localhost", "www-data", "www-data", "members");
+ #       	$result = $mysql->query("SELECT sid, sid_dir FROM sessions WHERE ((uid = '$currID' or uid = 1) AND (expiration_date = DATE_ADD(NOW(), INTERVAL 24 HOUR)))");
+$result = $mysql->query("SELECT sid, sid_dir FROM sessions WHERE ((uid = '$currID' or uid = 1) AND (expiration_date = DATE_ADD(NOW(), INTERVAL 24 HOUR)))");
+        	$row = $result->fetch_assoc();
+        	$tsid1 = $row["sid"];
+		$tsid2 = $row["sid_dir"];
+        	$result->close();
+
+
 	}
- 	// read session IDs from cookie, if cookie doesn't exist, set to 1 (master)
+*/
+ 	// read session IDs from cookie, if cookie doesn't exist, set to 06D5VlLQTbM57LL7IBMW38yHkFpb1XVa (master)
+
+
 
 //echo $_COOKIE["sid1"];
-        $currSID1 = $_COOKIE['sid1'];
+        $currSID2 = $_COOKIE['sid2'];
+	$sid2 = $currSID2;
+                if (!isset($_COOKIE['sid2']))
+                        {
+			$sid2 = $tsid2;
+//                        $sid2 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
+			$currSID2 = $sid2;
+                        }
+echo $uid;
+echo $sid1;
+echo $sid2;
+echo $enum;
+/*
 	if ($currSID1 == "")
         {
                 $currSID1 = "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa";
+//		$currSID1 = $tsid1;
+
+echo $currSID1;
+
         }
 
         $currSID2 = $_COOKIE['sid2'];
 	if ($currSID2 == "")
         {
                 $currSID2 = "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa";
+//		$currSID2 = $tsid2;
+echo $currSID2;
         }
-
-//print_r($_COOKIE);
+*/
+print_r($_COOKIE);
 	
 	$status = $_GET['alert'];
 	$view_mode = $_GET['view_mode'];
@@ -54,40 +112,73 @@
 	
 	// search server cache for received websites
 	// anonymous uid=1, sid1=06D5VlLQTbM57LL7IBMW38yHkFpb1XVa & sid2 =06D5VlLQTbM57LL7IBMW38yHkFpb1XVa
-	if (($currID != 1) && ($currSID1 != "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa"))
+//	if (($currID != 1) && ($currSID1 != "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa"))
+        if ($currID != 1) 
+
 	{
 		$query_cache = mysql_query("SELECT * FROM requests_tbl WHERE (uid = '$currID' OR uid = 1)");
 	} 
 	else 
 	{
 		$query_cache = mysql_query("SELECT * FROM requests_tbl WHERE (uid = 1)");
+                        while ($db_fieldcache = mysql_fetch_assoc($query_cache))
+                        {
+                        // send command to squid and return value
+    #                    $command2 = "squidclient -m HEAD -p 8080 -H \"Cache-Control: only-if-cached\n\" -u " . $db_fieldcache["req_ID"] . " -w " . $db_fieldcache["uid"] . " " . $db_fieldcache["req_val"] . " |grep X-Cache: |grep MISS";
+#                    $command2 = "squidclient -m HEAD -p 8080" . $db_fieldcache["req_val"] . " |grep X-Cache: |grep MISS";
+//                    $command2 = "squidclient -m HEAD -p 8080 -u {$db_fieldcache["req_ID"]} -w $currSID1 http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/ |grep X-Cache: |grep MISS";
+		    $curr_reqID = $db_fieldcache["req_ID"];
+#                    $http_proxy = "http://localhost:8080";
+#                    $staging = "/var/www/private/HTMLrequester/staging/";
+#                    $wget_options = " --delete-after -N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d";
+#                    $strip_url_val = remove_http($db_fieldcache['req_val']);
+#                                        $command1 = "wget -P $staging $wget_options http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/ . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2";
+#                    exec($command1, $wget_results);
+
+$http_proxy = "http://localhost:8080";
+                    $command2 = "squidclient -m HEAD -p 8080 -u www-data -w www-data http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/?uid=$uid'&'sid1=$sid1'&'sid2=$sid2 |grep X-Cache: |grep MISS";
+                        exec($command2, $cache_results);
+                        // find out if site is available and update the database
+                                if (strpos($cache_results, "HIT") == true)
+                                        {
+                                        $query_update = mysql_query("UPDATE responses_tbl SET req_response = '1' WHERE req_ID = '$curr_reqID'");
+                                        }
+                                        else
+                                        {
+                			$filename = "/var/www/private/HTMLrequester/router_stage/{$db_fieldcache["req_ID"]}/";
+              				if (file_exists($filename))
+                        		{
+                                        $query_update = mysql_query("UPDATE responses_tbl SET req_response = '0' WHERE req_ID = '$curr_reqID'");
+                                       # $http_proxy = "http://localhost:8080";
+				#	$http_proxy = "http://localhost:8080";
+                                        $staging = "/var/www/private/HTMLrequester/staging/";
+                                       # $wget_options = "--dns-timeout=1 --proxy-user=www-data --proxy-password=www-data --cache=off -N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d -I  http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/ -X   http://localhost/router_stage/{$db_fieldcache["req_ID"]}/";
+                                        #$wget_options = "--dns-timeout=1 --proxy-user=www-data --proxy-password=www-data -N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d -I  http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/ -X   http://localhost/router_stage/{$db_fieldcache["req_ID"]}/";
+					#$wget_options = "--no-cache --dns-timeout=1 --proxy-user=www-data --proxy-password=www-data -N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d -I  http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/ -X   http://localhost/router_stage/{$db_fieldcache["req_ID"]}/ http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/";
+                                        $wget_options = "--dns-timeout=1 --proxy-user=www-data --proxy-password=www-data -N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d";
+
+
+
+                                        $strip_url_val = remove_http($db_fieldcache['req_val']);
+                                       # $command1 = "wget -P $staging $wget_options http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/?uid=$uid'&'sid1=$sid1'&'sid2=$sid2";
+                                       # exec($command1, $wget_results);
+					
+                                        $command1 = "wget -P $staging $wget_options http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/?uid=$uid'&'sid1=$sid1'&'sid2=$sid2";
+                                       exec($command1, $wget_results);
+					}
+					else
+					{		
+                                        $query_update = mysql_query("UPDATE responses_tbl SET req_response = '0' WHERE req_ID = '$curr_reqID'");
+					}
+                                        }
+
+			}
 	}
 	
 	while ($db_fieldcache = mysql_fetch_assoc($query_cache)) 
 	{
-		// send command to squid and return value
 		$curr_reqID = $db_fieldcache["req_ID"];
-//$commandline = "wget --delete-after -N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d http://localhost/staging/" " . $db_fieldcache["req_ID"] . " " . $db_fieldcache["req_val"];
-//echo $commandline;
-
-//                exec($commandline, $wget_results);
-//$commandline = "squidclient -m HEAD -p 8080 -H \"Cache-Control: only-if-cached\n\" -u " . $db_fieldcache["req_ID"] . " -w " . $db_fieldcache["uid"] . " " . $db_fieldcache["req_val"] . " |grep X-Cache: |grep MISS";
-
 		$filename = "/var/www/private/HTMLrequester/router_stage/{$db_fieldcache["req_ID"]}/";
-
-//$commandline = "squidclient -m HEAD -p 8080 -H \"Cache-Control: only-if-cached\n\" -u " . $db_fieldcache["req_ID"] . " -w " . $db_fieldcache["uid"] . " " . $db_fieldcache["req_val"] . " |grep X-Cache: |grep MISS";
-
-//		exec($commandline, $cache_results);
-		
-		// find out if site is available and update the database
-//		if (strpos($cache_results, "HIT") == true)
-//		{
-//			$query_update = mysql_query("UPDATE responses_tbl SET req_response = '1' WHERE req_ID = '$curr_reqID'");
-//		} 
-//		else 
-//		{
-//			$query_update = mysql_query("UPDATE responses_tbl SET req_response = '0' WHERE req_ID = '$curr_reqID'");
-//		}
 		if (file_exists($filename)) 
     			{
     			$query_update = mysql_query("UPDATE requests_tbl SET req_response = '1' WHERE req_ID = '$curr_reqID'");
@@ -233,12 +324,41 @@
 				} else {
 //header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . dirname($db_fieldcache["req_ID"]));
 //strip_tags($text, '<p><a>')
-                                      print "<span class='result_output'><a href='". 'router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val']) ."' target='_blank'>View website</a></span>";
+if ($db_field['uid'] != 1)
+{
+                print "<span class='result_output'><a href='". 'router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+}
+else
+{
+
+#$data = http_get('http://...')
+#$response = http_get("'http://localhost:8080'. '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2");
+print "<span class='result_output'><a href='". 'http://localhost'. '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+#print "<span class='result_output'><a href='". 'http://localhost:8080'. '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+
+#print "<span class='result_output'><a href='". $response ."' target='_blank'>View website</a></span>";
+
+}
+
+                        //                print "<span class='result_output'><a href='". 'router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+
+/////////////////////////////////////////////////////////////
+////Uncomment this next section for Cookie in header if uid != 1  
+/*					if ($uid == 1) {
+                                      	print "<span class='result_output'><a href='". 'router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+					}
+					else
+					{
+					print "<span class='result_output'><a href='". 'router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val']) . "' target='_blank'>View website</a></span>";
+					}
+*/
+//////////////////////////////////////////////////////////////
 //					print "<span class='result_output'><a href='" . $db_field['req_val'] ."' target='_blank'>View website</a></span>";
-					print "<a href='delete.php?req_id=" . $db_field['req_ID'] . "'><img src='images/x.gif' width='14' height='20' /></a>";
-				}
-                print "<div class='clear'></div></div>";
-				
+#					print "<a href='delete.php?req_id=" . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2 . "'><img src='images/x.gif' width='14' height='20' /></a>";
+                                       print "<a href='delete.php?req_id=" . $db_field['req_ID'] . "'><img src='images/x.gif' width='14' height='20' /></a>";
+
+					}
+                		print "<div class='clear'></div></div>";
 				$search_count++;
             }
             
@@ -249,8 +369,24 @@
             }
             
             mysql_close();
+/* To submit a form using POST method through PHP, just add the data to be posted as header. This essentially saves one extra html page sent to the browser when user has to be redirected. 
+<?php
+$host = "www.example.com";
+$path = "/path/to/script.php";
+$data = "data1=value1&data2=value2";
+$data = urlencode($data);
+
+header("POST $path HTTP/1.1\r\n" );
+header("Host: $host\r\n" );
+header("Content-type: application/x-www-form-urlencoded\r\n" );
+header("Content-length: " . strlen($data) . "\r\n" );
+header("Connection: close\r\n\r\n" );
+header($data);
+?>
+*/
         ?>
     </div>
 </div>
 </body>
 </html>
+
diff -r e2ac834162fb -r 3ad193634e5d details.php_lessold
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/details.php_lessold	Tue Jul 07 19:14:12 2009 +0100
@@ -0,0 +1,278 @@
+<?php 
+	function remove_http($url = '')
+	{
+		if ($url == 'http://' OR $url == 'https://')
+		{
+			return $url;
+		}
+		$matches = substr($url, 0, 7);
+		if ($matches=='http://') 
+		{
+			$url = substr($url, 7);		
+		}
+		else
+		{
+			$matches = substr($url, 0, 8);
+			if ($matches=='https://') 
+			$url = substr($url, 8);
+		}
+		return $url;
+	}
+
+	// read user ID from cookie, if cookie doesn't exist, set to 1 (master)
+	$currID = $_COOKIE['uid'];
+	
+	if ($currID == "") 
+	{
+		$currID = 1;
+		$mysql = new mysqli("localhost", "www-data", "www-data", "members");
+        	$result = $mysql->query("SELECT sid, sid_dir FROM sessions WHERE ((uid = '$currID' or uid = 1) AND (expiration_date = DATE_ADD(NOW(), INTERVAL 24 HOUR)))");
+        	$row = $result->fetch_assoc();
+        	$tsid1 = $row["sid"];
+		$tsid2 = $row["sid_dir"];
+        	$result->close();
+
+
+	}
+ 	// read session IDs from cookie, if cookie doesn't exist, set to 06D5VlLQTbM57LL7IBMW38yHkFpb1XVa (master)
+
+
+
+//echo $_COOKIE["sid1"];
+        $currSID1 = $_COOKIE['sid1'];
+	if ($currSID1 == "")
+        {
+       //         $currSID1 = "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa";
+		$currSID1 = $tsid1;
+echo $currSID1;
+
+        }
+
+        $currSID2 = $_COOKIE['sid2'];
+	if ($currSID2 == "")
+        {
+//                $currSID2 = "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa";
+		$currSID2 = $tsid2;
+echo $currSID2;
+        }
+
+print_r($_COOKIE);
+	
+	$status = $_GET['alert'];
+	$view_mode = $_GET['view_mode'];
+	$view_order = $_GET['view_order'];
+	
+	
+	// connect to the database
+	$conn = mysql_connect('localhost','www-data','www-data') or die(mysql_error());
+	mysql_select_db('members');
+	
+	// search server cache for received websites
+	// anonymous uid=1, sid1=06D5VlLQTbM57LL7IBMW38yHkFpb1XVa & sid2 =06D5VlLQTbM57LL7IBMW38yHkFpb1XVa
+//	if (($currID != 1) && ($currSID1 != "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa"))
+        if ($currID != 1) 
+
+	{
+		$query_cache = mysql_query("SELECT * FROM requests_tbl WHERE (uid = '$currID' OR uid = 1)");
+	} 
+	else 
+	{
+		$query_cache = mysql_query("SELECT * FROM requests_tbl WHERE (uid = 1)");
+                        while ($db_fieldcache = mysql_fetch_assoc($query_cache))
+                        {
+                        // send command to squid and return value
+    #                    $command2 = "squidclient -m HEAD -p 8080 -H \"Cache-Control: only-if-cached\n\" -u " . $db_fieldcache["req_ID"] . " -w " . $db_fieldcache["uid"] . " " . $db_fieldcache["req_val"] . " |grep X-Cache: |grep MISS";
+#                    $command2 = "squidclient -m HEAD -p 8080" . $db_fieldcache["req_val"] . " |grep X-Cache: |grep MISS";
+//                    $command2 = "squidclient -m HEAD -p 8080 -u {$db_fieldcache["req_ID"]} -w $currSID1 http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/ |grep X-Cache: |grep MISS";
+                    $command2 = "squidclient -m HEAD -p 8080 -u www-data -w www-data http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/ |grep X-Cache: |grep MISS";
+                        exec($command2, $cache_results);
+                        // find out if site is available and update the database
+                                if (strpos($cache_results, "HIT") == true)
+                                        {
+                                        $query_update = mysql_query("UPDATE responses_tbl SET req_response = '1' WHERE req_ID = '$curr_reqID'");
+                                        }
+/*                                        else
+                                        {
+                                        $query_update = mysql_query("UPDATE responses_tbl SET req_response = '0' WHERE req_ID = '$curr_reqID'");
+                                        $curr_reqID = $db_fieldcache["req_ID"];
+                                        $http_proxy = "http://localhost:8080";
+                                        $staging = "/var/www/private/HTMLrequester/staging/";
+                                        $wget_options = "--delete-after -N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d";
+                                        $strip_url_val = remove_http($db_fieldcache['req_val']);
+                                        $command1 = "wget -P $staging $wget_options http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/";
+                                        exec($command1, $wget_results);
+
+                                        }
+*/
+			}
+	}
+	
+	while ($db_fieldcache = mysql_fetch_assoc($query_cache)) 
+	{
+		$filename = "/var/www/private/HTMLrequester/router_stage/{$db_fieldcache["req_ID"]}/";
+		if (file_exists($filename)) 
+    			{
+    			$query_update = mysql_query("UPDATE requests_tbl SET req_response = '1' WHERE req_ID = '$curr_reqID'");
+    			} 
+		else 
+    			{
+   			$query_update = mysql_query("UPDATE requests_tbl SET req_response = '0' WHERE req_ID = '$curr_reqID'");
+			}  
+	}
+	
+	
+	// pick order to show (user specified)
+	
+	if ($view_order == "pend")
+	{
+		$order_sql = "req_response ASC";
+	}
+	else if ($view_order == "date_asc")
+	{
+		$order_sql = "req_created ASC";
+	}
+	else if ($view_order == "avail")
+	{
+		$order_sql = "req_response DESC";
+	}
+	else
+	{
+		$order_sql = "req_created DESC";
+	} 
+	
+	// pick relervant mySQl QUERY
+	if ($view_mode == "public")
+	{
+		$query = mysql_query("SELECT * FROM requests_tbl WHERE (uid = 1) ORDER BY " . $order_sql);
+	}
+	else if ($view_mode == "all")
+	{
+		$query = mysql_query("SELECT * FROM requests_tbl WHERE (uid = '$currID' OR uid = 1) ORDER BY " . $order_sql);
+	}
+	else 
+	{
+		$query = mysql_query("SELECT * FROM requests_tbl WHERE (uid = '$currID') ORDER BY " . $order_sql);
+	}
+	
+	
+	// Construct search information message
+	if ($view_mode == "public") 
+	{
+		$search_info = "There are " . mysql_num_rows($query) . " saved public searches.";
+	} else if ($view_mode == "private") {
+		$search_info = "You have " . mysql_num_rows($query) . " saved private searches.";
+	} else {
+		$search_info = "There are " . mysql_num_rows($query) . " saved searches.";
+	}
+?>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>N4C - Welcome. <?php print $search_info; ?></title>
+<link href="files/n4c_main.css" rel="stylesheet" type="text/css" media="screen" />
+</head>
+
+<body>
+<div id="container">
+    <div id="header">
+        <h1><span>N4C</span></h1>
+    	<p id="credits">HTML Requester v. 1.00</p>
+    </div>
+    <?php 
+		// show status messages based on user interaction
+		if ($status == "del") 
+		{
+			print "<div id='delete_alert'><span>You have successfully deleted the selected search.</span><a href='details.php'><img class='img_right' src='images/x.gif' width='14' height='20' /></a><div class='clear'></div></div>";
+		} else if ($status == "add")
+		{
+			print "<div id='add_alert'><span>You have successfully added a new search.</span><a href='details.php'><img class='img_right' src='images/x.gif' width='14' height='20' /></a><div class='clear'></div></div>";
+		} else if ($status == "urlerror") 
+		{
+			print "<div id='delete_alert'><span>You have entered an malformed url. Please use this format: <em><strong>http://www.yourwebsite.com</strong></em></span><a href='details.php'><img class='img_right' src='images/x.gif' width='14' height='20' /></a><div class='clear'></div></div>";
+		}
+	?>
+    <div id="search">
+   	  <h2>Open a new search:</h2>
+        <form action="add_search.php" method="get" enctype="multipart/form-data" name="search" target="_parent">
+        <input name="search_term" type="text" value="http://www.yourwebsite.com" size="21" />
+        <?php
+			// 
+		  	if ($currID != 1)
+			{
+				print "<select name='search_type' size='1'>";
+          		print "<option value='public' selected>Public</option>";
+            	print "<option value='private'>Private</option></select>";	
+			}
+		  ?>
+          <input id="search_button" name="submit" type="submit" value="Search" />
+        </form>
+    </div>
+    <div id="results">
+    	<h2><?php print $search_info; ?></h2>
+		<?php
+            // customise view links based on view
+            
+			print "<div id='view_options'><form action='details.php' method='get' enctype='multipart/form-data' name='search' target='_parent'>";
+			
+			if ($currID != 1)
+            {
+                print "<select name='view_mode' size='1'>";
+                print "<option value='private' selected>Private searches</option>";
+                print "<option value='public'>Public searches</option>";
+                print "<option value='all'>All searches</option></select> ";
+            }
+			
+			print "<select name='view_order' size='1'>";
+            print "<option value='date_desc' selected>Newest &gt; Oldest</option>";
+            print "<option value='date_asc'>Oldest &gt; Newest</option>";
+            print "<option value='avail'>Available &gt; Pending</option> ";
+			print "<option value='pend'>Pending &gt; Available</option></select> ";
+            print "<input name='submit' type='submit' value='Update view' /></form></div>";
+        ?>
+		<?php
+            //display current search requests
+            $search_count = 1;
+			
+			while ($db_field = mysql_fetch_assoc($query)) 
+			{		 
+				if ($db_field['uid'] != 1 and $view_mode == "all")
+				{
+					print "<div class='search_result_private'><span class='result_no'>" . $search_count . "</span> ";
+					print "<span class='search_txt'>Search:</span><span class='search_input'><em>" . $db_field['req_val'] . "</em></span> ";
+				} else {
+					print "<div class='search_result'><span class='result_no'>" . $search_count . "</span> ";
+					print "<span class='search_txt'>Search:</span><span class='search_input'><em>" . $db_field['req_val'] . "</em></span> ";
+				}
+				
+  				print "<span class='results_txt'>Status:</span>";
+				
+				if ($db_field['req_response'] == 0)
+				{
+					print "<span class='result_output_none'>Result pending</span>";
+					print "<a href='delete.php?req_id=" . $db_field['req_ID'] . "'><img src='images/x.gif' width='14' height='20' /></a>";
+				} else {
+//header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . dirname($db_fieldcache["req_ID"]));
+//strip_tags($text, '<p><a>')
+                                      print "<span class='result_output'><a href='". 'router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val']) ."' target='_blank'>View website</a></span>";
+//					print "<span class='result_output'><a href='" . $db_field['req_val'] ."' target='_blank'>View website</a></span>";
+					print "<a href='delete.php?req_id=" . $db_field['req_ID'] . "'><img src='images/x.gif' width='14' height='20' /></a>";
+				}
+                print "<div class='clear'></div></div>";
+				
+				$search_count++;
+            }
+            
+            // if no requests, display message
+            if (mysql_num_rows($query) < 1) 
+            {
+                print '<p>You have no previous searches please use the search form to create a new search.</p>';
+            }
+            
+            mysql_close();
+        ?>
+    </div>
+</div>
+</body>
+</html>
diff -r e2ac834162fb -r 3ad193634e5d details.php_old
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/details.php_old	Tue Jul 07 19:14:12 2009 +0100
@@ -0,0 +1,260 @@
+<?php 
+	function remove_http($url = '')
+	{
+		if ($url == 'http://' OR $url == 'https://')
+		{
+			return $url;
+		}
+		$matches = substr($url, 0, 7);
+		if ($matches=='http://') 
+		{
+			$url = substr($url, 7);		
+		}
+		else
+		{
+			$matches = substr($url, 0, 8);
+			if ($matches=='https://') 
+			$url = substr($url, 8);
+		}
+		return $url;
+	}
+
+	// read user ID from cookie, if cookie doesn't exist, set to 1 (master)
+	$currID = $_COOKIE['uid'];
+	
+	if ($currID == "") 
+	{
+		$currID = 1;
+	}
+ 	// read session IDs from cookie, if cookie doesn't exist, set to 1 (master)
+
+//echo $_COOKIE["sid1"];
+        $currSID1 = $_COOKIE['sid1'];
+	if ($currSID1 == "")
+        {
+                $currSID1 = "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa";
+        }
+
+        $currSID2 = $_COOKIE['sid2'];
+	if ($currSID2 == "")
+        {
+                $currSID2 = "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa";
+        }
+
+//print_r($_COOKIE);
+	
+	$status = $_GET['alert'];
+	$view_mode = $_GET['view_mode'];
+	$view_order = $_GET['view_order'];
+	
+	
+	// connect to the database
+	$conn = mysql_connect('localhost','www-data','www-data') or die(mysql_error());
+	mysql_select_db('members');
+	
+	// search server cache for received websites
+	// anonymous uid=1, sid1=06D5VlLQTbM57LL7IBMW38yHkFpb1XVa & sid2 =06D5VlLQTbM57LL7IBMW38yHkFpb1XVa
+	if (($currID != 1) && ($currSID1 != "06D5VlLQTbM57LL7IBMW38yHkFpb1XVa"))
+	{
+		$query_cache = mysql_query("SELECT * FROM requests_tbl WHERE (uid = '$currID' OR uid = 1)");
+	} 
+	else 
+	{
+		$query_cache = mysql_query("SELECT * FROM requests_tbl WHERE (uid = 1)");
+	}
+	
+	while ($db_fieldcache = mysql_fetch_assoc($query_cache)) 
+	{
+		// send command to squid and return value
+		$curr_reqID = $db_fieldcache["req_ID"];
+                $http_proxy = "http://localhost:8080";
+		$staging = "/var/www/private/HTMLrequester/staging/";
+//		$wget_options = "--delete-after -N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d";
+                $wget_options = "-N -r -l 3 --no-remove-listing -p --max-redirect 10 -t 1 -d";
+
+		$strip_url_val = remove_http($db_fieldcache['req_val']);
+                $command1 = "wget -P $staging $wget_options http://localhost/router_stage/{$db_fieldcache["req_ID"]}/$strip_url_val/";
+
+                exec($command1, $wget_results);
+		$command2 = "squidclient -m HEAD -p 8080 -H \"Cache-Control: only-if-cached\n\" -u " . $db_fieldcache["req_ID"] . " -w " . $db_fieldcache["uid"] . " " . $db_fieldcache["req_val"] . " |grep X-Cache: |grep MISS";
+
+//$commandline = "squidclient -m HEAD -p 8080 -H \"Cache-Control: only-if-cached\n\" -u " . $db_fieldcache["req_ID"] . " -w " . $db_fieldcache["uid"] . " " . $db_fieldcache["req_val"] . " |grep X-Cache: |grep MISS";
+
+		exec($command2, $cache_results);
+		
+		// find out if site is available and update the database
+//		if (strpos($cache_results, "HIT") == true)
+//		{
+//			$query_update = mysql_query("UPDATE responses_tbl SET req_response = '1' WHERE req_ID = '$curr_reqID'");
+//		} 
+//		else 
+//		{
+//			$query_update = mysql_query("UPDATE responses_tbl SET req_response = '0' WHERE req_ID = '$curr_reqID'");
+//		}
+		$filename = "/var/www/private/HTMLrequester/router_stage/{$db_fieldcache["req_ID"]}/";
+		if (file_exists($filename)) 
+    			{
+    			$query_update = mysql_query("UPDATE requests_tbl SET req_response = '1' WHERE req_ID = '$curr_reqID'");
+    			} 
+		else 
+    			{
+   			$query_update = mysql_query("UPDATE requests_tbl SET req_response = '0' WHERE req_ID = '$curr_reqID'");
+			}  
+	}
+	
+	
+	// pick order to show (user specified)
+	
+	if ($view_order == "pend")
+	{
+		$order_sql = "req_response ASC";
+	}
+	else if ($view_order == "date_asc")
+	{
+		$order_sql = "req_created ASC";
+	}
+	else if ($view_order == "avail")
+	{
+		$order_sql = "req_response DESC";
+	}
+	else
+	{
+		$order_sql = "req_created DESC";
+	} 
+	
+	// pick relervant mySQl QUERY
+	if ($view_mode == "public")
+	{
+		$query = mysql_query("SELECT * FROM requests_tbl WHERE (uid = 1) ORDER BY " . $order_sql);
+	}
+	else if ($view_mode == "all")
+	{
+		$query = mysql_query("SELECT * FROM requests_tbl WHERE (uid = '$currID' OR uid = 1) ORDER BY " . $order_sql);
+	}
+	else 
+	{
+		$query = mysql_query("SELECT * FROM requests_tbl WHERE (uid = '$currID') ORDER BY " . $order_sql);
+	}
+	
+	
+	// Construct search information message
+	if ($view_mode == "public") 
+	{
+		$search_info = "There are " . mysql_num_rows($query) . " saved public searches.";
+	} else if ($view_mode == "private") {
+		$search_info = "You have " . mysql_num_rows($query) . " saved private searches.";
+	} else {
+		$search_info = "There are " . mysql_num_rows($query) . " saved searches.";
+	}
+?>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>N4C - Welcome. <?php print $search_info; ?></title>
+<link href="files/n4c_main.css" rel="stylesheet" type="text/css" media="screen" />
+</head>
+
+<body>
+<div id="container">
+    <div id="header">
+        <h1><span>N4C</span></h1>
+    	<p id="credits">HTML Requester v. 1.00</p>
+    </div>
+    <?php 
+		// show status messages based on user interaction
+		if ($status == "del") 
+		{
+			print "<div id='delete_alert'><span>You have successfully deleted the selected search.</span><a href='details.php'><img class='img_right' src='images/x.gif' width='14' height='20' /></a><div class='clear'></div></div>";
+		} else if ($status == "add")
+		{
+			print "<div id='add_alert'><span>You have successfully added a new search.</span><a href='details.php'><img class='img_right' src='images/x.gif' width='14' height='20' /></a><div class='clear'></div></div>";
+		} else if ($status == "urlerror") 
+		{
+			print "<div id='delete_alert'><span>You have entered an malformed url. Please use this format: <em><strong>http://www.yourwebsite.com</strong></em></span><a href='details.php'><img class='img_right' src='images/x.gif' width='14' height='20' /></a><div class='clear'></div></div>";
+		}
+	?>
+    <div id="search">
+   	  <h2>Open a new search:</h2>
+        <form action="add_search.php" method="get" enctype="multipart/form-data" name="search" target="_parent">
+        <input name="search_term" type="text" value="http://www.yourwebsite.com" size="21" />
+        <?php
+			// 
+		  	if ($currID != 1)
+			{
+				print "<select name='search_type' size='1'>";
+          		print "<option value='public' selected>Public</option>";
+            	print "<option value='private'>Private</option></select>";	
+			}
+		  ?>
+          <input id="search_button" name="submit" type="submit" value="Search" />
+        </form>
+    </div>
+    <div id="results">
+    	<h2><?php print $search_info; ?></h2>
+		<?php
+            // customise view links based on view
+            
+			print "<div id='view_options'><form action='details.php' method='get' enctype='multipart/form-data' name='search' target='_parent'>";
+			
+			if ($currID != 1)
+            {
+                print "<select name='view_mode' size='1'>";
+                print "<option value='private' selected>Private searches</option>";
+                print "<option value='public'>Public searches</option>";
+                print "<option value='all'>All searches</option></select> ";
+            }
+			
+			print "<select name='view_order' size='1'>";
+            print "<option value='date_desc' selected>Newest &gt; Oldest</option>";
+            print "<option value='date_asc'>Oldest &gt; Newest</option>";
+            print "<option value='avail'>Available &gt; Pending</option> ";
+			print "<option value='pend'>Pending &gt; Available</option></select> ";
+            print "<input name='submit' type='submit' value='Update view' /></form></div>";
+        ?>
+		<?php
+            //display current search requests
+            $search_count = 1;
+			
+			while ($db_field = mysql_fetch_assoc($query)) 
+			{		 
+				if ($db_field['uid'] != 1 and $view_mode == "all")
+				{
+					print "<div class='search_result_private'><span class='result_no'>" . $search_count . "</span> ";
+					print "<span class='search_txt'>Search:</span><span class='search_input'><em>" . $db_field['req_val'] . "</em></span> ";
+				} else {
+					print "<div class='search_result'><span class='result_no'>" . $search_count . "</span> ";
+					print "<span class='search_txt'>Search:</span><span class='search_input'><em>" . $db_field['req_val'] . "</em></span> ";
+				}
+				
+  				print "<span class='results_txt'>Status:</span>";
+				
+				if ($db_field['req_response'] == 0)
+				{
+					print "<span class='result_output_none'>Result pending</span>";
+					print "<a href='delete.php?req_id=" . $db_field['req_ID'] . "'><img src='images/x.gif' width='14' height='20' /></a>";
+				} else {
+//header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . dirname($db_fieldcache["req_ID"]));
+//strip_tags($text, '<p><a>')
+                                      print "<span class='result_output'><a href='". 'router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val']) ."' target='_blank'>View website</a></span>";
+//					print "<span class='result_output'><a href='" . $db_field['req_val'] ."' target='_blank'>View website</a></span>";
+					print "<a href='delete.php?req_id=" . $db_field['req_ID'] . "'><img src='images/x.gif' width='14' height='20' /></a>";
+				}
+                print "<div class='clear'></div></div>";
+				
+				$search_count++;
+            }
+            
+            // if no requests, display message
+            if (mysql_num_rows($query) < 1) 
+            {
+                print '<p>You have no previous searches please use the search form to create a new search.</p>';
+            }
+            
+            mysql_close();
+        ?>
+    </div>
+</div>
+</body>
+</html>
diff -r e2ac834162fb -r 3ad193634e5d index.php
--- a/index.php	Tue Jun 23 13:41:45 2009 +0100
+++ b/index.php	Tue Jul 07 19:14:12 2009 +0100
@@ -22,6 +22,8 @@
         return $ID;
 
 }
+
+
 function create_session($mysql, $uid, $password)
 {
 
@@ -51,85 +53,153 @@
                 return FALSE;
         $tsid2 = genID(crc32($tsid1) + time(), 32);
 
-//      if ((isset($_COOKIE['sid1'])) && (isset($_COOKIE['sid2'])))
-        if (isset($_COOKIE['sid1']))
+      if ((isset($_COOKIE['sid1'])) && (isset($_COOKIE['sid2'])))
                 {
-                setcookie("sid2", $tsid2, time() + 964224000);
                 $sid1 = $_COOKIE['sid1'];
+		$sid2 = $_COOKIE['sid2'];
                 }
         else
                 {
-        	setcookie("sid1", $tsid1, time() + 964224000);
-       		setcookie("sid2", $tsid2, time() + 964224000);
+        	setcookie("sid1", $tsid1, time() + 86400);
+       		setcookie("sid2", $tsid2, time() + 86400);
+                $sid1 = $_COOKIE['sid1'];
+                $sid2 = $_COOKIE['sid2'];
+
         	if (!isset($_COOKIE['sid1']))
                		{
-                        $sid1 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
+                      $sid1 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
+//                        $sid1 = $tsid1;
+//echo $sid1;
                 	}
         	if (!isset($_COOKIE['sid2']))
                		{
                         $sid2 = $tsid2;
+//echo $uid;
+//echo $sid2;
+		//	$sid2 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
                 	}
-                }
+               }
 
         //
         // Create the session: set the UID and SID in both the client's cookies and
         // the MySQL session table.
         //
 
-#$uid = (string)$uid;
-        $mysql->query("INSERT INTO sessions (sid, sid_dir, uid, signature, timeout_date, expiration_date)
-                VALUES ('$sid1', '$sid2', '$uid', 'members', DATE_ADD(NOW(), INTERVAL 43200 MINUTE),
-                DATE_ADD(NOW(), INTERVAL 720 HOUR))");
+	if ($uid != '1')
+                {
+                $mysql->query("INSERT INTO sessions (sid, sid_dir, uid, signature, timeout_date, expiration_date, enum)
+                VALUES ('$sid1', '$sid2', '$uid', 'members', DATE_ADD(NOW(), INTERVAL 1440 MINUTE),
+                DATE_ADD(NOW(), INTERVAL 24 HOUR), '$enum')");
+                $enum = $mysql->query("SELECT MAX(enum) as id FROM sessions");
+////uncomment next line to not send uid sid and gid in GET
+#		header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'details.php');
+		header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'details.php' . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2);
 
-        header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'details.php');
-
-    	exit();
-
-        return TRUE;
+		}
+        else
+                {
+                $mysql->query("INSERT INTO sessions (sid, sid_dir, uid, signature, timeout_date, expiration_date, enum)
+                VALUES ('$sid1', '$sid2', '$uid', 'public', DATE_ADD(NOW(), INTERVAL 1440 MINUTE),
+                DATE_ADD(NOW(), INTERVAL 24 HOUR), '$enum')");
+                $enum = $mysql->query("SELECT MAX(enum) as id FROM sessions");
+  // Initialize the session
+//  session_start(  );
+#		header ('Cookie:' . ' ' . 'uid=' . $uid . ';' . ' ' . 'sid1=' . $sid1 . ';' . ' ' . 'sid2=' . $sid2);
+		header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'details.php' . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2);
 }
+#        header ('Cookie' . ' ' . 'uid=' . $uid . ';' . ' ' . 'sid1=' . $sid1 . ';' . ' ' . 'sid2=' . $sid2);
+# header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'details.php');
+#header ('Cookie:' . ' ' . 'uid=' . $uid . ';' . ' ' . 'sid1=' . $sid1 . ';' . ' ' . 'sid2=' . $sid2); 
+#header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'details.php');
+#header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'details.php' . '?Cookie' . ' ' . 'uid=' . $uid . ';' . ' ' . 'sid1=' . $sid1 . ';' . ' ' . 'sid2=' . $sid2);
+#header ('Set-Cookie: uid=' . $uid);
 
 
-	$conn = mysql_connect('localhost','www-data','www-data') or die(mysql_error());
-	mysql_select_db('members');
-	
-	// retrieve cookie if it exists
-	if (isset($_COOKIE['uid'])) 
+    	exit();
+        return TRUE;
+}
+#header ('Cookie:' . ' ' . 'uid=' . $uid . ';' . ' ' . 'sid1=' . $sid1 . ';' . ' ' . 'sid2=' . $sid2);
+$expiry = time() + (3600 * 24 * 30 * 12);	
+// retrieve cookie if it exists
+if (isset($_COOKIE['uid'])) 
 	{	
-		$currID = $_COOKIE['uid'];
-		$uid = $currID;
+	$currID = $_COOKIE['uid'];
+	$uid = $currID;
 	} 
-	else 
+else
 	{
-		// SQL queries
-		$result = mysql_query("INSERT INTO creds (uid) VALUES ('')");
-		$uid =  mysql_query("SELECT MAX(uid) as id FROM creds");
-		$expiry = time() + (3600 * 24 * 30 * 12); 
-		
-		//create cookies
-		while ($db_field2 = mysql_fetch_assoc($uid)) {		 
-		 	setcookie('uid', $db_field2['id'] , $expiry, '/', '', 0);
-                $gid = 0;
-                $currID = (string)$db_field2['id'];
+	// try to set cookie
+        $conn = mysql_connect('localhost','www-data','www-data') or die(mysql_error());
+	if (!$conn)
+		{
+		echo "Unable to connect to DB: " . mysql_error();
+    		exit;
+		}
+        mysql_select_db('members');
+	if (!mysql_select_db("members"))
+		{
+    		echo "Unable to select mydbname: " . mysql_error();
+    		exit;
+		}
+
+	$sql1 = "INSERT INTO creds (uid) VALUES ('')";
+	$sql2 = "SELECT MAX(uid) as id FROM creds";
+
+        $result1 = mysql_query($sql1);
+	if (!$result1)
+		{
+		echo "Could not successfully run query ($sql1) from DB: " . mysql_error();
+    		exit;
+		}
+
+        $result2 = mysql_query($sql2);
+        if (!$result2)
+        	{
+                echo "Could not successfully run query ($sql2) from DB: " . mysql_error();
+                exit;
+        	}
 
-                $groups = $mysql_query("INSERT INTO uid_gid (uid, gid) VALUES ('$currID', '$gid')");
-	        } 	
-
-		if (!isset($_COOKIE['uid'])) 
+        //create cookies
+	if (mysql_num_rows($result2) == 0)
 		{
-			$currID = 1;
-			$uid = $currID;
+		echo "No rows found, nothing to print so am exiting";
+		exit;
 		}
+        while ($row = mysql_fetch_assoc($result2)) {
+        setcookie('uid', $row['id'] , $expiry, '/', '', 0);
+	$uid = $row['id'];
+	$gid = 0;
+	//create uid & gid entry in uid_gid
+        $sql3 = "INSERT INTO uid_gid (uid, gid, enum) VALUES ('$uid', '$gid', '')";
+        $result3 = mysql_query($sql3);
+        if (!$result3)
+                {
+                echo "Could not successfully run query ($sql3) from DB: " . mysql_error();
+                exit;
+                }
 	}
-	mysql_close();
-	// retrieve session cookie if it exists
+	mysql_free_result($result2);
+        mysql_close();
+// need to refresh as browser does not autheniticate until restart...ARRGhh need a solution ... the below doesn't work
+        header ('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?' . 'uid=' . $uid);
+//exit;
+//header( 'refresh: 0; ' );
+
+	}
+
+	if (!isset($_COOKIE['uid'])) 
+      		{
+        	$currID = 1;
+        	$uid = $currID;
+      		}
 #	$real_password = password;
 
-	$mysql = new mysqli("localhost", "www-data", "www-data", "members");
-	$result = $mysql->query("SELECT uid,password_md5 FROM creds WHERE username='$username'");
-	$row = $result->fetch_assoc();
-	$real_password = $row["password_md5"];
-        create_session($mysql, $uid, $real_password);
-	$result->close();
+$mysql = new mysqli("localhost", "www-data", "www-data", "members");
+$result = $mysql->query("SELECT uid,password_md5 FROM creds WHERE username='$username'");
+$row = $result->fetch_assoc();
+$real_password = $row["password_md5"];
+create_session($mysql, $uid, $real_password);
+$result->close();
 
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
diff -r e2ac834162fb -r 3ad193634e5d mysql_apache/mysql_members_schema
--- a/mysql_apache/mysql_members_schema	Tue Jun 23 13:41:45 2009 +0100
+++ b/mysql_apache/mysql_members_schema	Tue Jul 07 19:14:12 2009 +0100
@@ -1,20 +1,17 @@
 CREATE DATABASE members;
 GRANT ALL ON members.* TO 'www-data'@'localhost';
-
 CREATE TABLE  `members`.`creds` (
   `uid` int(8) unsigned NOT NULL auto_increment,
   `username` varchar(20) NOT NULL default 'anon',
   `password_md5` varchar(32) NOT NULL default '5f4dcc3b5aa765d61d8327deb882cf99' COMMENT 'default password = password',
   PRIMARY KEY  (`uid`),
   KEY `new_index` (`uid`)
-) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1 ROW_FORMAT=FIXED
-
+) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 ROW_FORMAT=FIXED
 CREATE TABLE  `members`.`groups` (
   `gid` int(8) unsigned NOT NULL,
   `groupname` varchar(20) character set utf8 NOT NULL,
   PRIMARY KEY  (`gid`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8
-
 CREATE TABLE  `members`.`requests_tbl` (
   `req_ID` varchar(32) collate utf8_unicode_ci NOT NULL,
   `uid` int(8) unsigned NOT NULL,
@@ -25,19 +22,18 @@
   KEY `new_index` (`uid`),
   CONSTRAINT `new_fk_constraint10` FOREIGN KEY (`uid`) REFERENCES `creds` (`uid`) ON UPDATE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='InnoDB free: 3072 kB; (`user_ID`) REFER `members/creds`(`uid`)'
-
 CREATE TABLE  `members`.`sessions` (
-  `sid` varchar(32) NOT NULL,
-  `sid_dir` varchar(32) NOT NULL,
+  `sid` varchar(32) NOT NULL default '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa',
+  `sid_dir` varchar(32) NOT NULL default '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa',
   `uid` int(8) unsigned NOT NULL,
   `signature` varchar(20) NOT NULL,
   `timeout_date` datetime NOT NULL,
   `expiration_date` datetime NOT NULL,
-  PRIMARY KEY  (`sid`),
+  `enum` int(8) unsigned NOT NULL auto_increment,
+  PRIMARY KEY  (`enum`),
   KEY `new_fk_constraint` (`uid`),
   CONSTRAINT `new_fk_constraint` FOREIGN KEY (`uid`) REFERENCES `creds` (`uid`) ON UPDATE CASCADE
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 ROW_FORMAT=DYNAMIC
-
+) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 ROW_FORMAT=DYNAMIC
 CREATE TABLE  `members`.`tracking` (
   `uid` int(8) unsigned NOT NULL,
   `client_ip_address` varchar(15) NOT NULL,
@@ -47,13 +43,9 @@
   KEY `new_fk_constraint3` (`uid`),
   CONSTRAINT `new_fk_constraint12` FOREIGN KEY (`uid`) REFERENCES `creds` (`uid`) ON DELETE CASCADE ON UPDATE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 ROW_FORMAT=FIXED
-
 CREATE TABLE  `members`.`uid_gid` (
   `uid` int(8) unsigned NOT NULL,
-  `gid` int(8) unsigned NOT NULL,
-  PRIMARY KEY  (`uid`),
-  KEY `new_index` USING BTREE (`uid`),
-  KEY `new_fk_constraint9` USING BTREE (`gid`),
-  CONSTRAINT `new_fk_constraint2` FOREIGN KEY (`uid`) REFERENCES `creds` (`uid`) ON DELETE CASCADE ON UPDATE CASCADE
-) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='InnoDB free: 4096 kB; (`uid`) REFER `members/creds`(`uid`)'
-
+  `gid` int(8) unsigned NOT NULL default '0',
+  `enum` int(8) unsigned NOT NULL auto_increment,
+  PRIMARY KEY  USING BTREE (`enum`)
+) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COMMENT='InnoDB free: 4096 kB; (`uid`) REFER `members/creds`(`uid`)'
diff -r e2ac834162fb -r 3ad193634e5d mysql_apache/n4c-default-site
--- a/mysql_apache/n4c-default-site	Tue Jun 23 13:41:45 2009 +0100
+++ b/mysql_apache/n4c-default-site	Tue Jul 07 19:14:12 2009 +0100
@@ -6,7 +6,7 @@
 	DocumentRoot /var/www/private/HTMLrequester
 
 <Directory "/var/www/private/HTMLrequester/members">
-        Options Indexes MultiViews FollowSymLinks
+Options Indexes MultiViews FollowSymLinks
         AuthType Basic
         AuthName "Member's Area"
         AuthFormAuthoritative On
@@ -30,28 +30,39 @@
         AuthFormMySQLFieldExpiration expiration_date
 
         #AuthFormMySQLTableGIDCondition
-        AuthFormMySQLTableSIDCondition "`sid`=$sid1 AND `sid_dir`=$sid2 AND (`uid`=$uid OR `signature`='members')"
+       AuthFormMySQLTableSIDCondition "`sid`=$sid1 AND `sid_dir`=$sid2 AND (`uid`=$uid OR `signature`='members')"
+
 
         #AuthFormMySQLTableTrackingCondition
 
-        AuthFormSessionTimeout 30
+        AuthFormSessionTimeout 1440
         AuthFormSessionCookies On
         AuthFormSessionAutoRefresh -1
-        AuthFormTrackingLifetime 30
+        AuthFormTrackingLifetime 1440
 
-        AuthFormPageLogin index.php
+        AuthFormPageLogin /HTMLrequester.html
         AuthFormPageExpired /session_expired.html
         AuthFormLastPageKey go_back_to
         #AuthFormPageAutoRefresh
         #AuthFormPageNotAllowed
 
         #Require valid-user
-        Require group 0
+        Require group 0 1 2
+</Directory>
+
+<Directory "/var/www/private/public">
+	AuthFormPageNotAllowed /paying_members_only.html
+	AuthFormMySQLTableSIDCondition "`sid`=$sid1 AND `sid_dir`=$sid2 AND (`uid`=$uid OR `signature`='some_signature_public')"
+	Require group 1 
+</Directory>
+<Directory "/var/www/private/private">
+	AuthFormPageNotAllowed /premium_only.html
+	Require group 2 
 </Directory>
 
 <Directory "/var/www/private/HTMLrequester/router_stage">
 
-        Options Indexes MultiViews FollowSymLinks
+Options Indexes MultiViews FollowSymLinks
         AuthType Basic
         AuthName "Staging area"
         AuthFormAuthoritative On
@@ -75,23 +86,25 @@
         AuthFormMySQLFieldExpiration expiration_date
 
         #AuthFormMySQLTableGIDCondition
-        AuthFormMySQLTableSIDCondition "`sid`=$sid1 AND `uid`=$uid"
+	AuthFormMySQLTableSIDCondition "`sid`=$sid1 AND `sid_dir`=$sid2 AND `uid`=$uid"
+
+
 
         #AuthFormMySQLTableTrackingCondition
 
-        AuthFormSessionTimeout 30
-        AuthFormSessionCookies On
+        AuthFormSessionTimeout 1440
+        AuthFormSessionCookies Off
         AuthFormSessionAutoRefresh -1
-        AuthFormTrackingLifetime 30
+        AuthFormTrackingLifetime 1440
 
-        AuthFormPageLogin /HTMLprivaterequest.html
+	AuthFormPageLogin /HTMLrequester.html
         AuthFormPageExpired /session_expired.html
         AuthFormLastPageKey go_back_to
        #AuthFormPageAutoRefresh
         #AuthFormPageNotAllowed
 
         #Require valid-user
-        Require group 0 
+        Require group 0 1 2
 </Directory>
 
 <Directory "/var/www/private/public">