diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..dfe0770
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto
diff --git a/9781484238424.jpg b/9781484238424.jpg
new file mode 100644
index 0000000..c4ec1ee
Binary files /dev/null and b/9781484238424.jpg differ
diff --git a/Ch01/change-password.php b/Ch01/change-password.php
new file mode 100644
index 0000000..1719254
--- /dev/null
+++ b/Ch01/change-password.php
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch01/footer.php b/Ch01/footer.php
new file mode 100644
index 0000000..4ccb7e8
--- /dev/null
+++ b/Ch01/footer.php
@@ -0,0 +1,5 @@
+<p class="h6 col-sm-12">Copyright &copy; Adrian West & Steve Prettyman 2018  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch01/header-for-template.php b/Ch01/header-for-template.php
new file mode 100644
index 0000000..0a925b3
--- /dev/null
+++ b/Ch01/header-for-template.php
@@ -0,0 +1,7 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="font-bold">This is the header</h1>
+</div>
+    
\ No newline at end of file
diff --git a/Ch01/header.php b/Ch01/header.php
new file mode 100644
index 0000000..167eeb2
--- /dev/null
+++ b/Ch01/header.php
@@ -0,0 +1,13 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'" >Register</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-view-users.php'"> View Users</button>
+<button type="button" class="btn btn-secondary" onclick="location.href = 'change-password.php'" >New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch01/index.php b/Ch01/index.php
new file mode 100644
index 0000000..e577826
--- /dev/null
+++ b/Ch01/index.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch01/info-col.php b/Ch01/info-col.php
new file mode 100644
index 0000000..0e530aa
--- /dev/null
+++ b/Ch01/info-col.php
@@ -0,0 +1,4 @@
+<div>
+<h3>This is the information column</h3>
+	<p>Web design by <br>A W West and<br>Steve Prettyman</p>
+</div>
\ No newline at end of file
diff --git a/Ch01/logo.jpg b/Ch01/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch01/logo.jpg differ
diff --git a/Ch01/menu.php b/Ch01/menu.php
new file mode 100644
index 0000000..11f463b
--- /dev/null
+++ b/Ch01/menu.php
@@ -0,0 +1,4 @@
+
+<li><a href="register-page.php">Register</a></li>
+<li><a href="register-view_users-page.php">View Users</a></li>
+<li><a href="register-password.php">New Password</a></li>
diff --git a/Ch01/mysqli_connect.php b/Ch01/mysqli_connect.php
new file mode 100644
index 0000000..8f8d588
--- /dev/null
+++ b/Ch01/mysqli_connect.php
@@ -0,0 +1,13 @@
+<?php
+// Create a connection to the msgboarddb database and to MySQL
+// Set the encoding to utf-8
+// Set the database access details as constants
+DEFINE ('DB_USER', 'horatio'); // or whatever userid you created
+DEFINE ('DB_PASSWORD', 'Hmsv1ct0ry'); // or whatever password you created
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'simpledb');
+
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
\ No newline at end of file
diff --git a/Ch01/nav.html b/Ch01/nav.html
new file mode 100644
index 0000000..b1a3d6f
--- /dev/null
+++ b/Ch01/nav.html
@@ -0,0 +1,52 @@
+<!doctyp html>
+<html>
+    <head>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
+
+<!-- Optional theme -->
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">
+
+<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
+    </head>
+    <body>
+
+        <header>
+                <nav class="navbar navbar-inverse" role="navigation">
+                    <div class="container">
+
+                        <!-- Mobile Menu-->
+                        <div class="navbar-header">                            
+                            <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#collapse" aria-expanded="false" aria-controls="collapse">
+                                <span class="sr-only">Toggle navigation</span>
+                                <span class="icon-bar"></span>
+                                <span class="icon-bar"></span>
+                                <span class="icon-bar"></span>
+                            </button>
+
+                            <a class="navbar-brand" ><span class="subhead"></span>THIS IS THE HEADER</a>
+                        </div>                   
+                            <!-- Laptop/PC Menu -->
+                            <div id="collapse" class="collapse navbar-collapse">
+                                <ul class="nav navbar-nav navbar-left">
+								<?php
+									include("menu.php");
+								?>							
+                                </ul>
+                            </div>
+                    </div>
+                </nav>
+
+        </header>
+
+
+        <section>
+            <h3>Project 1 incomplete</h3>
+            <p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.</p>
+            <p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.</p>
+        </section>
+
+    </body>
+
+
+</html>
\ No newline at end of file
diff --git a/Ch01/nav.php b/Ch01/nav.php
new file mode 100644
index 0000000..f0932a6
--- /dev/null
+++ b/Ch01/nav.php
@@ -0,0 +1,15 @@
+    <li class="nav-item">
+          <a class="nav-link active" href="#">Home</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-2.php">Page 2</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-3.php">Page 3</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-4.php">Page 4</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-5.php">Page 5</a>
+        </li>
\ No newline at end of file
diff --git a/Ch01/nav.txt b/Ch01/nav.txt
new file mode 100644
index 0000000..5be2e9f
--- /dev/null
+++ b/Ch01/nav.txt
@@ -0,0 +1,53 @@
+<!doctyp html>
+<html>
+    <head>
+        <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">        
+        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
+      <style type="text/css">
+body { padding-top:0px; }
+</style>
+
+
+    </head>
+    <body>
+
+        <header>
+                <nav class="navbar navbar-inverse" role="navigation">
+                    <div class="container">
+
+                        <!-- The button that shows when the width is too short -->
+                        <div class="navbar-header">                            
+                            <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#collapse" aria-expanded="false" aria-controls="collapse">
+                                <span class="sr-only">Toggle navigation</span>
+                                <span class="icon-bar"></span>
+                                <span class="icon-bar"></span>
+                                <span class="icon-bar"></span>
+                            </button>
+
+                            <a class="navbar-brand" ><span class="subhead"></span>Project 1</a>
+                        </div>                   
+                            <!-- The navigation menu. It collapses when the width is too short -->
+                            <div id="collapse" class="collapse navbar-collapse">
+                                <ul class="nav navbar-nav navbar-right">
+                                    <li><a href="#browse">browse</a></li>
+                                    <li><a href="#why">why</a></li>
+                                    <li><a href="#about">about</a></li>                                    
+                                </ul>
+                            </div>
+                    </div>
+                </nav>
+
+        </header>
+
+
+        <section>
+            <h3>Project 1 incomplete</h3>
+            <p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.</p>
+            <p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.</p>
+        </section>
+
+    </body>
+
+
+</html>
\ No newline at end of file
diff --git a/Ch01/password-thanks.php b/Ch01/password-thanks.php
new file mode 100644
index 0000000..3f516ea
--- /dev/null
+++ b/Ch01/password-thanks.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Password Change Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center">
+	<h2>Thank you for changing your password</h2>
+On the Home Page, you will now be able to login with your new password.
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch01/process-change-password.php b/Ch01/process-change-password.php
new file mode 100644
index 0000000..f40f461
--- /dev/null
+++ b/Ch01/process-change-password.php
@@ -0,0 +1,110 @@
+
+<?php
+// This script is a query that UPDATES the password in the users table.
+// Check that form has been submitted:       
+    require ('mysqli_connect.php'); // Connect to the db. 
+	$errors = array(); // Initialize an error array. 
+	// Set hidden variable to format any of the echos below
+	// Check for an email address:
+	$email = trim($_POST['email']);
+	if (empty($email)) {
+		$errors[] = 'You forgot to enter your email address.';
+	}
+	// Check for a password and match against the confirmed password:
+	$password = trim($_POST['password']);
+	if (empty($password)) {
+		$errors[] = 'You forgot to enter your old password.';
+		} 
+    // Prepeare and check new password
+    $new_password = trim($_POST['password1']);
+	$verify_password = trim($_POST['password2']);
+	if (!empty($new_password)) {
+        if (($new_password != $verify_password) ||
+			( $password == $new_password ))
+		{
+            $errors[] = 'Your new password did not match the confirmed password and/or ';
+			$errors[] = 'Your old password is the same as your new password.';
+		}
+	} else {
+			$errors[] = 'You did not enter a new password.';
+    }
+	if (empty($errors)) { // If everything's OK.              
+try {
+	 // Check that the user has entered the right email address/password combination:
+    $query = "SELECT userid, password FROM users WHERE ( email=? )";
+	$q = mysqli_stmt_init($dbcon);                                 
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 's', $email);
+     // execute query
+    mysqli_stmt_execute($q);
+
+	$result = mysqli_stmt_get_result($q);
+    $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+    if ((mysqli_num_rows($result) == 1)
+          && (password_verify($password, $row['password'])))
+		{	// Found one record		
+	    // Change the password in the database...
+	    // Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($new_password, PASSWORD_DEFAULT);            
+		// Make the query:                                               
+       $query = "UPDATE users SET password=? WHERE email=?";
+	   $q = mysqli_stmt_init($dbcon);                                 
+       mysqli_stmt_prepare($q, $query);
+       // use prepared statement to insure that only text is inserted
+       // bind fields to SQL Statement
+       mysqli_stmt_bind_param($q, 'ss', $hashed_passcode, $email);
+       // execute query
+       mysqli_stmt_execute($q);
+       if (mysqli_stmt_affected_rows($q) == 1) {	// one row updated
+           // Echo a message
+          header ("location: password-thanks.php"); 
+		  exit();   
+		} else { // If it did not run OK.
+		// Public message:
+			$errorstring = "System Error! <br /> You could not change password due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";	
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+			// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		    exit();
+		 }
+    } else { // Invalid email address/password combination.
+		$errorstring = 'Error! <br /> ';
+        $errorstring .= 'The email address and/or password do not match those on file.';
+	    $errorstring .= " Please try again.";
+		echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";
+} }	
+   catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+	} else { // Report the errors.                                            
+		//header ("location: register-page.php"); 
+		$errorstring = "Error! The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
+
+
+
+
+
+
+
diff --git a/Ch01/process-register-page.php b/Ch01/process-register-page.php
new file mode 100644
index 0000000..1108103
--- /dev/null
+++ b/Ch01/process-register-page.php
@@ -0,0 +1,85 @@
+
+<?php
+// This script is a query that INSERTs a record in the users table.
+// Check that form has been submitted:
+	$errors = array(); // Initialize an error array. #2
+	// Check for a first name:                        #3
+		$first_name = trim($_POST['first_name']);
+	if (empty($first_name)) {
+		$errors[] = 'You forgot to enter your first name.';
+	}
+	// Check for a last name:
+		$last_name = trim($_POST['last_name']);
+	if (empty($last_name)) {
+		$errors[] = 'You forgot to enter your last name.';
+	}
+	// Check for an email address:
+		$email = trim($_POST['email']);
+	if (empty($email)) {
+		$errors[] = 'You forgot to enter your email address.';
+	}
+	// Check for a password and match against the confirmed password:
+			$password1 = trim($_POST['password1']);
+			$password2 = trim($_POST['password2']);
+	if (!empty($password1)) {
+		if ($password1 !== $password2) { //#4
+			$errors[] = 'Your two password did not match.';
+		} 
+	} else {
+		$errors[] = 'You forgot to enter your password.';
+	}
+	if (empty($errors)) { // If everything's OK.              #5
+try {
+	// Register the user in the database...
+	// Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($password1, PASSWORD_DEFAULT); //#6
+		require ('mysqli_connect.php'); // Connect to the db.            #7
+		// Make the query:                                               #8
+		$query = "INSERT INTO users ( first_name, last_name, email, password, registration_date) ";
+		$query .="VALUES( ?, ?, ?, ?, NOW() )";		               // #9
+        $q = mysqli_stmt_init($dbcon);                                 // #10
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
+     // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {	// One record inserted	#11				
+		header ("location: register-thanks.php"); 
+		exit();
+		} else { // If it did not run OK.
+		// Public message:
+		    $errorstring = "<p class='text-center col-sm-8' style='color:red'>";
+			$errorstring .= "System Error<br />You could not be registered due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+			// Debugging message below do not use in production
+			echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+		    mysqli_close($dbcon); // Close the database connection.
+		// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">';
+            include("footer.php"); 
+            echo '</footer>';
+		exit();
+		}
+	}									
+   catch(Exception $e) // We finally handle any problems here                #12
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+	} else { // Report the errors.                                            #13
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
\ No newline at end of file
diff --git a/Ch01/register-page.php b/Ch01/register-page.php
new file mode 100644
index 0000000..8c9002a
--- /dev/null
+++ b/Ch01/register-page.php
@@ -0,0 +1,109 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<form action="register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+	include("footer.php");
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+	include("footer.php");
+ }
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch01/register-thanks.php b/Ch01/register-thanks.php
new file mode 100644
index 0000000..4a01df2
--- /dev/null
+++ b/Ch01/register-thanks.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center">
+	<h2>Thank you for registering</h2>
+On the Home Page, you will now be able to login and add new quotes to the message board.
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch01/register-view-users.php b/Ch01/register-view-users.php
new file mode 100644
index 0000000..55fcc35
--- /dev/null
+++ b/Ch01/register-view-users.php
@@ -0,0 +1,86 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch01/simpledb.sql b/Ch01/simpledb.sql
new file mode 100644
index 0000000..6e6c6a5
--- /dev/null
+++ b/Ch01/simpledb.sql
@@ -0,0 +1,74 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 06:37 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `simpledb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(60) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `first_name`, `last_name`, `email`, `password`, `registration_date`) VALUES
+(1, 'Steve', 'Johnson', 'sjohnson@sjohnson.com', '$2y$10$lEmRKPYfu/Nb6ECtbmp7YOuIZeZDYuCnZKRmEBnQ6nRHDKJHdEgMK', '2018-04-26 15:11:58'),
+(2, 'Mike', 'Rosolt', 'mrosolf@someplace.com', '$2y$10$9lXam45bwNHu4/zbu5FdXuW243F1R0GkQBDJr/juvV8wYr6lMZbau', '2018-04-28 15:15:32'),
+(3, 'Tweedle', 'Dee-Deest', 'tdeedeest@themail.com', '$2y$10$.ewnSKbbeP6lSI4UF0BasOTnDyLzBH8mwcDM3wEM1hzoJAXYz2doK', '2018-04-28 15:17:29'),
+(4, 'Annie', 'Versary', 'aversary@outcook.com', '$2y$10$5yz6IiFq/uZR4VdacjVRbOWTIA5tZCSLZ975mGZCoas3UHMMojN46', '2018-04-28 15:18:17'),
+(5, 'Charley', 'Farnsbarns', 'cfransnarns@outcook.com', '$2y$10$WFX630.YbR5WQcYNBnMMueIbjIbo5.C6aDkUKVUfXBC1oNrqasmWa', '2018-04-28 15:19:50');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=9;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch01/template.php b/Ch01/template.php
new file mode 100644
index 0000000..efdbacb
--- /dev/null
+++ b/Ch01/template.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-for-template.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch01/verify.js b/Ch01/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch01/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch02/simpledb/change-password.php b/Ch02/simpledb/change-password.php
new file mode 100644
index 0000000..1719254
--- /dev/null
+++ b/Ch02/simpledb/change-password.php
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch02/simpledb/footer.php b/Ch02/simpledb/footer.php
new file mode 100644
index 0000000..4ccb7e8
--- /dev/null
+++ b/Ch02/simpledb/footer.php
@@ -0,0 +1,5 @@
+<p class="h6 col-sm-12">Copyright &copy; Adrian West & Steve Prettyman 2018  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch02/simpledb/header-for-template.php b/Ch02/simpledb/header-for-template.php
new file mode 100644
index 0000000..0a925b3
--- /dev/null
+++ b/Ch02/simpledb/header-for-template.php
@@ -0,0 +1,7 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="font-bold">This is the header</h1>
+</div>
+    
\ No newline at end of file
diff --git a/Ch02/simpledb/header.php b/Ch02/simpledb/header.php
new file mode 100644
index 0000000..167eeb2
--- /dev/null
+++ b/Ch02/simpledb/header.php
@@ -0,0 +1,13 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'" >Register</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-view-users.php'"> View Users</button>
+<button type="button" class="btn btn-secondary" onclick="location.href = 'change-password.php'" >New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch02/simpledb/index.php b/Ch02/simpledb/index.php
new file mode 100644
index 0000000..e577826
--- /dev/null
+++ b/Ch02/simpledb/index.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch02/simpledb/info-col.php b/Ch02/simpledb/info-col.php
new file mode 100644
index 0000000..0e530aa
--- /dev/null
+++ b/Ch02/simpledb/info-col.php
@@ -0,0 +1,4 @@
+<div>
+<h3>This is the information column</h3>
+	<p>Web design by <br>A W West and<br>Steve Prettyman</p>
+</div>
\ No newline at end of file
diff --git a/Ch02/simpledb/logo.jpg b/Ch02/simpledb/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch02/simpledb/logo.jpg differ
diff --git a/Ch02/simpledb/menu.php b/Ch02/simpledb/menu.php
new file mode 100644
index 0000000..11f463b
--- /dev/null
+++ b/Ch02/simpledb/menu.php
@@ -0,0 +1,4 @@
+
+<li><a href="register-page.php">Register</a></li>
+<li><a href="register-view_users-page.php">View Users</a></li>
+<li><a href="register-password.php">New Password</a></li>
diff --git a/Ch02/simpledb/mysqli_connect.php b/Ch02/simpledb/mysqli_connect.php
new file mode 100644
index 0000000..8f8d588
--- /dev/null
+++ b/Ch02/simpledb/mysqli_connect.php
@@ -0,0 +1,13 @@
+<?php
+// Create a connection to the msgboarddb database and to MySQL
+// Set the encoding to utf-8
+// Set the database access details as constants
+DEFINE ('DB_USER', 'horatio'); // or whatever userid you created
+DEFINE ('DB_PASSWORD', 'Hmsv1ct0ry'); // or whatever password you created
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'simpledb');
+
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
\ No newline at end of file
diff --git a/Ch02/simpledb/nav.html b/Ch02/simpledb/nav.html
new file mode 100644
index 0000000..b1a3d6f
--- /dev/null
+++ b/Ch02/simpledb/nav.html
@@ -0,0 +1,52 @@
+<!doctyp html>
+<html>
+    <head>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
+
+<!-- Optional theme -->
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">
+
+<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
+    </head>
+    <body>
+
+        <header>
+                <nav class="navbar navbar-inverse" role="navigation">
+                    <div class="container">
+
+                        <!-- Mobile Menu-->
+                        <div class="navbar-header">                            
+                            <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#collapse" aria-expanded="false" aria-controls="collapse">
+                                <span class="sr-only">Toggle navigation</span>
+                                <span class="icon-bar"></span>
+                                <span class="icon-bar"></span>
+                                <span class="icon-bar"></span>
+                            </button>
+
+                            <a class="navbar-brand" ><span class="subhead"></span>THIS IS THE HEADER</a>
+                        </div>                   
+                            <!-- Laptop/PC Menu -->
+                            <div id="collapse" class="collapse navbar-collapse">
+                                <ul class="nav navbar-nav navbar-left">
+								<?php
+									include("menu.php");
+								?>							
+                                </ul>
+                            </div>
+                    </div>
+                </nav>
+
+        </header>
+
+
+        <section>
+            <h3>Project 1 incomplete</h3>
+            <p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.</p>
+            <p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.</p>
+        </section>
+
+    </body>
+
+
+</html>
\ No newline at end of file
diff --git a/Ch02/simpledb/nav.php b/Ch02/simpledb/nav.php
new file mode 100644
index 0000000..f0932a6
--- /dev/null
+++ b/Ch02/simpledb/nav.php
@@ -0,0 +1,15 @@
+    <li class="nav-item">
+          <a class="nav-link active" href="#">Home</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-2.php">Page 2</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-3.php">Page 3</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-4.php">Page 4</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-5.php">Page 5</a>
+        </li>
\ No newline at end of file
diff --git a/Ch02/simpledb/nav.txt b/Ch02/simpledb/nav.txt
new file mode 100644
index 0000000..5be2e9f
--- /dev/null
+++ b/Ch02/simpledb/nav.txt
@@ -0,0 +1,53 @@
+<!doctyp html>
+<html>
+    <head>
+        <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">        
+        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
+      <style type="text/css">
+body { padding-top:0px; }
+</style>
+
+
+    </head>
+    <body>
+
+        <header>
+                <nav class="navbar navbar-inverse" role="navigation">
+                    <div class="container">
+
+                        <!-- The button that shows when the width is too short -->
+                        <div class="navbar-header">                            
+                            <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#collapse" aria-expanded="false" aria-controls="collapse">
+                                <span class="sr-only">Toggle navigation</span>
+                                <span class="icon-bar"></span>
+                                <span class="icon-bar"></span>
+                                <span class="icon-bar"></span>
+                            </button>
+
+                            <a class="navbar-brand" ><span class="subhead"></span>Project 1</a>
+                        </div>                   
+                            <!-- The navigation menu. It collapses when the width is too short -->
+                            <div id="collapse" class="collapse navbar-collapse">
+                                <ul class="nav navbar-nav navbar-right">
+                                    <li><a href="#browse">browse</a></li>
+                                    <li><a href="#why">why</a></li>
+                                    <li><a href="#about">about</a></li>                                    
+                                </ul>
+                            </div>
+                    </div>
+                </nav>
+
+        </header>
+
+
+        <section>
+            <h3>Project 1 incomplete</h3>
+            <p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.</p>
+            <p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.</p>
+        </section>
+
+    </body>
+
+
+</html>
\ No newline at end of file
diff --git a/Ch02/simpledb/password-thanks.php b/Ch02/simpledb/password-thanks.php
new file mode 100644
index 0000000..3f516ea
--- /dev/null
+++ b/Ch02/simpledb/password-thanks.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Password Change Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center">
+	<h2>Thank you for changing your password</h2>
+On the Home Page, you will now be able to login with your new password.
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch02/simpledb/process-change-password.php b/Ch02/simpledb/process-change-password.php
new file mode 100644
index 0000000..f40f461
--- /dev/null
+++ b/Ch02/simpledb/process-change-password.php
@@ -0,0 +1,110 @@
+
+<?php
+// This script is a query that UPDATES the password in the users table.
+// Check that form has been submitted:       
+    require ('mysqli_connect.php'); // Connect to the db. 
+	$errors = array(); // Initialize an error array. 
+	// Set hidden variable to format any of the echos below
+	// Check for an email address:
+	$email = trim($_POST['email']);
+	if (empty($email)) {
+		$errors[] = 'You forgot to enter your email address.';
+	}
+	// Check for a password and match against the confirmed password:
+	$password = trim($_POST['password']);
+	if (empty($password)) {
+		$errors[] = 'You forgot to enter your old password.';
+		} 
+    // Prepeare and check new password
+    $new_password = trim($_POST['password1']);
+	$verify_password = trim($_POST['password2']);
+	if (!empty($new_password)) {
+        if (($new_password != $verify_password) ||
+			( $password == $new_password ))
+		{
+            $errors[] = 'Your new password did not match the confirmed password and/or ';
+			$errors[] = 'Your old password is the same as your new password.';
+		}
+	} else {
+			$errors[] = 'You did not enter a new password.';
+    }
+	if (empty($errors)) { // If everything's OK.              
+try {
+	 // Check that the user has entered the right email address/password combination:
+    $query = "SELECT userid, password FROM users WHERE ( email=? )";
+	$q = mysqli_stmt_init($dbcon);                                 
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 's', $email);
+     // execute query
+    mysqli_stmt_execute($q);
+
+	$result = mysqli_stmt_get_result($q);
+    $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+    if ((mysqli_num_rows($result) == 1)
+          && (password_verify($password, $row['password'])))
+		{	// Found one record		
+	    // Change the password in the database...
+	    // Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($new_password, PASSWORD_DEFAULT);            
+		// Make the query:                                               
+       $query = "UPDATE users SET password=? WHERE email=?";
+	   $q = mysqli_stmt_init($dbcon);                                 
+       mysqli_stmt_prepare($q, $query);
+       // use prepared statement to insure that only text is inserted
+       // bind fields to SQL Statement
+       mysqli_stmt_bind_param($q, 'ss', $hashed_passcode, $email);
+       // execute query
+       mysqli_stmt_execute($q);
+       if (mysqli_stmt_affected_rows($q) == 1) {	// one row updated
+           // Echo a message
+          header ("location: password-thanks.php"); 
+		  exit();   
+		} else { // If it did not run OK.
+		// Public message:
+			$errorstring = "System Error! <br /> You could not change password due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";	
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+			// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		    exit();
+		 }
+    } else { // Invalid email address/password combination.
+		$errorstring = 'Error! <br /> ';
+        $errorstring .= 'The email address and/or password do not match those on file.';
+	    $errorstring .= " Please try again.";
+		echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";
+} }	
+   catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+	} else { // Report the errors.                                            
+		//header ("location: register-page.php"); 
+		$errorstring = "Error! The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
+
+
+
+
+
+
+
diff --git a/Ch02/simpledb/process-register-page.php b/Ch02/simpledb/process-register-page.php
new file mode 100644
index 0000000..1108103
--- /dev/null
+++ b/Ch02/simpledb/process-register-page.php
@@ -0,0 +1,85 @@
+
+<?php
+// This script is a query that INSERTs a record in the users table.
+// Check that form has been submitted:
+	$errors = array(); // Initialize an error array. #2
+	// Check for a first name:                        #3
+		$first_name = trim($_POST['first_name']);
+	if (empty($first_name)) {
+		$errors[] = 'You forgot to enter your first name.';
+	}
+	// Check for a last name:
+		$last_name = trim($_POST['last_name']);
+	if (empty($last_name)) {
+		$errors[] = 'You forgot to enter your last name.';
+	}
+	// Check for an email address:
+		$email = trim($_POST['email']);
+	if (empty($email)) {
+		$errors[] = 'You forgot to enter your email address.';
+	}
+	// Check for a password and match against the confirmed password:
+			$password1 = trim($_POST['password1']);
+			$password2 = trim($_POST['password2']);
+	if (!empty($password1)) {
+		if ($password1 !== $password2) { //#4
+			$errors[] = 'Your two password did not match.';
+		} 
+	} else {
+		$errors[] = 'You forgot to enter your password.';
+	}
+	if (empty($errors)) { // If everything's OK.              #5
+try {
+	// Register the user in the database...
+	// Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($password1, PASSWORD_DEFAULT); //#6
+		require ('mysqli_connect.php'); // Connect to the db.            #7
+		// Make the query:                                               #8
+		$query = "INSERT INTO users ( first_name, last_name, email, password, registration_date) ";
+		$query .="VALUES( ?, ?, ?, ?, NOW() )";		               // #9
+        $q = mysqli_stmt_init($dbcon);                                 // #10
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
+     // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {	// One record inserted	#11				
+		header ("location: register-thanks.php"); 
+		exit();
+		} else { // If it did not run OK.
+		// Public message:
+		    $errorstring = "<p class='text-center col-sm-8' style='color:red'>";
+			$errorstring .= "System Error<br />You could not be registered due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+			// Debugging message below do not use in production
+			echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+		    mysqli_close($dbcon); // Close the database connection.
+		// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">';
+            include("footer.php"); 
+            echo '</footer>';
+		exit();
+		}
+	}									
+   catch(Exception $e) // We finally handle any problems here                #12
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+	} else { // Report the errors.                                            #13
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
\ No newline at end of file
diff --git a/Ch02/simpledb/register-page.php b/Ch02/simpledb/register-page.php
new file mode 100644
index 0000000..8c9002a
--- /dev/null
+++ b/Ch02/simpledb/register-page.php
@@ -0,0 +1,109 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<form action="register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+	include("footer.php");
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+	include("footer.php");
+ }
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch02/simpledb/register-thanks.php b/Ch02/simpledb/register-thanks.php
new file mode 100644
index 0000000..4a01df2
--- /dev/null
+++ b/Ch02/simpledb/register-thanks.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center">
+	<h2>Thank you for registering</h2>
+On the Home Page, you will now be able to login and add new quotes to the message board.
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch02/simpledb/register-view-users.php b/Ch02/simpledb/register-view-users.php
new file mode 100644
index 0000000..55fcc35
--- /dev/null
+++ b/Ch02/simpledb/register-view-users.php
@@ -0,0 +1,86 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch02/simpledb/simpledb.sql b/Ch02/simpledb/simpledb.sql
new file mode 100644
index 0000000..6e6c6a5
--- /dev/null
+++ b/Ch02/simpledb/simpledb.sql
@@ -0,0 +1,74 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 06:37 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `simpledb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(60) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `first_name`, `last_name`, `email`, `password`, `registration_date`) VALUES
+(1, 'Steve', 'Johnson', 'sjohnson@sjohnson.com', '$2y$10$lEmRKPYfu/Nb6ECtbmp7YOuIZeZDYuCnZKRmEBnQ6nRHDKJHdEgMK', '2018-04-26 15:11:58'),
+(2, 'Mike', 'Rosolt', 'mrosolf@someplace.com', '$2y$10$9lXam45bwNHu4/zbu5FdXuW243F1R0GkQBDJr/juvV8wYr6lMZbau', '2018-04-28 15:15:32'),
+(3, 'Tweedle', 'Dee-Deest', 'tdeedeest@themail.com', '$2y$10$.ewnSKbbeP6lSI4UF0BasOTnDyLzBH8mwcDM3wEM1hzoJAXYz2doK', '2018-04-28 15:17:29'),
+(4, 'Annie', 'Versary', 'aversary@outcook.com', '$2y$10$5yz6IiFq/uZR4VdacjVRbOWTIA5tZCSLZ975mGZCoas3UHMMojN46', '2018-04-28 15:18:17'),
+(5, 'Charley', 'Farnsbarns', 'cfransnarns@outcook.com', '$2y$10$WFX630.YbR5WQcYNBnMMueIbjIbo5.C6aDkUKVUfXBC1oNrqasmWa', '2018-04-28 15:19:50');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=9;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch02/simpledb/template.php b/Ch02/simpledb/template.php
new file mode 100644
index 0000000..efdbacb
--- /dev/null
+++ b/Ch02/simpledb/template.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-for-template.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch02/simpledb/verify.js b/Ch02/simpledb/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch02/simpledb/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch03/login/admin-page.php b/Ch03/login/admin-page.php
new file mode 100644
index 0000000..e4ccc1d
--- /dev/null
+++ b/Ch03/login/admin-page.php
@@ -0,0 +1,57 @@
+<?php                                                                                     
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Administration Page</h2>
+<h3>You have permission to:</h3>
+<p>&#9632;Edit and Delete a record</p>
+<p>&#9632;Use the View Members button to page through all the members</p>
+<p>&#9632;Use the Search button to locate a particular member</p>
+<p>&#9632;Use the New Password button to change your password. 
+</p>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/admin-view-users.php b/Ch03/login/admin-view-users.php
new file mode 100644
index 0000000..0da160c
--- /dev/null
+++ b/Ch03/login/admin-view-users.php
@@ -0,0 +1,93 @@
+ <?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/admin_view_users.php b/Ch03/login/admin_view_users.php
new file mode 100644
index 0000000..0da160c
--- /dev/null
+++ b/Ch03/login/admin_view_users.php
@@ -0,0 +1,93 @@
+ <?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/change-password.php b/Ch03/login/change-password.php
new file mode 100644
index 0000000..0e6f68c
--- /dev/null
+++ b/Ch03/login/change-password.php
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/footer.php b/Ch03/login/footer.php
new file mode 100644
index 0000000..4ccb7e8
--- /dev/null
+++ b/Ch03/login/footer.php
@@ -0,0 +1,5 @@
+<p class="h6 col-sm-12">Copyright &copy; Adrian West & Steve Prettyman 2018  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch03/login/header-admin.php b/Ch03/login/header-admin.php
new file mode 100644
index 0000000..2a2ab7d
--- /dev/null
+++ b/Ch03/login/header-admin.php
@@ -0,0 +1,18 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'admin_view_users.php'">View Members</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = '#'">Search</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = '#'">Address</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'change-password.php'">New Password</button>
+</div>
+    </nav>
+	
+	
+	
diff --git a/Ch03/login/header-members.php b/Ch03/login/header-members.php
new file mode 100644
index 0000000..3bf6406
--- /dev/null
+++ b/Ch03/login/header-members.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch03/login/header-thanks.php b/Ch03/login/header-thanks.php
new file mode 100644
index 0000000..b3587a4
--- /dev/null
+++ b/Ch03/login/header-thanks.php
@@ -0,0 +1,10 @@
+<div id="header">
+<h1>This is the header</h1>
+<div id="reg-navigation">
+	<p>&nbsp;</p>
+	<ul>
+		<li><a href="index.php">Cancel</a></li>
+	</ul>
+</div>
+</div>
+
diff --git a/Ch03/login/header.php b/Ch03/login/header.php
new file mode 100644
index 0000000..92bb26a
--- /dev/null
+++ b/Ch03/login/header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Login</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'">Register</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch03/login/images/polo.png b/Ch03/login/images/polo.png
new file mode 100644
index 0000000..bca2bd2
Binary files /dev/null and b/Ch03/login/images/polo.png differ
diff --git a/Ch03/login/index.php b/Ch03/login/index.php
new file mode 100644
index 0000000..e577826
--- /dev/null
+++ b/Ch03/login/index.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/info-col.php b/Ch03/login/info-col.php
new file mode 100644
index 0000000..1c1ae88
--- /dev/null
+++ b/Ch03/login/info-col.php
@@ -0,0 +1,3 @@
+<h3>This is the information column</h3>
+<p>Information area</p>
+
diff --git a/Ch03/login/login-header.php b/Ch03/login/login-header.php
new file mode 100644
index 0000000..9602ddc
--- /dev/null
+++ b/Ch03/login/login-header.php
@@ -0,0 +1,13 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'">Register</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch03/login/login.php b/Ch03/login/login.php
new file mode 100644
index 0000000..491873e
--- /dev/null
+++ b/Ch03/login/login.php
@@ -0,0 +1,83 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('login-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-login.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Login</h2>
+<form action="login.php" method="post" name="loginform" id="loginform">
+  <div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">Email Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="Email" maxlength="30" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" maxlength="40" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+	  <span>&nbsp;Between 8 and 12 characters.</span></p>
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Login">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/login_page.inc.php b/Ch03/login/login_page.inc.php
new file mode 100644
index 0000000..9ee78ca
--- /dev/null
+++ b/Ch03/login/login_page.inc.php
@@ -0,0 +1,14 @@
+<h2>Login</h2>
+<form action="login.php" method="post">
+<p><label class="label" for="email">Email Address:</label>
+<input id="email" type="text" name="email" size="30" maxlength="60"
+value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" 
+required> </p>
+<!--<br>-->
+<p><label class="label" for="psword">Password:</label>
+<input id="psword" type="password" name="psword" size="12" minlength="8"� maxlength="12"
+value="<?php if (isset($_POST['psword'])) echo $_POST['psword']; ?>" 
+required>
+<span>&nbsp;Between 8 and 12 characters.</span></p>
+<!--<p>&nbsp;</p>--><p><input id="submit" type="submit" name="submit" value="Login"></p>
+</form><br>
diff --git a/Ch03/login/logindb.sql b/Ch03/login/logindb.sql
new file mode 100644
index 0000000..c3466dc
--- /dev/null
+++ b/Ch03/login/logindb.sql
@@ -0,0 +1,78 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: May 17, 2018 at 11:58 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `logindb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(60) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `user_level` tinyint(1) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `user_level`) VALUES
+(20, 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$VWtLxXTE1ohO1pQJ87tnGeBB1MNfkQ3V87/HIGdanmKhqflRIQEH2', '2018-05-17 17:33:49', 0),
+(21, 'Olive', 'Branch', 'obranch@myisp.com.uk', '$2y$10$aAdvrMiVcEFqRn9ISLoy6uEwS.FesiTQZ.IdsHGc/xSi2x.wkuaZ2', '2018-05-17 17:35:21', 0),
+(22, 'Frank', 'Insence', 'finsence@myisp.net', '$2y$10$0WbSaI3w.9KjkE28L7ZeN.jEPKvsPLIwRg01M6XkRtWvZkOWaT3R6', '2018-05-17 17:36:46', 0),
+(23, 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$HpUHsg0yoIy08d4./p/tM.ZLOnZ3RLGTb7YjqMEuzwb2yBpEguB9O', '2018-05-17 17:37:47', 0),
+(24, 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$Gh0nTJPXxUkZAKCkOeVC8O8jv3rJ6ZLXrEJ8szvgqDgBxb1F8uVSa', '2018-05-17 17:54:39', 0),
+(25, 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$cASUiiV3w3cKWoaxH0tfmeV7IwXy2fUNJT6lQIdBbUZePmtPY/Wo2', '2018-05-17 17:55:38', 0),
+(26, 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$pp/Gv2tvaTUlfPKVRb/tSu/25N7mhvj7h2ybRANEvS.I2xg/99wM6', '2018-05-17 17:57:11', 0),
+(27, 'Jack', 'Smith', 'jsmith@outcook.com', '$2y$10$GXDlk.GkgdWmPRTUDCb.F.kqD.8dwkH93s0p/g1f0fnK27Z849Ry2', '2018-05-17 17:58:14', 1);
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=28;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch03/login/logo.jpg b/Ch03/login/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch03/login/logo.jpg differ
diff --git a/Ch03/login/logout.php b/Ch03/login/logout.php
new file mode 100644
index 0000000..d8abea1
--- /dev/null
+++ b/Ch03/login/logout.php
@@ -0,0 +1,18 @@
+<?php
+session_start();//access the current session.                  
+// if no session variable exists then redirect the user
+if (!isset($_SESSION['user_id'])) {        
+header("location:index.php");
+exit();
+//cancel the session and redirect the user:
+}else{ //cancel the session
+    $_SESSION = array(); // Destroy the variables
+	$params = session_get_cookie_params();
+	// Destroy the cookie
+	setcookie(session_name(), '', time()-42000,
+	$params["path"], $params["domain"],
+	$params["secure"], $params["httponly"]);
+if (session_status() == PHP_SESSION_ACTIVE) { 
+session_destroy(); } // Destroy the session itself
+header("location:index.php");
+	}
diff --git a/Ch03/login/members-header.php b/Ch03/login/members-header.php
new file mode 100644
index 0000000..de443b4
--- /dev/null
+++ b/Ch03/login/members-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'change-password.php'" >New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch03/login/members-page.php b/Ch03/login/members-page.php
new file mode 100644
index 0000000..e6252d1
--- /dev/null
+++ b/Ch03/login/members-page.php
@@ -0,0 +1,61 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 0))
+{ header("Location: login.php");
+  exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-members.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Member's Page</h2>
+<p>The members page content. The members page content. The members page content. 
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+</p>
+<p class="h3 text-center">Special offers to members only.</p>
+    <p class="text-center"><strong>T-Shirts 10.00</strong></p>
+<img class="mx-auto d-block" src="images/polo.png" alt="Polo Shirt"> 
+<br>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
+
diff --git a/Ch03/login/mysqli_connect.php b/Ch03/login/mysqli_connect.php
new file mode 100644
index 0000000..13b2614
--- /dev/null
+++ b/Ch03/login/mysqli_connect.php
@@ -0,0 +1,11 @@
+<?php
+// Create a connection to the logindb database. 
+// Set the encoding and the access details as constants:
+DEFINE ('DB_USER', 'william');
+DEFINE ('DB_PASSWORD', 'Cat0nlap');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'logindb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8'); 
diff --git a/Ch03/login/nav.php b/Ch03/login/nav.php
new file mode 100644
index 0000000..f0932a6
--- /dev/null
+++ b/Ch03/login/nav.php
@@ -0,0 +1,15 @@
+    <li class="nav-item">
+          <a class="nav-link active" href="#">Home</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-2.php">Page 2</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-3.php">Page 3</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-4.php">Page 4</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-5.php">Page 5</a>
+        </li>
\ No newline at end of file
diff --git a/Ch03/login/password-header.php b/Ch03/login/password-header.php
new file mode 100644
index 0000000..e6fc6c8
--- /dev/null
+++ b/Ch03/login/password-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch03/login/process-change-password.php b/Ch03/login/process-change-password.php
new file mode 100644
index 0000000..f40f461
--- /dev/null
+++ b/Ch03/login/process-change-password.php
@@ -0,0 +1,110 @@
+
+<?php
+// This script is a query that UPDATES the password in the users table.
+// Check that form has been submitted:       
+    require ('mysqli_connect.php'); // Connect to the db. 
+	$errors = array(); // Initialize an error array. 
+	// Set hidden variable to format any of the echos below
+	// Check for an email address:
+	$email = trim($_POST['email']);
+	if (empty($email)) {
+		$errors[] = 'You forgot to enter your email address.';
+	}
+	// Check for a password and match against the confirmed password:
+	$password = trim($_POST['password']);
+	if (empty($password)) {
+		$errors[] = 'You forgot to enter your old password.';
+		} 
+    // Prepeare and check new password
+    $new_password = trim($_POST['password1']);
+	$verify_password = trim($_POST['password2']);
+	if (!empty($new_password)) {
+        if (($new_password != $verify_password) ||
+			( $password == $new_password ))
+		{
+            $errors[] = 'Your new password did not match the confirmed password and/or ';
+			$errors[] = 'Your old password is the same as your new password.';
+		}
+	} else {
+			$errors[] = 'You did not enter a new password.';
+    }
+	if (empty($errors)) { // If everything's OK.              
+try {
+	 // Check that the user has entered the right email address/password combination:
+    $query = "SELECT userid, password FROM users WHERE ( email=? )";
+	$q = mysqli_stmt_init($dbcon);                                 
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 's', $email);
+     // execute query
+    mysqli_stmt_execute($q);
+
+	$result = mysqli_stmt_get_result($q);
+    $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+    if ((mysqli_num_rows($result) == 1)
+          && (password_verify($password, $row['password'])))
+		{	// Found one record		
+	    // Change the password in the database...
+	    // Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($new_password, PASSWORD_DEFAULT);            
+		// Make the query:                                               
+       $query = "UPDATE users SET password=? WHERE email=?";
+	   $q = mysqli_stmt_init($dbcon);                                 
+       mysqli_stmt_prepare($q, $query);
+       // use prepared statement to insure that only text is inserted
+       // bind fields to SQL Statement
+       mysqli_stmt_bind_param($q, 'ss', $hashed_passcode, $email);
+       // execute query
+       mysqli_stmt_execute($q);
+       if (mysqli_stmt_affected_rows($q) == 1) {	// one row updated
+           // Echo a message
+          header ("location: password-thanks.php"); 
+		  exit();   
+		} else { // If it did not run OK.
+		// Public message:
+			$errorstring = "System Error! <br /> You could not change password due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";	
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+			// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		    exit();
+		 }
+    } else { // Invalid email address/password combination.
+		$errorstring = 'Error! <br /> ';
+        $errorstring .= 'The email address and/or password do not match those on file.';
+	    $errorstring .= " Please try again.";
+		echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";
+} }	
+   catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+	} else { // Report the errors.                                            
+		//header ("location: register-page.php"); 
+		$errorstring = "Error! The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
+
+
+
+
+
+
+
diff --git a/Ch03/login/process-login.php b/Ch03/login/process-login.php
new file mode 100644
index 0000000..e014b3f
--- /dev/null
+++ b/Ch03/login/process-login.php
@@ -0,0 +1,83 @@
+<?php 
+// This section processes submissions from the login form
+// Check if the form has been submitted:
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    //connect to database
+try {
+    require ('mysqli_connect.php');
+    // Validate the email address
+// Check for an email address:
+	    $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+    // Validate the password
+	    $password = filter_var( $_POST['password'], FILTER_SANITIZE_STRING);	
+	if (empty($password)) {
+		$errors[] = 'You forgot to enter your password.';
+	}
+   if (empty($errors)) { // If everything's OK.         #1
+// Retrieve the user_id, psword, first_name and user_level for that
+// email/password combination
+ $query = "SELECT userid, password, first_name, user_level FROM users WHERE email=?";
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) == 1) {
+//if one database row (record) matches the input:-
+// Start the session, fetch the record and insert the 
+// values in an array 
+if (password_verify($password, $row[1])) {          //#2
+session_start();								
+// Ensure that the user level is an integer. 
+$_SESSION['user_level'] = (int) $row[3];
+// Use a ternary operation to set the URL             #3
+$url = ($_SESSION['user_level'] === 1) ? 'admin-page.php' :
+ 'members-page.php'; 
+header('Location: ' . $url); 
+// Make the browser load either the members or the admin page
+} else { // No password match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} else { // No e-mail match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} 
+if (!empty($errors)) {                     
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (!empty($errors)) IF.
+mysqli_stmt_free_result($q);
+mysqli_stmt_close($q);
+}
+ catch(Exception $e) // We finally handle any problems here   
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+} // no else to allow user to enter values
+?>
\ No newline at end of file
diff --git a/Ch03/login/process-register-page.php b/Ch03/login/process-register-page.php
new file mode 100644
index 0000000..777059b
--- /dev/null
+++ b/Ch03/login/process-register-page.php
@@ -0,0 +1,85 @@
+<?php
+// This script is a query that INSERTs a record in the users table.
+// Check that form has been submitted:
+try {
+	$errors = array(); // Initialize an error array. 
+	// Check for a first name:                        
+        $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+	if (empty($first_name)) {
+		$errors[] = 'You forgot to enter your first name.';
+	}
+	// Check for a last name:
+	    $last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);	
+	if (empty($last_name)) {
+		$errors[] = 'You forgot to enter your last name.';
+	}
+	// Check for an email address:
+	    $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+	// Check for a password and match against the confirmed password:
+			$password1 = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+			$password2 = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);
+	if (!empty($password1)) {
+		if ($password1 !== $password2) { 
+			$errors[] = 'Your two password did not match.';
+		} 
+	} else {
+		$errors[] = 'You forgot to enter your password(s).';
+	}
+	if (empty($errors)) { // If everything's OK.              
+	// Register the user in the database...
+	// Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($password1, PASSWORD_DEFAULT); 
+		require ('mysqli_connect.php'); // Connect to the db.     
+		// Make the query:                                               
+		$query = "INSERT INTO users (userid, first_name, last_name, email, password, registration_date) ";
+		$query .="VALUES(' ', ?, ?, ?, ?, NOW() )";		                
+        $q = mysqli_stmt_init($dbcon);                                  
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
+     // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {	// One record inserted			
+		header ("location: register-thanks.php"); 
+		exit();
+		} else { // If it did not run OK.
+		// Public message:
+		    $errorstring = "<p class='text-center col-sm-8' style='color:red'>";
+			$errorstring .= "System Error<br />You could not be registered due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+		    mysqli_close($dbcon); // Close the database connection.
+		// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		exit();
+		}
+	} else { // Report the errors.                             
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+		}									
+   catch(Exception $e) // We finally handle any problems here   
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
\ No newline at end of file
diff --git a/Ch03/login/register-header.php b/Ch03/login/register-header.php
new file mode 100644
index 0000000..44f145a
--- /dev/null
+++ b/Ch03/login/register-header.php
@@ -0,0 +1,15 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" 
+       aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'register-page.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
diff --git a/Ch03/login/register-page.php b/Ch03/login/register-page.php
new file mode 100644
index 0000000..3d419c7
--- /dev/null
+++ b/Ch03/login/register-page.php
@@ -0,0 +1,108 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('register-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<form action="register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/register-password.php b/Ch03/login/register-password.php
new file mode 100644
index 0000000..0e6f68c
--- /dev/null
+++ b/Ch03/login/register-password.php
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/register-thanks.php b/Ch03/login/register-thanks.php
new file mode 100644
index 0000000..fb520c1
--- /dev/null
+++ b/Ch03/login/register-thanks.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('thanks-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center">
+	<h2>Thank you for registering</h2>
+On the Home Page, you will now be able to login and add new quotes to the message board.
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/register-view-users.php b/Ch03/login/register-view-users.php
new file mode 100644
index 0000000..2859874
--- /dev/null
+++ b/Ch03/login/register-view-users.php
@@ -0,0 +1,93 @@
+ <?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch03/login/thanks-header.php b/Ch03/login/thanks-header.php
new file mode 100644
index 0000000..7a0b906
--- /dev/null
+++ b/Ch03/login/thanks-header.php
@@ -0,0 +1,11 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch03/login/verify.js b/Ch03/login/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch03/login/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/admin-page.php b/Ch04/admintable/admintable/admin-page.php
new file mode 100644
index 0000000..e4ccc1d
--- /dev/null
+++ b/Ch04/admintable/admintable/admin-page.php
@@ -0,0 +1,57 @@
+<?php                                                                                     
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Administration Page</h2>
+<h3>You have permission to:</h3>
+<p>&#9632;Edit and Delete a record</p>
+<p>&#9632;Use the View Members button to page through all the members</p>
+<p>&#9632;Use the Search button to locate a particular member</p>
+<p>&#9632;Use the New Password button to change your password. 
+</p>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/admin-view-users.php b/Ch04/admintable/admintable/admin-view-users.php
new file mode 100644
index 0000000..949a47f
--- /dev/null
+++ b/Ch04/admintable/admintable/admin-view-users.php
@@ -0,0 +1,117 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Users Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query ="SELECT last_name, first_name, email, DATE_FORMAT(registration_date, '%M %d, %Y')"; 
+$query .= " AS regdat, userid FROM users ORDER BY registration_date ASC";	
+// Prepared statement not needed since hardcoded	
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to #5
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                                                                                                                                      #7
+	mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/admin_view_users.php b/Ch04/admintable/admintable/admin_view_users.php
new file mode 100644
index 0000000..912a239
--- /dev/null
+++ b/Ch04/admintable/admintable/admin_view_users.php
@@ -0,0 +1,55 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Users Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+require ("process_admin_view_users.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/admintable.sql b/Ch04/admintable/admintable/admintable.sql
new file mode 100644
index 0000000..40abe2d
--- /dev/null
+++ b/Ch04/admintable/admintable/admintable.sql
@@ -0,0 +1,120 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 06:53 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `admintable`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `prices`
+--
+
+CREATE TABLE `prices` (
+  `oneyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `oneyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyeargb` decimal(6,0) NOT NULL,
+  `fiveyearus` decimal(6,0) NOT NULL,
+  `militarygb` decimal(6,0) NOT NULL,
+  `militaryus` decimal(6,0) NOT NULL,
+  `u21gb` decimal(6,0) NOT NULL,
+  `u21us` decimal(6,0) NOT NULL,
+  `minpricegb` decimal(6,0) NOT NULL,
+  `minpriceus` decimal(6,0) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+
+--
+-- Dumping data for table `prices`
+--
+
+INSERT INTO `prices` (`oneyeargb`, `oneyearus`, `fiveyeargb`, `fiveyearus`, `militarygb`, `militaryus`, `u21gb`, `u21us`, `minpricegb`, `minpriceus`) VALUES
+('30', '40', '125', '140', '5', '8', '2', '3', '15', '20'),
+('30', '40', '125', '140', '5', '8', '2', '3', '15', '20');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `user_level` tinyint(1) UNSIGNED NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `user_level`) VALUES
+(1, 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$fB/cbTyl.l0V3/iOpxdTHelBwoXrtoI0R8rksyMyLz5yZByIZvNgi', '2017-11-28 10:34:46', 0),
+(3, 'Jack', 'Smith', 'jsmith@outcook.com', '$2y$10$pf7khel0dwUCjX1211Pgpue73otgQ94gfviGe5WyH6IUJHcIlww3i', '2017-11-28 10:42:11', 1),
+(4, 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$02usUgNBg9ITWL4b43Qwq.BbCncs4oobO2NVJUjgnTDlaICXFw/TO', '2017-11-28 10:44:12', 0),
+(5, 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$MSzF.LyLKAjcBK29iAyGtu79kKljLgjow4geSX.MubrC9pzLPN566', '2017-11-28 10:45:05', 0),
+(6, 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$sm8haAl94e.LzgD9hhbd1.GbIhFZ3bPNWiHwHfNCQAUlA1n421see', '2017-11-28 10:45:52', 0),
+(34, 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$IO8Gcy7MWk9TzfV2HjVg4Oao46UfusHN.fCnfrl8eIh4EyeDMYl4u', '2018-05-31 15:14:53', 0),
+(35, 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$iro7lP10KjUV76voOlJfGecUU9BmDieBbntc0hRzA7BY3ajy0LUWK', '2018-05-31 15:18:02', 0),
+(36, 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$F6Ft/m92sn6QuPyPn4/hNeGJlqmN/6lDtUCHNL/o5cH7KeAZkoRuG', '2018-05-31 15:19:13', 0),
+(37, 'Percy', 'Veer', 'pveer@myisp.com', '$2y$10$uAAkr6vvQOEEl3yl4aoy6.p5.vR5C8z8xUFr1DAH6bdM6b2.cx6JS', '2018-05-31 17:06:02', 0),
+(38, 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$2KpmjaxVIXrobj.eCfyHHu97dNKy5goAlVnFkuh233.JLz3DB3FLW', '2018-05-31 17:06:57', 0),
+(39, 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$Q5g7vfrMpcgufwnxdCvoe.yTjdo7MfzQy5OGuIHDpNdqmYWj6PL7i', '2018-05-31 17:07:49', 0),
+(40, 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$IT8LaiC8USftBTU5Ni/zauaeYLpwDlDSmtuV.Spwrtl5jkmg.kBgK', '2018-05-31 17:08:39', 0),
+(41, 'Dee', 'Jected', 'djected@myisp.ork.uk', '$2y$10$OFuKWogf2M5YyPW2cuCs5.2IPfDdU5K65gUlww0oOuRHTWlcUstgm', '2018-05-31 17:09:30', 0),
+(42, 'Lynn', 'Steed', 'lseed@myisp.com', '$2y$10$Umfyip63mNyRks4Dzd5or.ul/agTTWtbaiDrXLjtudz7kIH/MfE4C', '2018-05-31 17:10:21', 0),
+(43, 'Barry', 'Tone', 'btone@myisp.net', '$2y$10$5f4cMkdMuOvx7nebpEWJNOvNLyeDbCWE6HRnQmm0x1.frZw2/pmDy', '2018-05-31 17:11:11', 0),
+(44, 'Helen', 'Back', 'hback@myisp.net', '$2y$10$uRQYFnrANSWR7VFu4zUOH.KwwvV/9cEbbQo6KlRakC94SamEC9SO2', '2018-05-31 17:12:02', 0),
+(45, 'Justin', 'Case', 'jcase@myisp.co.uk', '$2y$10$n3/2E6ktCuT2xzSZ6cRhAuLUxe3ZaUdPlmkhDj2egeU7ffjj2FGZS', '2018-05-31 17:12:52', 0),
+(46, 'Jerry', 'Attrik', 'jattrik@myisp.com', '$2y$10$7CibFWAgTBvB5PHanwTvjOJZTc.3/i6YR055q4gxjQ4X834KxHa6G', '2018-05-31 17:13:55', 0),
+(47, 'James', 'Smith', 'jimsmith@myisp.org.uk', '$2y$10$DFVql/p1AkUsNRaajux1zuuR7NEaPdHjT1.Aur5mUt3m/gUZkEUnO', '2018-06-01 14:24:00', 0),
+(48, 'James', 'Smith', 'James.smith@myisp.com', '$2y$10$FNg963aulhjXoWUZZvBhwuD41mAY5he4glifJLZy1aGlsjzu7zkLu', '2018-06-01 14:24:46', 0),
+(49, 'James', 'Smith', 'Jimmy.smith@myisp.co.uk', '$2y$10$641BVhWNl/WbS7LxHaI9Hemou9tGXa4OKwm4yAFHiSllYUpGRF172', '2018-06-01 14:25:38', 0),
+(50, 'James', 'Smith', 'jims@myisp.net', '$2y$10$49UnXz7NG/rJQbH5VmhPzeoBhGJO6HmknCdbqXmYV2/7pbzdBlXBy', '2018-06-01 14:26:32', 0),
+(52, 'Phyllis', 'Tine', 'ptine@myisp.co.uk', '$2y$10$gJO4wgQwGdZ3/CylK7LtbOgOiXJBYOw1KflYI/Tk8ExGAJ7CzwA/O', '2018-06-02 13:13:40', 0);
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=53;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch04/admintable/admintable/change-password.php b/Ch04/admintable/admintable/change-password.php
new file mode 100644
index 0000000..da7b024
--- /dev/null
+++ b/Ch04/admintable/admintable/change-password.php
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Change Password</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/delete_user.php b/Ch04/admintable/admintable/delete_user.php
new file mode 100644
index 0000000..2f43fae
--- /dev/null
+++ b/Ch04/admintable/admintable/delete_user.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Delete Record</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_delete_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/edit_user.php b/Ch04/admintable/admintable/edit_user.php
new file mode 100644
index 0000000..4e58279
--- /dev/null
+++ b/Ch04/admintable/admintable/edit_user.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Edit Record</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_edit_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/footer.php b/Ch04/admintable/admintable/footer.php
new file mode 100644
index 0000000..4ccb7e8
--- /dev/null
+++ b/Ch04/admintable/admintable/footer.php
@@ -0,0 +1,5 @@
+<p class="h6 col-sm-12">Copyright &copy; Adrian West & Steve Prettyman 2018  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/header-admin.php b/Ch04/admintable/admintable/header-admin.php
new file mode 100644
index 0000000..6d014af
--- /dev/null
+++ b/Ch04/admintable/admintable/header-admin.php
@@ -0,0 +1,14 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'admin_view_users.php'">View Members</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'search.php'">Search</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
diff --git a/Ch04/admintable/admintable/header-members.php b/Ch04/admintable/admintable/header-members.php
new file mode 100644
index 0000000..3bf6406
--- /dev/null
+++ b/Ch04/admintable/admintable/header-members.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/header-thanks.php b/Ch04/admintable/admintable/header-thanks.php
new file mode 100644
index 0000000..b0b0b07
--- /dev/null
+++ b/Ch04/admintable/admintable/header-thanks.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Cancel</button>
+</div>
+    </nav>
+
diff --git a/Ch04/admintable/admintable/header.php b/Ch04/admintable/admintable/header.php
new file mode 100644
index 0000000..92bb26a
--- /dev/null
+++ b/Ch04/admintable/admintable/header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Login</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'">Register</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/index.php b/Ch04/admintable/admintable/index.php
new file mode 100644
index 0000000..e577826
--- /dev/null
+++ b/Ch04/admintable/admintable/index.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/info-col.php b/Ch04/admintable/admintable/info-col.php
new file mode 100644
index 0000000..1c1ae88
--- /dev/null
+++ b/Ch04/admintable/admintable/info-col.php
@@ -0,0 +1,3 @@
+<h3>This is the information column</h3>
+<p>Information area</p>
+
diff --git a/Ch04/admintable/admintable/login-header.php b/Ch04/admintable/admintable/login-header.php
new file mode 100644
index 0000000..9602ddc
--- /dev/null
+++ b/Ch04/admintable/admintable/login-header.php
@@ -0,0 +1,13 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'">Register</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/login.php b/Ch04/admintable/admintable/login.php
new file mode 100644
index 0000000..bc3d8b3
--- /dev/null
+++ b/Ch04/admintable/admintable/login.php
@@ -0,0 +1,83 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Login page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('login-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-login.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Login</h2>
+<form action="login.php" method="post" name="loginform" id="loginform">
+  <div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">Email Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="Email" maxlength="30" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" maxlength="40" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+	  <span>&nbsp;Between 8 and 12 characters.</span></p>
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Login">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/logo.jpg b/Ch04/admintable/admintable/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch04/admintable/admintable/logo.jpg differ
diff --git a/Ch04/admintable/admintable/logout.php b/Ch04/admintable/admintable/logout.php
new file mode 100644
index 0000000..d8abea1
--- /dev/null
+++ b/Ch04/admintable/admintable/logout.php
@@ -0,0 +1,18 @@
+<?php
+session_start();//access the current session.                  
+// if no session variable exists then redirect the user
+if (!isset($_SESSION['user_id'])) {        
+header("location:index.php");
+exit();
+//cancel the session and redirect the user:
+}else{ //cancel the session
+    $_SESSION = array(); // Destroy the variables
+	$params = session_get_cookie_params();
+	// Destroy the cookie
+	setcookie(session_name(), '', time()-42000,
+	$params["path"], $params["domain"],
+	$params["secure"], $params["httponly"]);
+if (session_status() == PHP_SESSION_ACTIVE) { 
+session_destroy(); } // Destroy the session itself
+header("location:index.php");
+	}
diff --git a/Ch04/admintable/admintable/members-page.php b/Ch04/admintable/admintable/members-page.php
new file mode 100644
index 0000000..07965ec
--- /dev/null
+++ b/Ch04/admintable/admintable/members-page.php
@@ -0,0 +1,62 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 0))
+{ header("Location: login.php");
+  exit();
+}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>Members page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="styles.css">
+<!--CSS for only the members page-->
+<style type="text/css">
+#mid-right-col { text-align:center; margin:auto;
+}
+#midcol h3 { font-size:130%; margin-top:0; margin-bottom:0;
+}
+footer {
+	clear:both:
+}
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include("header-members.php"); ?>
+</header>
+<nav>
+<?php include("nav.php"); ?>
+</nav>
+<aside>
+<?php include("info-col.php"); ?>
+</aside>
+<div id="content"><!-- Start of the member's page content. -->
+<?php
+echo '<h2>Welcome to the Members Page!</h2>';
+?>
+<div id="midcol">
+<div id="mid-left-col">
+<h3>Member's Events</h3>
+<p>The members page content. The members page content. The members page content. 
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+</p>
+</div>
+<div id="mid-right-col">
+<h3>Special offers to members only.</h3>
+    <p><strong>T-Shirts &pound;10.00</strong></p>
+<img alt="Polo shirt" title="Polo shirt" height="207" width="280" src="images/polo.png"><br>
+<br>
+</div>
+</div></div><!-- End of the members page content. -->
+</div><p></p><p></p>><br>
+<footer>
+<?php include("footer.php"); ?>
+</footer>
+</body>
+</html>
+
diff --git a/Ch04/admintable/admintable/mysqli_connect.php b/Ch04/admintable/admintable/mysqli_connect.php
new file mode 100644
index 0000000..ba1b280
--- /dev/null
+++ b/Ch04/admintable/admintable/mysqli_connect.php
@@ -0,0 +1,11 @@
+<?php
+// Create a connection to the logindb database. 
+// Set the encoding and the access details as constants:
+DEFINE ('DB_USER', 'webmaster');
+DEFINE ('DB_PASSWORD', 'C0ffeep0t');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'admintable');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8'); 
diff --git a/Ch04/admintable/admintable/nav.php b/Ch04/admintable/admintable/nav.php
new file mode 100644
index 0000000..f0932a6
--- /dev/null
+++ b/Ch04/admintable/admintable/nav.php
@@ -0,0 +1,15 @@
+    <li class="nav-item">
+          <a class="nav-link active" href="#">Home</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-2.php">Page 2</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-3.php">Page 3</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-4.php">Page 4</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-5.php">Page 5</a>
+        </li>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/password-header.php b/Ch04/admintable/admintable/password-header.php
new file mode 100644
index 0000000..e6fc6c8
--- /dev/null
+++ b/Ch04/admintable/admintable/password-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/process-change-password.php b/Ch04/admintable/admintable/process-change-password.php
new file mode 100644
index 0000000..f40f461
--- /dev/null
+++ b/Ch04/admintable/admintable/process-change-password.php
@@ -0,0 +1,110 @@
+
+<?php
+// This script is a query that UPDATES the password in the users table.
+// Check that form has been submitted:       
+    require ('mysqli_connect.php'); // Connect to the db. 
+	$errors = array(); // Initialize an error array. 
+	// Set hidden variable to format any of the echos below
+	// Check for an email address:
+	$email = trim($_POST['email']);
+	if (empty($email)) {
+		$errors[] = 'You forgot to enter your email address.';
+	}
+	// Check for a password and match against the confirmed password:
+	$password = trim($_POST['password']);
+	if (empty($password)) {
+		$errors[] = 'You forgot to enter your old password.';
+		} 
+    // Prepeare and check new password
+    $new_password = trim($_POST['password1']);
+	$verify_password = trim($_POST['password2']);
+	if (!empty($new_password)) {
+        if (($new_password != $verify_password) ||
+			( $password == $new_password ))
+		{
+            $errors[] = 'Your new password did not match the confirmed password and/or ';
+			$errors[] = 'Your old password is the same as your new password.';
+		}
+	} else {
+			$errors[] = 'You did not enter a new password.';
+    }
+	if (empty($errors)) { // If everything's OK.              
+try {
+	 // Check that the user has entered the right email address/password combination:
+    $query = "SELECT userid, password FROM users WHERE ( email=? )";
+	$q = mysqli_stmt_init($dbcon);                                 
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 's', $email);
+     // execute query
+    mysqli_stmt_execute($q);
+
+	$result = mysqli_stmt_get_result($q);
+    $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+    if ((mysqli_num_rows($result) == 1)
+          && (password_verify($password, $row['password'])))
+		{	// Found one record		
+	    // Change the password in the database...
+	    // Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($new_password, PASSWORD_DEFAULT);            
+		// Make the query:                                               
+       $query = "UPDATE users SET password=? WHERE email=?";
+	   $q = mysqli_stmt_init($dbcon);                                 
+       mysqli_stmt_prepare($q, $query);
+       // use prepared statement to insure that only text is inserted
+       // bind fields to SQL Statement
+       mysqli_stmt_bind_param($q, 'ss', $hashed_passcode, $email);
+       // execute query
+       mysqli_stmt_execute($q);
+       if (mysqli_stmt_affected_rows($q) == 1) {	// one row updated
+           // Echo a message
+          header ("location: password-thanks.php"); 
+		  exit();   
+		} else { // If it did not run OK.
+		// Public message:
+			$errorstring = "System Error! <br /> You could not change password due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";	
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+			// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		    exit();
+		 }
+    } else { // Invalid email address/password combination.
+		$errorstring = 'Error! <br /> ';
+        $errorstring .= 'The email address and/or password do not match those on file.';
+	    $errorstring .= " Please try again.";
+		echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";
+} }	
+   catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+	} else { // Report the errors.                                            
+		//header ("location: register-page.php"); 
+		$errorstring = "Error! The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
+
+
+
+
+
+
+
diff --git a/Ch04/admintable/admintable/process-login.php b/Ch04/admintable/admintable/process-login.php
new file mode 100644
index 0000000..e014b3f
--- /dev/null
+++ b/Ch04/admintable/admintable/process-login.php
@@ -0,0 +1,83 @@
+<?php 
+// This section processes submissions from the login form
+// Check if the form has been submitted:
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    //connect to database
+try {
+    require ('mysqli_connect.php');
+    // Validate the email address
+// Check for an email address:
+	    $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+    // Validate the password
+	    $password = filter_var( $_POST['password'], FILTER_SANITIZE_STRING);	
+	if (empty($password)) {
+		$errors[] = 'You forgot to enter your password.';
+	}
+   if (empty($errors)) { // If everything's OK.         #1
+// Retrieve the user_id, psword, first_name and user_level for that
+// email/password combination
+ $query = "SELECT userid, password, first_name, user_level FROM users WHERE email=?";
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) == 1) {
+//if one database row (record) matches the input:-
+// Start the session, fetch the record and insert the 
+// values in an array 
+if (password_verify($password, $row[1])) {          //#2
+session_start();								
+// Ensure that the user level is an integer. 
+$_SESSION['user_level'] = (int) $row[3];
+// Use a ternary operation to set the URL             #3
+$url = ($_SESSION['user_level'] === 1) ? 'admin-page.php' :
+ 'members-page.php'; 
+header('Location: ' . $url); 
+// Make the browser load either the members or the admin page
+} else { // No password match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} else { // No e-mail match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} 
+if (!empty($errors)) {                     
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (!empty($errors)) IF.
+mysqli_stmt_free_result($q);
+mysqli_stmt_close($q);
+}
+ catch(Exception $e) // We finally handle any problems here   
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+} // no else to allow user to enter values
+?>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/process-register-page.php b/Ch04/admintable/admintable/process-register-page.php
new file mode 100644
index 0000000..777059b
--- /dev/null
+++ b/Ch04/admintable/admintable/process-register-page.php
@@ -0,0 +1,85 @@
+<?php
+// This script is a query that INSERTs a record in the users table.
+// Check that form has been submitted:
+try {
+	$errors = array(); // Initialize an error array. 
+	// Check for a first name:                        
+        $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+	if (empty($first_name)) {
+		$errors[] = 'You forgot to enter your first name.';
+	}
+	// Check for a last name:
+	    $last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);	
+	if (empty($last_name)) {
+		$errors[] = 'You forgot to enter your last name.';
+	}
+	// Check for an email address:
+	    $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+	// Check for a password and match against the confirmed password:
+			$password1 = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+			$password2 = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);
+	if (!empty($password1)) {
+		if ($password1 !== $password2) { 
+			$errors[] = 'Your two password did not match.';
+		} 
+	} else {
+		$errors[] = 'You forgot to enter your password(s).';
+	}
+	if (empty($errors)) { // If everything's OK.              
+	// Register the user in the database...
+	// Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($password1, PASSWORD_DEFAULT); 
+		require ('mysqli_connect.php'); // Connect to the db.     
+		// Make the query:                                               
+		$query = "INSERT INTO users (userid, first_name, last_name, email, password, registration_date) ";
+		$query .="VALUES(' ', ?, ?, ?, ?, NOW() )";		                
+        $q = mysqli_stmt_init($dbcon);                                  
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
+     // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {	// One record inserted			
+		header ("location: register-thanks.php"); 
+		exit();
+		} else { // If it did not run OK.
+		// Public message:
+		    $errorstring = "<p class='text-center col-sm-8' style='color:red'>";
+			$errorstring .= "System Error<br />You could not be registered due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+		    mysqli_close($dbcon); // Close the database connection.
+		// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		exit();
+		}
+	} else { // Report the errors.                             
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+		}									
+   catch(Exception $e) // We finally handle any problems here   
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/process_admin_view_users.php b/Ch04/admintable/admintable/process_admin_view_users.php
new file mode 100644
index 0000000..5e61925
--- /dev/null
+++ b/Ch04/admintable/admintable/process_admin_view_users.php
@@ -0,0 +1,129 @@
+<?php
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+//set the number of rows per display page
+$pagerows = 4; //                                                                       
+// Has the total number of pagess already been calculated?
+if ((isset($_GET['p']) && is_numeric($_GET['p']))) { //already been calculated
+$pages = htmlspecialchars($_GET['p'], ENT_QUOTES);
+// make sure it is not executable XSS
+}else{//use the next block of code to calculate the number of pages                     
+//First, check for the total number of records
+$q = "SELECT COUNT(userid) FROM users";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$records = htmlspecialchars($row[0], ENT_QUOTES);
+// make sure it is not executable XSS
+//Now calculate the number of pages
+if ($records > $pagerows){ //if the number of records will fill more than one page
+//Calculate the number of pages and round the result up to the nearest integer
+$pages = ceil ($records/$pagerows); //                                                   
+}else{
+$pages = 1;
+}
+}//page check finished
+//Declare which record to start with                                                     
+if ((isset($_GET['s'])) &&( is_numeric($_GET['s'])))
+{
+$start = htmlspecialchars($_GET['s'], ENT_QUOTES);
+// make sure it is not executable XSS
+}else{
+$start = 0;
+}
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users ORDER BY registration_date ASC";
+$query .=" LIMIT ?, ?";
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind $id to SQL Statement
+mysqli_stmt_bind_param($q, "ii", $start, $pagerows); 
+
+// execute query
+
+mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran OK (records were returned), display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';				
+// Fetch and print all the records:							
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Error message:
+echo '<p class="text-center">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of else ($result) 
+// Now display the total number of records/members.           
+$q = "SELECT COUNT(userid) FROM users";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$members = htmlspecialchars($row[0], ENT_QUOTES);
+mysqli_close($dbcon); // Close the database connection.     
+$echostring = "<p class='text-center'>Total membership: $members </p>";
+$echostring .= "<p class='text-center'>";
+if ($pages > 1) {//                                             
+//What number is the current page?
+$current_page = ($start/$pagerows) + 1;
+//If the page is not the first page then create a Previous link
+if ($current_page != 1) {
+$echostring .= '<a href="admin_view_users.php?s=' . ($start - $pagerows) . 
+'&p=' . $pages . '">Previous</a> ';
+}
+//Create a Next link                                                  
+if ($current_page != $pages) {
+$echostring .= ' <a href="admin_view_users.php?s=' . ($start + $pagerows) . 
+'&p=' . $pages . '">Next</a> ';
+}
+$echostring .= '</p>';
+echo $echostring;
+}
+//}
+//mysqli_close($dbcon); // Close the database connection.
+} //end of try
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/process_delete_record.php b/Ch04/admintable/admintable/process_delete_record.php
new file mode 100644
index 0000000..1b31598
--- /dev/null
+++ b/Ch04/admintable/admintable/process_delete_record.php
@@ -0,0 +1,95 @@
+<?php
+try { 
+// Check for a valid user ID, through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+	$id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} else
+if ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.      #1
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+//	return to login page
+header("Location: login.php");
+exit();
+}
+require ('./mysqli_connect.php');
+// Check if the form has been submitted:                                               #2
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$sure = htmlspecialchars($_POST['sure'], ENT_QUOTES);
+if ($sure == 'Yes') { // Delete the record.
+	// Make the query:
+	
+	// Use prepare statement to remove security problems
+	$q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, 'DELETE FROM users WHERE userid=? LIMIT 1');
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	if (mysqli_stmt_affected_rows($q) == 1) { // It ran OK
+// Print a message:
+		echo '<h3 class="text-center">The record has been deleted.</h3>';	
+		} else { // If the query did not run OK display public message
+			echo '<p class="text-center">The record could not be deleted.';
+			echo '<br>Either it does not exist or due to a system error.</p>';
+		//	echo '<p>' . mysqli_error($dbcon ) . '<br />Query: ' . $q . '</p>'; 
+		// Debugging message. When live comment out because this displays sql
+		}
+	} else { // User did not confirm deletion.
+		echo '<h3 class="text-center">The user has NOT been deleted as you requested</h3>';	
+	}
+} else { // Show the form.                                                               #3
+	
+	$q = mysqli_stmt_init($dbcon);
+	$query = "SELECT CONCAT(first_name, ' ', last_name) FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	 $result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM); // get user info
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+		
+		// Display the record being deleted:
+		$user = htmlspecialchars($row[0], ENT_QUOTES);
+?>
+	<h2 class="h2 text-center">
+	Are you sure you want to permanently delete <?php echo $user; ?>?</h2>
+	<form action="delete_user.php" method="post"	
+			name="deleteform" id="deleteform">
+	<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8" style="padding-left: 70px;">
+	<input type="hidden" name="id" value="<?php echo $id; ?>">
+	<input id="submit-yes" class="btn btn-primary" type="submit" name="sure" value="Yes"> - 
+	<input id="submit-no" class="btn btn-primary" type="submit" name="sure" value="No">
+    </div>
+	</div>
+	</form>';
+<?php
+	} else { // Not a valid user ID.
+		echo '<p class="text-center">This page has been accessed in error.</p>';
+		echo '<p>&nbsp;</p>';
+	}
+} // End of the main submission conditional.
+mysqli_stmt_close($q);
+mysqli_close($dbcon );
+}
+catch(Exception $e)
+{
+	print "The system is busy. Please try again.";
+	//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is currently busy. Please try again soon.";
+	//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/process_edit_record.php b/Ch04/admintable/admintable/process_edit_record.php
new file mode 100644
index 0000000..70234ef
--- /dev/null
+++ b/Ch04/admintable/admintable/process_edit_record.php
@@ -0,0 +1,156 @@
+<?php
+try
+{ 
+// After clicking the Edit link in the found_record.php page. This code is executed 
+// The code looks for a valid user ID, either through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+    $id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+	include ('footer.php'); 
+	exit();
+}
+
+require ('./mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array();
+	// Look for the first name:
+	$first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+	if (empty($first_name)) {
+		$errors[] = 'You forgot to enter your first name.';
+	}
+	// Look for the last name:
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);	
+	if (empty($last_name)) {
+		$errors[] = 'You forgot to enter your last name.';
+	}
+	// Look for the email address:
+	$email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+	if (empty($errors)) { // If everything's OK.                                         #2	
+		$q = mysqli_stmt_init($dbcon);
+		$query = 'SELECT userid FROM users WHERE email=? AND userid !=?';
+        mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'si', $email, $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+	if (mysqli_num_rows($result) == 0) { // e-mail does not exist in another record
+		 $query = 'UPDATE users SET first_name=?, last_name=?, email=?';
+         $query .= ' WHERE userid=? LIMIT 1';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'sssi', $first_name, $last_name, $email, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+			
+			// Echo a message if the edit was satisfactory:
+				echo '<h3 class="text-center">The user has been edited.</h3>';	
+						} else { // Echo a message if the query failed.
+				echo '<p class="text-center">The user could not be edited due to a system error.';
+                echo ' We apologize for any inconvenience.</p>'; // Public message.
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		} else { // Already registered.
+			echo '<p class="text-center">The email address has already been registered.</p>';
+		}
+		} else { // Display the errors.
+		echo '<p class="text-center">The following error(s) occurred:<br />';
+		foreach ($errors as $msg) { // Echo each error.
+			echo " - $msg<br />\n";
+		}
+		echo '</p><p>Please try again.</p>';
+		} // End of if (empty($errors))section.
+} // End of the conditionals
+// Select the user's information to display in textboxes:                                    #3
+
+	$q = mysqli_stmt_init($dbcon);
+	$query = "SELECT first_name, last_name, email FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	mysqli_stmt_bind_param($q, 'i', $id); 
+      
+       // execute query
+	   
+    mysqli_stmt_execute($q);  
+	   
+	$result = mysqli_stmt_get_result($q);
+
+	$row = mysqli_fetch_array($result, MYSQLI_NUM);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	
+	// Create the form:
+?>
+<h2 class="h2 text-center">Edit Record</h2>
+<form action="edit_user.php" method="post"	
+	name="editform" id="editform">
+  <div class="form-group row">
+  <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+  <div class="col-sm-8">
+  <input type="text" class="form-control" id="first_name" name="first_name" 
+  placeholder="First Name" maxlength="30" required
+	  value="<?php echo htmlspecialchars($row[0], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value="<?php echo htmlspecialchars($row[1], ENT_QUOTES); ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php echo htmlspecialchars($row[2], ENT_QUOTES); ?>">
+    </div>
+  </div>
+<input type="hidden" name="id" value="<?php echo $id ?>" />
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+<?php
+} else { // The user could not be validated
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+}
+mysqli_stmt_free_result($q);
+mysqli_close($dbcon);
+}
+catch(Exception $e)
+{
+	print "The system is busy. Please try later";
+	//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is currently busy. Please try again later";
+	//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/process_temp_view_found_record.php b/Ch04/admintable/admintable/process_temp_view_found_record.php
new file mode 100644
index 0000000..0d7bf25
--- /dev/null
+++ b/Ch04/admintable/admintable/process_temp_view_found_record.php
@@ -0,0 +1,70 @@
+<?php
+try
+{
+
+// This script retrieves records from the users table.                         
+require ('./mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users WHERE ";
+$query .= "last_name='Smith' AND first_name='James' ";
+$query .="ORDER BY registration_date ASC ";		
+// Perpared statement not needed because string is hard coded
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';	
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="error">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+print "The system is currently busy. Please try later.";
+//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+print "The system us busy. Please try later.";
+//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/process_view_found_record.php b/Ch04/admintable/admintable/process_view_found_record.php
new file mode 100644
index 0000000..def6abf
--- /dev/null
+++ b/Ch04/admintable/admintable/process_view_found_record.php
@@ -0,0 +1,82 @@
+<?php
+try
+{
+// This script retrieves records from the users table.                         
+require ('./mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+$first_name = htmlspecialchars($_POST['first_name'], ENT_QUOTES);
+$last_name = htmlspecialchars($_POST['last_name'], ENT_QUOTES);
+// Since it's a prepared statement below this sanitizing is not needed
+// However, to consistantly retrieve than sanitize is a good habit
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users WHERE ";
+$query .= "last_name=? AND first_name=? ";
+$query .="ORDER BY registration_date ASC ";		
+// Prepared statement not needed because string is hard coded
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+mysqli_stmt_bind_param($q, 'ss', $last_name, $first_name);
+
+// execute query	 
+mysqli_stmt_execute($q); 
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';	
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="center-text">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+print "The system is currently busy. Please try later.";
+//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+print "The system us busy. Please try later.";
+//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/register-header.php b/Ch04/admintable/admintable/register-header.php
new file mode 100644
index 0000000..1a24c07
--- /dev/null
+++ b/Ch04/admintable/admintable/register-header.php
@@ -0,0 +1,15 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" 
+       aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'register-page'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
diff --git a/Ch04/admintable/admintable/register-page.php b/Ch04/admintable/admintable/register-page.php
new file mode 100644
index 0000000..3d419c7
--- /dev/null
+++ b/Ch04/admintable/admintable/register-page.php
@@ -0,0 +1,108 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('register-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<form action="register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/register-password.php b/Ch04/admintable/admintable/register-password.php
new file mode 100644
index 0000000..0e6f68c
--- /dev/null
+++ b/Ch04/admintable/admintable/register-password.php
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/register-thanks.php b/Ch04/admintable/admintable/register-thanks.php
new file mode 100644
index 0000000..fb520c1
--- /dev/null
+++ b/Ch04/admintable/admintable/register-thanks.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('thanks-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center">
+	<h2>Thank you for registering</h2>
+On the Home Page, you will now be able to login and add new quotes to the message board.
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/register-view-users.php b/Ch04/admintable/admintable/register-view-users.php
new file mode 100644
index 0000000..2859874
--- /dev/null
+++ b/Ch04/admintable/admintable/register-view-users.php
@@ -0,0 +1,93 @@
+ <?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/search.php b/Ch04/admintable/admintable/search.php
new file mode 100644
index 0000000..0cc9fac
--- /dev/null
+++ b/Ch04/admintable/admintable/search.php
@@ -0,0 +1,90 @@
+<?php											
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{
+header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Search Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Search for a record</h2>
+<h6 class="text-center">Both names are required items</h6>
+<form action="view_found_record.php" method="post" >
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value=
+			"<?php if (isset($_POST['first_name'])) 
+				echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+			"<?php if (isset($_POST['last_name'])) 
+				echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" 
+		name="submit" value="Search">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/temp_view_found_record.php b/Ch04/admintable/admintable/temp_view_found_record.php
new file mode 100644
index 0000000..951315e
--- /dev/null
+++ b/Ch04/admintable/admintable/temp_view_found_record.php
@@ -0,0 +1,55 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are found users</h2>
+<p>
+<?php 
+require ("process_temp_view_found_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch04/admintable/admintable/thanks-header.php b/Ch04/admintable/admintable/thanks-header.php
new file mode 100644
index 0000000..7a0b906
--- /dev/null
+++ b/Ch04/admintable/admintable/thanks-header.php
@@ -0,0 +1,11 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/verify.js b/Ch04/admintable/admintable/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch04/admintable/admintable/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch04/admintable/admintable/view_found_record.php b/Ch04/admintable/admintable/view_found_record.php
new file mode 100644
index 0000000..94edc12
--- /dev/null
+++ b/Ch04/admintable/admintable/view_found_record.php
@@ -0,0 +1,55 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+ exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are users found</h2>
+<p>
+<?php 
+require ("process_view_found_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/admin-page.php b/Ch05/postal/admin-page.php
new file mode 100644
index 0000000..e4ccc1d
--- /dev/null
+++ b/Ch05/postal/admin-page.php
@@ -0,0 +1,57 @@
+<?php                                                                                     
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Administration Page</h2>
+<h3>You have permission to:</h3>
+<p>&#9632;Edit and Delete a record</p>
+<p>&#9632;Use the View Members button to page through all the members</p>
+<p>&#9632;Use the Search button to locate a particular member</p>
+<p>&#9632;Use the New Password button to change your password. 
+</p>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/admin-view-users.php b/Ch05/postal/admin-view-users.php
new file mode 100644
index 0000000..8e4f50b
--- /dev/null
+++ b/Ch05/postal/admin-view-users.php
@@ -0,0 +1,121 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Users Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT last_name, first_name, email, DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, class, paid, userid FROM users ORDER BY registration_date DESC";
+$q .=" LIMIT $start, $pagerows";	
+
+
+
+// Prepared statement not needed since hardcoded	
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to #5
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                                                                                                                                      #7
+	mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/admin_view_users.php b/Ch05/postal/admin_view_users.php
new file mode 100644
index 0000000..82ffa0c
--- /dev/null
+++ b/Ch05/postal/admin_view_users.php
@@ -0,0 +1,51 @@
+<?php                                                                       
+//session_start();
+//if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+ //header("Location: login.php");
+ // exit();
+//}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Users Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-10">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+require ("process_admin_view_users.php");
+?>
+</div>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/change-password.php b/Ch05/postal/change-password.php
new file mode 100644
index 0000000..da7b024
--- /dev/null
+++ b/Ch05/postal/change-password.php
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Change Password</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/delete_user.php b/Ch05/postal/delete_user.php
new file mode 100644
index 0000000..2f43fae
--- /dev/null
+++ b/Ch05/postal/delete_user.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Delete Record</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_delete_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/edit_user.php b/Ch05/postal/edit_user.php
new file mode 100644
index 0000000..b2396a1
--- /dev/null
+++ b/Ch05/postal/edit_user.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+//session_start();
+//if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+//{ header("Location: login.php");
+ // exit();
+//}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Edit a Record</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_edit_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/footer.php b/Ch05/postal/footer.php
new file mode 100644
index 0000000..4ccb7e8
--- /dev/null
+++ b/Ch05/postal/footer.php
@@ -0,0 +1,5 @@
+<p class="h6 col-sm-12">Copyright &copy; Adrian West & Steve Prettyman 2018  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch05/postal/header-admin.php b/Ch05/postal/header-admin.php
new file mode 100644
index 0000000..d9f4072
--- /dev/null
+++ b/Ch05/postal/header-admin.php
@@ -0,0 +1,15 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'admin_view_users.php'">View Members</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'search.php'">Search</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = '#'">Addresses</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
diff --git a/Ch05/postal/header-members.php b/Ch05/postal/header-members.php
new file mode 100644
index 0000000..3bf6406
--- /dev/null
+++ b/Ch05/postal/header-members.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch05/postal/header-thanks.php b/Ch05/postal/header-thanks.php
new file mode 100644
index 0000000..b0b0b07
--- /dev/null
+++ b/Ch05/postal/header-thanks.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Cancel</button>
+</div>
+    </nav>
+
diff --git a/Ch05/postal/header.php b/Ch05/postal/header.php
new file mode 100644
index 0000000..92bb26a
--- /dev/null
+++ b/Ch05/postal/header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Login</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'">Register</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch05/postal/images/Thumbs.db b/Ch05/postal/images/Thumbs.db
new file mode 100644
index 0000000..36a1b2f
Binary files /dev/null and b/Ch05/postal/images/Thumbs.db differ
diff --git a/Ch05/postal/images/polo.png b/Ch05/postal/images/polo.png
new file mode 100644
index 0000000..bca2bd2
Binary files /dev/null and b/Ch05/postal/images/polo.png differ
diff --git a/Ch05/postal/images/tile-pale.jpg b/Ch05/postal/images/tile-pale.jpg
new file mode 100644
index 0000000..ae45d50
Binary files /dev/null and b/Ch05/postal/images/tile-pale.jpg differ
diff --git a/Ch05/postal/images/vertical_solution_PP.png b/Ch05/postal/images/vertical_solution_PP.png
new file mode 100644
index 0000000..8693bd4
Binary files /dev/null and b/Ch05/postal/images/vertical_solution_PP.png differ
diff --git a/Ch05/postal/index.php b/Ch05/postal/index.php
new file mode 100644
index 0000000..e577826
--- /dev/null
+++ b/Ch05/postal/index.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/info-col-cards.php b/Ch05/postal/info-col-cards.php
new file mode 100644
index 0000000..05671fc
--- /dev/null
+++ b/Ch05/postal/info-col-cards.php
@@ -0,0 +1,4 @@
+
+<h3 class="text-center">Payment Methods</h3>
+	<img alt="Pay by PayPal or Credit card" title="Pay by PayPal or Credit card"src="images/vertical_solution_PP.png">
+
diff --git a/Ch05/postal/info-col.php b/Ch05/postal/info-col.php
new file mode 100644
index 0000000..1c1ae88
--- /dev/null
+++ b/Ch05/postal/info-col.php
@@ -0,0 +1,3 @@
+<h3>This is the information column</h3>
+<p>Information area</p>
+
diff --git a/Ch05/postal/login-header.php b/Ch05/postal/login-header.php
new file mode 100644
index 0000000..9602ddc
--- /dev/null
+++ b/Ch05/postal/login-header.php
@@ -0,0 +1,13 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'">Register</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch05/postal/login.php b/Ch05/postal/login.php
new file mode 100644
index 0000000..bc3d8b3
--- /dev/null
+++ b/Ch05/postal/login.php
@@ -0,0 +1,83 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Login page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('login-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-login.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Login</h2>
+<form action="login.php" method="post" name="loginform" id="loginform">
+  <div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">Email Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="Email" maxlength="30" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" maxlength="40" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+	  <span>&nbsp;Between 8 and 12 characters.</span></p>
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Login">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/logo.jpg b/Ch05/postal/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch05/postal/logo.jpg differ
diff --git a/Ch05/postal/logout.php b/Ch05/postal/logout.php
new file mode 100644
index 0000000..d8abea1
--- /dev/null
+++ b/Ch05/postal/logout.php
@@ -0,0 +1,18 @@
+<?php
+session_start();//access the current session.                  
+// if no session variable exists then redirect the user
+if (!isset($_SESSION['user_id'])) {        
+header("location:index.php");
+exit();
+//cancel the session and redirect the user:
+}else{ //cancel the session
+    $_SESSION = array(); // Destroy the variables
+	$params = session_get_cookie_params();
+	// Destroy the cookie
+	setcookie(session_name(), '', time()-42000,
+	$params["path"], $params["domain"],
+	$params["secure"], $params["httponly"]);
+if (session_status() == PHP_SESSION_ACTIVE) { 
+session_destroy(); } // Destroy the session itself
+header("location:index.php");
+	}
diff --git a/Ch05/postal/members-header.php b/Ch05/postal/members-header.php
new file mode 100644
index 0000000..de443b4
--- /dev/null
+++ b/Ch05/postal/members-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'change-password.php'" >New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch05/postal/members-page.php b/Ch05/postal/members-page.php
new file mode 100644
index 0000000..e6252d1
--- /dev/null
+++ b/Ch05/postal/members-page.php
@@ -0,0 +1,61 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 0))
+{ header("Location: login.php");
+  exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-members.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Member's Page</h2>
+<p>The members page content. The members page content. The members page content. 
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+</p>
+<p class="h3 text-center">Special offers to members only.</p>
+    <p class="text-center"><strong>T-Shirts 10.00</strong></p>
+<img class="mx-auto d-block" src="images/polo.png" alt="Polo Shirt"> 
+<br>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
+
diff --git a/Ch05/postal/mysqli_connect.php b/Ch05/postal/mysqli_connect.php
new file mode 100644
index 0000000..70bf5fc
--- /dev/null
+++ b/Ch05/postal/mysqli_connect.php
@@ -0,0 +1,11 @@
+<?php
+// Create a connection to the logindb database. 
+// Set the encoding and the access details as constants:
+DEFINE ('DB_USER', 'jenner');
+DEFINE ('DB_PASSWORD', 'Vacc1nat10n');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'postaldb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8'); 
diff --git a/Ch05/postal/nav.php b/Ch05/postal/nav.php
new file mode 100644
index 0000000..db873ad
--- /dev/null
+++ b/Ch05/postal/nav.php
@@ -0,0 +1,15 @@
+    <li class="nav-item">
+          <a class="nav-link active" href="index.php">Home</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-2.php">Page 2</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-3.php">Page 3</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-4.php">Page 4</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-5.php">Page 5</a>
+        </li>
\ No newline at end of file
diff --git a/Ch05/postal/password-header.php b/Ch05/postal/password-header.php
new file mode 100644
index 0000000..e6fc6c8
--- /dev/null
+++ b/Ch05/postal/password-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch05/postal/postaldb.sql b/Ch05/postal/postaldb.sql
new file mode 100644
index 0000000..89a92b5
--- /dev/null
+++ b/Ch05/postal/postaldb.sql
@@ -0,0 +1,109 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 06:56 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `postaldb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `prices`
+--
+
+CREATE TABLE `prices` (
+  `oneyeargb` decimal(6,0) NOT NULL,
+  `oneyearus` decimal(6,0) NOT NULL,
+  `fiveyeargb` decimal(6,0) NOT NULL,
+  `fiveyearus` decimal(6,0) NOT NULL,
+  `militarygb` decimal(6,0) NOT NULL,
+  `militaryus` decimal(6,0) NOT NULL,
+  `u21gb` decimal(6,0) NOT NULL,
+  `u21us` decimal(6,0) NOT NULL,
+  `minpricegb` decimal(6,0) NOT NULL,
+  `minpriceus` decimal(6,0) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+
+--
+-- Dumping data for table `prices`
+--
+
+INSERT INTO `prices` (`oneyeargb`, `oneyearus`, `fiveyeargb`, `fiveyearus`, `militarygb`, `militaryus`, `u21gb`, `u21us`, `minpricegb`, `minpriceus`) VALUES
+('30', '40', '125', '140', '5', '8', '2', '3', '15', '20');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `first_name` varchar(30) COLLATE utf8_bin NOT NULL,
+  `last_name` varchar(40) COLLATE utf8_bin NOT NULL,
+  `email` varchar(50) COLLATE utf8_bin NOT NULL,
+  `password` char(60) COLLATE utf8_bin NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `user_level` tinyint(1) NOT NULL,
+  `address1` varchar(50) COLLATE utf8_bin NOT NULL,
+  `address2` varchar(50) COLLATE utf8_bin DEFAULT NULL,
+  `city` varchar(50) COLLATE utf8_bin NOT NULL,
+  `state_country` char(25) COLLATE utf8_bin NOT NULL,
+  `zcode_pcode` char(10) COLLATE utf8_bin NOT NULL,
+  `phone` char(15) COLLATE utf8_bin DEFAULT NULL,
+  `paid` enum('No','Yes') COLLATE utf8_bin NOT NULL,
+  `class` char(20) COLLATE utf8_bin NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `user_level`, `address1`, `address2`, `city`, `state_country`, `zcode_pcode`, `phone`, `paid`, `class`) VALUES
+(1, 'James', 'Smith', 'jsmith@myisp.com', '$2y$10$9A7tLasMBRhpgHGXvAR3o.7o9TTl8MCI90FjVqe2NxtreSqMwU5Ze', '2017-12-08 18:13:48', 1, '2 The Street', NULL, 'Townsville', 'CA', '33040', '3055551111', 'No', '125'),
+(2, 'Jack', 'Smith', 'jsmith@outcook.com', '$2y$10$7bRW0hJkQFQs6QKxLYm4Cud/Mq0/opjEGLdLPECCWoi9EScVLNg32', '2017-12-08 18:18:35', 0, '2 The Street', NULL, 'Townsville', 'CA', '33040', '3055551111', 'No', '30'),
+(3, 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$2ozl5Ds/F.IdEDGnfAovku5DxQubPbzxfeFKCpZDsi74wLEmeCeSy', '2017-12-08 18:19:43', 0, '2 The Street', NULL, 'Townsville', 'CA', '33040', '3055551111', 'No', '2'),
+(4, 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$IiCEJot1JJ3X2WUjAx9e4ecQL2eUbBsCbUqNwljgxrX7cLtKebpAe', '2017-12-08 18:21:08', 0, '2 The Street', 'The Village', 'Townsville', 'CA', '33040', '3055551111', 'No', '2'),
+(5, 'Frank', 'Incense', 'incense@myisp.net', '$2y$10$Tm6mFieRmBMAXPS4VqE.aubkadLmW2clnrDkTS3ZKbyXFvlNBkZzu', '2017-12-08 18:22:53', 0, '2 The Street', 'The Village', 'Townsville', 'CA', '33040', NULL, 'No', '15');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=6;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch05/postal/process-change-password.php b/Ch05/postal/process-change-password.php
new file mode 100644
index 0000000..f40f461
--- /dev/null
+++ b/Ch05/postal/process-change-password.php
@@ -0,0 +1,110 @@
+
+<?php
+// This script is a query that UPDATES the password in the users table.
+// Check that form has been submitted:       
+    require ('mysqli_connect.php'); // Connect to the db. 
+	$errors = array(); // Initialize an error array. 
+	// Set hidden variable to format any of the echos below
+	// Check for an email address:
+	$email = trim($_POST['email']);
+	if (empty($email)) {
+		$errors[] = 'You forgot to enter your email address.';
+	}
+	// Check for a password and match against the confirmed password:
+	$password = trim($_POST['password']);
+	if (empty($password)) {
+		$errors[] = 'You forgot to enter your old password.';
+		} 
+    // Prepeare and check new password
+    $new_password = trim($_POST['password1']);
+	$verify_password = trim($_POST['password2']);
+	if (!empty($new_password)) {
+        if (($new_password != $verify_password) ||
+			( $password == $new_password ))
+		{
+            $errors[] = 'Your new password did not match the confirmed password and/or ';
+			$errors[] = 'Your old password is the same as your new password.';
+		}
+	} else {
+			$errors[] = 'You did not enter a new password.';
+    }
+	if (empty($errors)) { // If everything's OK.              
+try {
+	 // Check that the user has entered the right email address/password combination:
+    $query = "SELECT userid, password FROM users WHERE ( email=? )";
+	$q = mysqli_stmt_init($dbcon);                                 
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 's', $email);
+     // execute query
+    mysqli_stmt_execute($q);
+
+	$result = mysqli_stmt_get_result($q);
+    $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+    if ((mysqli_num_rows($result) == 1)
+          && (password_verify($password, $row['password'])))
+		{	// Found one record		
+	    // Change the password in the database...
+	    // Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($new_password, PASSWORD_DEFAULT);            
+		// Make the query:                                               
+       $query = "UPDATE users SET password=? WHERE email=?";
+	   $q = mysqli_stmt_init($dbcon);                                 
+       mysqli_stmt_prepare($q, $query);
+       // use prepared statement to insure that only text is inserted
+       // bind fields to SQL Statement
+       mysqli_stmt_bind_param($q, 'ss', $hashed_passcode, $email);
+       // execute query
+       mysqli_stmt_execute($q);
+       if (mysqli_stmt_affected_rows($q) == 1) {	// one row updated
+           // Echo a message
+          header ("location: password-thanks.php"); 
+		  exit();   
+		} else { // If it did not run OK.
+		// Public message:
+			$errorstring = "System Error! <br /> You could not change password due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";	
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+			// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		    exit();
+		 }
+    } else { // Invalid email address/password combination.
+		$errorstring = 'Error! <br /> ';
+        $errorstring .= 'The email address and/or password do not match those on file.';
+	    $errorstring .= " Please try again.";
+		echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";
+} }	
+   catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+	} else { // Report the errors.                                            
+		//header ("location: register-page.php"); 
+		$errorstring = "Error! The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
+
+
+
+
+
+
+
diff --git a/Ch05/postal/process-login.php b/Ch05/postal/process-login.php
new file mode 100644
index 0000000..139ac70
--- /dev/null
+++ b/Ch05/postal/process-login.php
@@ -0,0 +1,86 @@
+<?php 
+// This section processes submissions from the login form
+// Check if the form has been submitted:
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    //connect to database
+try {
+    require ('mysqli_connect.php');
+    // Validate the email address
+// Check for an email address:
+	    $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+    // Validate the password
+	    $password = filter_var( $_POST['password'], FILTER_SANITIZE_STRING);	
+	if (empty($password)) {
+		$errors[] = 'You forgot to enter your password.';
+	}
+   if (empty($errors)) { // If everything's OK.         #1
+// Retrieve the user_id, psword, first_name and user_level for that
+// email/password combination
+ $query = "SELECT userid, password, first_name, user_level FROM users ";
+ $query .= "WHERE paid='Yes' AND email=?";
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) == 1) {
+//if one database row (record) matches the input:-
+// Start the session, fetch the record and insert the 
+// values in an array 
+if (password_verify($password, $row[1])) {          //#2
+session_start();								
+// Ensure that the user level is an integer. 
+$_SESSION['user_level'] = (int) $row[3];
+// Use a ternary operation to set the URL             #3
+$url = ($_SESSION['user_level'] === 1) ? 'admin-page.php' :
+ 'members-page.php'; 
+header('Location: ' . $url); 
+// Make the browser load either the members or the admin page
+} else { // No password match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps your fee has not yet been processed from ';
+$errors[] = ' PayPal or the credit card.';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} else { // No e-mail match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} 
+if (!empty($errors)) {                     
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (!empty($errors)) IF.
+mysqli_stmt_free_result($q);
+mysqli_stmt_close($q);
+}
+ catch(Exception $e) // We finally handle any problems here   
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+} // no else to allow user to enter values
+?>
\ No newline at end of file
diff --git a/Ch05/postal/process-register-page.php b/Ch05/postal/process-register-page.php
new file mode 100644
index 0000000..93916e2
--- /dev/null
+++ b/Ch05/postal/process-register-page.php
@@ -0,0 +1,144 @@
+<?php
+// This script is a query that INSERTs a record in the users table.
+// Check that form has been submitted:
+try {
+	$errors = array(); // Initialize an error array. 
+	// Check for a first name:                        
+        $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+	if (empty($first_name)) {
+		$errors[] = 'You forgot to enter your first name.';
+	}
+	// Check for a last name:
+	    $last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);	
+	if (empty($last_name)) {
+		$errors[] = 'You forgot to enter your last name.';
+	}
+	// Check for an email address:
+	    $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+	// Check for a password and match against the confirmed password:
+			$password1 = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+			$password2 = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);
+	if (!empty($password1)) {
+		if ($password1 !== $password2) { 
+			$errors[] = 'Your two password did not match.';
+		} 
+	} else {
+		$errors[] = 'You forgot to enter your password(s).';
+	}
+	// Check for an membership class
+	if(isset($_POST['level'])) {
+	$class = filter_var( $_POST['level'], FILTER_SANITIZE_STRING); }
+	if (empty($class)) {
+		$errors[] = 'Please choose your membership class.';
+	} 
+	// Check for address:
+	$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);	
+	if (empty($address1)) {
+		$errors[] = 'You forgot to enter your address.';
+	} 
+	// Check for address2:
+	$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+	if (empty($address2)) {
+		$address2 = NULL;
+	}
+	// Check for city:
+	$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);	
+	if (empty($city)) {
+		$errors[] = 'You forgot to enter your City.';
+	} 
+// Check for the county:
+	$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);	
+	if (empty($state_country)) {
+		$errors[] = 'You forgot to enter your country.';
+	}
+	// Check for the post code:
+	$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+	if (empty($zcode_pcode)) {
+		$errors[] = 'You forgot to enter your post code.';
+	} 
+	// Check for the phone number:
+	$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	
+		if (empty($phone)) {
+			$phone = NULL;
+	}
+    $class = filter_var( $_POST['level'], FILTER_SANITIZE_STRING);	
+		if (empty($class)) { // Can be reset on next page so set to NULL
+			$class = NULL;
+	}	
+	if (empty($errors)) { // If everything's OK.  
+
+//Determine whether the email address has already been registered    #3
+require ('mysqli_connect.php'); // Connect to the db.     
+$query = "SELECT userid FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q, 's', $email);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	// Register the user in the database...
+	// Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($password1, PASSWORD_DEFAULT); 
+		// Make the query:                                               
+		$query = "INSERT INTO users (userid, first_name, last_name, email, password, ";
+		$query .= "class, address1, address2, city, state_country, zcode_pcode, phone, ";
+		$query .= "registration_date ) ";
+		$query .="VALUES(' ', ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW() )";		                
+        $q = mysqli_stmt_init($dbcon);                                  
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'sssssssssss', 
+			$first_name, $last_name, $email, $hashed_passcode,
+			$class, $address1, $address2, $city, $state_country, $zcode_pcode, $phone);
+     // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {	// One record inserted			
+		header ("location: register-thanks.php?class=" . $class); 
+		exit();
+		} else { // If it did not run OK.
+		// Public message:
+		    $errorstring = "<p class='text-center col-sm-8' style='color:red'>";
+			$errorstring .= "System Error<br />You could not be registered due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+		    mysqli_close($dbcon); // Close the database connection.
+		// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		exit();
+		}
+	}else{//The email address is already registered                                                                                              #4
+		$errorstring = 'The email address is already registered.';
+			echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+	}	
+	} else { // Report the errors.                             
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+		}									
+   catch(Exception $e) // We finally handle any problems here   
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
\ No newline at end of file
diff --git a/Ch05/postal/process_admin_view_users.php b/Ch05/postal/process_admin_view_users.php
new file mode 100644
index 0000000..5e61925
--- /dev/null
+++ b/Ch05/postal/process_admin_view_users.php
@@ -0,0 +1,129 @@
+<?php
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+//set the number of rows per display page
+$pagerows = 4; //                                                                       
+// Has the total number of pagess already been calculated?
+if ((isset($_GET['p']) && is_numeric($_GET['p']))) { //already been calculated
+$pages = htmlspecialchars($_GET['p'], ENT_QUOTES);
+// make sure it is not executable XSS
+}else{//use the next block of code to calculate the number of pages                     
+//First, check for the total number of records
+$q = "SELECT COUNT(userid) FROM users";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$records = htmlspecialchars($row[0], ENT_QUOTES);
+// make sure it is not executable XSS
+//Now calculate the number of pages
+if ($records > $pagerows){ //if the number of records will fill more than one page
+//Calculate the number of pages and round the result up to the nearest integer
+$pages = ceil ($records/$pagerows); //                                                   
+}else{
+$pages = 1;
+}
+}//page check finished
+//Declare which record to start with                                                     
+if ((isset($_GET['s'])) &&( is_numeric($_GET['s'])))
+{
+$start = htmlspecialchars($_GET['s'], ENT_QUOTES);
+// make sure it is not executable XSS
+}else{
+$start = 0;
+}
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users ORDER BY registration_date ASC";
+$query .=" LIMIT ?, ?";
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind $id to SQL Statement
+mysqli_stmt_bind_param($q, "ii", $start, $pagerows); 
+
+// execute query
+
+mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran OK (records were returned), display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';				
+// Fetch and print all the records:							
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Error message:
+echo '<p class="text-center">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of else ($result) 
+// Now display the total number of records/members.           
+$q = "SELECT COUNT(userid) FROM users";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$members = htmlspecialchars($row[0], ENT_QUOTES);
+mysqli_close($dbcon); // Close the database connection.     
+$echostring = "<p class='text-center'>Total membership: $members </p>";
+$echostring .= "<p class='text-center'>";
+if ($pages > 1) {//                                             
+//What number is the current page?
+$current_page = ($start/$pagerows) + 1;
+//If the page is not the first page then create a Previous link
+if ($current_page != 1) {
+$echostring .= '<a href="admin_view_users.php?s=' . ($start - $pagerows) . 
+'&p=' . $pages . '">Previous</a> ';
+}
+//Create a Next link                                                  
+if ($current_page != $pages) {
+$echostring .= ' <a href="admin_view_users.php?s=' . ($start + $pagerows) . 
+'&p=' . $pages . '">Next</a> ';
+}
+$echostring .= '</p>';
+echo $echostring;
+}
+//}
+//mysqli_close($dbcon); // Close the database connection.
+} //end of try
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
\ No newline at end of file
diff --git a/Ch05/postal/process_delete_record.php b/Ch05/postal/process_delete_record.php
new file mode 100644
index 0000000..1b31598
--- /dev/null
+++ b/Ch05/postal/process_delete_record.php
@@ -0,0 +1,95 @@
+<?php
+try { 
+// Check for a valid user ID, through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+	$id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} else
+if ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.      #1
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+//	return to login page
+header("Location: login.php");
+exit();
+}
+require ('./mysqli_connect.php');
+// Check if the form has been submitted:                                               #2
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$sure = htmlspecialchars($_POST['sure'], ENT_QUOTES);
+if ($sure == 'Yes') { // Delete the record.
+	// Make the query:
+	
+	// Use prepare statement to remove security problems
+	$q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, 'DELETE FROM users WHERE userid=? LIMIT 1');
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	if (mysqli_stmt_affected_rows($q) == 1) { // It ran OK
+// Print a message:
+		echo '<h3 class="text-center">The record has been deleted.</h3>';	
+		} else { // If the query did not run OK display public message
+			echo '<p class="text-center">The record could not be deleted.';
+			echo '<br>Either it does not exist or due to a system error.</p>';
+		//	echo '<p>' . mysqli_error($dbcon ) . '<br />Query: ' . $q . '</p>'; 
+		// Debugging message. When live comment out because this displays sql
+		}
+	} else { // User did not confirm deletion.
+		echo '<h3 class="text-center">The user has NOT been deleted as you requested</h3>';	
+	}
+} else { // Show the form.                                                               #3
+	
+	$q = mysqli_stmt_init($dbcon);
+	$query = "SELECT CONCAT(first_name, ' ', last_name) FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	 $result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM); // get user info
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+		
+		// Display the record being deleted:
+		$user = htmlspecialchars($row[0], ENT_QUOTES);
+?>
+	<h2 class="h2 text-center">
+	Are you sure you want to permanently delete <?php echo $user; ?>?</h2>
+	<form action="delete_user.php" method="post"	
+			name="deleteform" id="deleteform">
+	<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8" style="padding-left: 70px;">
+	<input type="hidden" name="id" value="<?php echo $id; ?>">
+	<input id="submit-yes" class="btn btn-primary" type="submit" name="sure" value="Yes"> - 
+	<input id="submit-no" class="btn btn-primary" type="submit" name="sure" value="No">
+    </div>
+	</div>
+	</form>';
+<?php
+	} else { // Not a valid user ID.
+		echo '<p class="text-center">This page has been accessed in error.</p>';
+		echo '<p>&nbsp;</p>';
+	}
+} // End of the main submission conditional.
+mysqli_stmt_close($q);
+mysqli_close($dbcon );
+}
+catch(Exception $e)
+{
+	print "The system is busy. Please try again.";
+	//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is currently busy. Please try again soon.";
+	//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch05/postal/process_edit_record.php b/Ch05/postal/process_edit_record.php
new file mode 100644
index 0000000..8d5899f
--- /dev/null
+++ b/Ch05/postal/process_edit_record.php
@@ -0,0 +1,187 @@
+<?php
+try
+{ 
+// After clicking the Edit link in the found_record.php page. This code is executed 
+// The code looks for a valid user ID, either through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+    $id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+	include ('footer.php'); 
+	exit();
+}
+
+require ('./mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array();
+	// Look for the first name:
+	$first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+	if (empty($first_name)) {
+		$errors[] = 'You forgot to enter your first name.';
+	}
+	// Look for the last name:
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);	
+	if (empty($last_name)) {
+		$errors[] = 'You forgot to enter your last name.';
+	}
+	// Look for the email address:
+	$email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+	// Look for class:
+	$class = filter_var( $_POST['class'], FILTER_SANITIZE_NUMBER_INT);	
+	if (empty($class)) {
+		$errors[] = 'You forgot to the class or it is not numeric.';
+	}
+	// Look for the Paid Status:
+	$paid = filter_var( $_POST['paid'], FILTER_SANITIZE_STRING);	
+	if (empty($paid)) {
+		$errors[] = 'You forgot to enter the paid status.';
+	}
+	if (!($paid == "No") || ($paid == "Yes")) {
+		$errors[] = "Paid must be No or Yes.";
+	}	
+	if (empty($errors)) { // If everything's OK.                                     
+		$q = mysqli_stmt_init($dbcon);
+		$query = 'SELECT userid FROM users WHERE email=? AND userid !=?';
+        mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'si', $email, $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+	if (mysqli_num_rows($result) == 0) { // e-mail does not exist in another record
+		 $query = 'UPDATE users SET first_name=?, last_name=?, email=?,';
+		 $query .= ' class=?, paid=?';
+         $query .= ' WHERE userid=? LIMIT 1';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'sssssi', $first_name, $last_name, $email, $class, $paid, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+			
+			// Echo a message if the edit was satisfactory:
+				echo '<h3 class="text-center">The user has been edited.</h3>';	
+						} else { // Echo a message if the query failed.
+				echo '<p class="text-center">The user could not be edited due to a system error.';
+                echo ' We apologize for any inconvenience.</p>'; // Public message.
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		} else { // Already registered.
+			echo '<p class="text-center">The email address has already been registered.</p>';
+		}
+		} else { // Display the errors.
+		echo '<p class="text-center">The following error(s) occurred:<br />';
+		foreach ($errors as $msg) { // Echo each error.
+			echo " - $msg<br />\n";
+		}
+		echo '</p><p>Please try again.</p>';
+		} // End of if (empty($errors))section.
+} // End of the conditionals
+// Select the user's information to display in textboxes:                                    #3
+
+	$q = mysqli_stmt_init($dbcon);
+	$query = 
+	"SELECT first_name, last_name, email, class, paid FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	mysqli_stmt_bind_param($q, 'i', $id); 
+      
+       // execute query
+	   
+    mysqli_stmt_execute($q);  
+	   
+	$result = mysqli_stmt_get_result($q);
+
+	$row = mysqli_fetch_array($result, MYSQLI_NUM);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	
+	// Create the form:
+?>
+<h2 class="h2 text-center">Edit a Record</h2>
+<form action="edit_user.php" method="post"	
+	name="editform" id="editform">
+  <div class="form-group row">
+  <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+  <div class="col-sm-8">
+  <input type="text" class="form-control" id="first_name" name="first_name" 
+  placeholder="First Name" maxlength="30" required
+	  value="<?php echo htmlspecialchars($row[0], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value="<?php echo htmlspecialchars($row[1], ENT_QUOTES); ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php echo htmlspecialchars($row[2], ENT_QUOTES); ?>">
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="class" class="col-sm-4 col-form-label">Membership Class:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="class" name="class" 
+	  placeholder="Membership Class" maxlength="60" required
+	  value="<?php echo htmlspecialchars($row[3], ENT_QUOTES); ?>">
+    </div>
+  </div> 
+ <div class="form-group row">
+    <label for="paid" class="col-sm-4 col-form-label">Paid:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="paid" name="paid" 
+	  placeholder="Paid" maxlength="60" required
+	  value="<?php echo htmlspecialchars($row[4], ENT_QUOTES); ?>">
+    </div>
+  </div> 
+<input type="hidden" name="id" value="<?php echo $id ?>" />
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+<?php
+} else { // The user could not be validated
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+}
+mysqli_stmt_free_result($q);
+mysqli_close($dbcon);
+}
+catch(Exception $e)
+{
+	print "The system is busy. Please try later";
+	//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is currently busy. Please try again later";
+	//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch05/postal/process_temp_view_found_record.php b/Ch05/postal/process_temp_view_found_record.php
new file mode 100644
index 0000000..0d7bf25
--- /dev/null
+++ b/Ch05/postal/process_temp_view_found_record.php
@@ -0,0 +1,70 @@
+<?php
+try
+{
+
+// This script retrieves records from the users table.                         
+require ('./mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users WHERE ";
+$query .= "last_name='Smith' AND first_name='James' ";
+$query .="ORDER BY registration_date ASC ";		
+// Perpared statement not needed because string is hard coded
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';	
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="error">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+print "The system is currently busy. Please try later.";
+//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+print "The system us busy. Please try later.";
+//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch05/postal/process_view_found_record.php b/Ch05/postal/process_view_found_record.php
new file mode 100644
index 0000000..8bd6b5c
--- /dev/null
+++ b/Ch05/postal/process_view_found_record.php
@@ -0,0 +1,89 @@
+<?php
+try
+{
+// This script retrieves records from the users table.                         
+require ('./mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+$first_name = htmlspecialchars($_POST['first_name'], ENT_QUOTES);
+$last_name = htmlspecialchars($_POST['last_name'], ENT_QUOTES);
+// Since it's a prepared statement below this sanitizing is not needed
+// However, to consistantly retrieve than sanitize is a good habit
+
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, class, paid, userid FROM users WHERE ";
+$query .= "last_name=? AND first_name=? ";
+$query .="ORDER BY registration_date ASC ";		
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+mysqli_stmt_bind_param($q, 'ss', $last_name, $first_name);
+
+// execute query	 
+mysqli_stmt_execute($q); 
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+<th scope="col">Class</th>
+<th scope="col">Paid</th>
+</tr>';	
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	$class = htmlspecialchars($row['class'], ENT_QUOTES);
+	$paid = htmlspecialchars($row['paid'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	<td>' . $class . '</td>
+	<td>' . $paid . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="center-text">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+print "The system is currently busy. Please try later.";
+//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+print "The system us busy. Please try later.";
+//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch05/postal/register-header.php b/Ch05/postal/register-header.php
new file mode 100644
index 0000000..1a24c07
--- /dev/null
+++ b/Ch05/postal/register-header.php
@@ -0,0 +1,15 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" 
+       aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'register-page'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
diff --git a/Ch05/postal/register-page-new.php b/Ch05/postal/register-page-new.php
new file mode 100644
index 0000000..232ab4d
--- /dev/null
+++ b/Ch05/postal/register-page-new.php
@@ -0,0 +1,247 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('register-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<h3 class="text-center">Items marked with an asterisk * are required</h3>
+<?php
+try {
+require ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<form action="register-page-new.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">*First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">*Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	   value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">*E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">*Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">*Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+?>
+	<option value="
+		<?php echo htmlspecialchars($row[$i], ENT_QUOTES); ?>"
+	<?php	
+	if ((isset($_POST['level'])) && ( $_POST['level'] == $row[$i])) 
+		{ 
+	?>
+			selected
+	<?php		} ?>
+
+	> <?php echo $yearsarray[$j]; ?> 
+	   <?php htmlspecialchars($row[$i], ENT_QUOTES); ?> 
+		 &pound; GB,
+		<?php htmlspecialchars($row[$i + 1], ENT_QUOTES); ?> 
+		 &dollar; US</option>
+<?php
+}
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label">*Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['address1'])) 
+		echo htmlspecialchars($_POST['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['address2'])) 
+		echo htmlspecialchars($_POST['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label">*City:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['city'])) 
+		echo htmlspecialchars($_POST['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label">*State/Country:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['state_country'])) 
+		echo htmlspecialchars($_POST['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label">*Zip Code/Post Code:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  placeholder="Zip Code or Postal Code" maxlength="15" required
+	   value=
+		"<?php if (isset($_POST['zcode_pcode'])) 
+		echo htmlspecialchars($_POST['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label">Phone Number:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['phone'])) 
+		echo htmlspecialchars($_POST['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php');
+  echo "</footer>";
+  }
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+ ?>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/register-page.php b/Ch05/postal/register-page.php
new file mode 100644
index 0000000..c3e8066
--- /dev/null
+++ b/Ch05/postal/register-page.php
@@ -0,0 +1,245 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('register-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<h3 class="text-center">Items marked with an asterisk * are required</h3>
+<?php
+try {
+require_once ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<form action="register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">*First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">*Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	   value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">*E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">*Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">*Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($_POST['level'])) && ( $_POST['level'] == $row[$i])) 
+		{ 
+	?>
+			selected
+	<?php } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+echo "here";
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label">*Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['address1'])) 
+		echo htmlspecialchars($_POST['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['address2'])) 
+		echo htmlspecialchars($_POST['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label">*City:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['city'])) 
+		echo htmlspecialchars($_POST['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label">*State/Country:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['state_country'])) 
+		echo htmlspecialchars($_POST['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label">*Zip Code/Post Code:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  placeholder="Zip Code or Postal Code" maxlength="15" required
+	   value=
+		"<?php if (isset($_POST['zcode_pcode'])) 
+		echo htmlspecialchars($_POST['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label">Phone Number:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['phone'])) 
+		echo htmlspecialchars($_POST['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col-cards.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php');
+  echo "</footer>";
+  echo "</div>";
+  }
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+ ?>
+</body>
+</html>
diff --git a/Ch05/postal/register-password.php b/Ch05/postal/register-password.php
new file mode 100644
index 0000000..0e6f68c
--- /dev/null
+++ b/Ch05/postal/register-password.php
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password'])) echo $_POST['password']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/register-thanks.php b/Ch05/postal/register-thanks.php
new file mode 100644
index 0000000..fa2c9f7
--- /dev/null
+++ b/Ch05/postal/register-thanks.php
@@ -0,0 +1,129 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('thanks-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h3 class="h2 text-center" >Thank you for registering</h2>
+<h6 class="text-center">To confirm your registration please verify membership class and pay the membership fee now.</h6>
+<h6 class="text-center">You can use PayPal or a credit/debit card.</h6>
+<p class="text-center" >When you have completed your registration you will be able to login 
+to the member's only pages.</p>
+<?php
+try {
+require ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<p></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="XXXXXXXXXXXXX">
+<div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+$class = htmlspecialchars($_GET['class'], ENT_QUOTES);
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($class)) && ( $class == $row[$i])) 
+		{ 
+	
+			echo ' selected ';
+	 } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<!-- Replace the code below with code provided by PayPal once you obtain a Merchant ID -->
+<input type="hidden" name="currency_code" value="GBP">
+<input style="margin:10px 0 0 40px" type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_buynowCC_LG.gif" name="submit" alt="PayPal  The safer, easier way to pay online.">
+<img alt="" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="1" height="1">
+<!-- Replace code above with PayPal provided code -->
+</div>
+</div>
+</form>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col-cards.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+<?php 
+} // end try
+catch(Exception $e) // We finally handle any problems here   
+ {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+ }
+catch(Error $e)
+{
+     //print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try again later.";
+}
+?>
+</body>
+</html>
diff --git a/Ch05/postal/register-view-users.php b/Ch05/postal/register-view-users.php
new file mode 100644
index 0000000..2859874
--- /dev/null
+++ b/Ch05/postal/register-view-users.php
@@ -0,0 +1,93 @@
+ <?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/search.php b/Ch05/postal/search.php
new file mode 100644
index 0000000..a9e93da
--- /dev/null
+++ b/Ch05/postal/search.php
@@ -0,0 +1,90 @@
+<?php											
+//session_start();
+//if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+//{
+//header("Location: login.php");
+//exit();
+//}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Search Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Search for a record</h2>
+<h6 class="text-center">Both names are required items</h6>
+<form action="view_found_record.php" method="post" >
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value=
+			"<?php if (isset($_POST['first_name'])) 
+				echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+			"<?php if (isset($_POST['last_name'])) 
+				echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" 
+		name="submit" value="Search">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/temp_view_found_record.php b/Ch05/postal/temp_view_found_record.php
new file mode 100644
index 0000000..951315e
--- /dev/null
+++ b/Ch05/postal/temp_view_found_record.php
@@ -0,0 +1,55 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are found users</h2>
+<p>
+<?php 
+require ("process_temp_view_found_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch05/postal/thanks-header.php b/Ch05/postal/thanks-header.php
new file mode 100644
index 0000000..7a0b906
--- /dev/null
+++ b/Ch05/postal/thanks-header.php
@@ -0,0 +1,11 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch05/postal/verify.js b/Ch05/postal/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch05/postal/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch05/postal/view_found_record.php b/Ch05/postal/view_found_record.php
new file mode 100644
index 0000000..1c3c431
--- /dev/null
+++ b/Ch05/postal/view_found_record.php
@@ -0,0 +1,51 @@
+<?php                                                                       
+//session_start();
+//if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+//{ header("Location: login.php");
+// exit();
+//}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-10"> 
+  <h2 class="text-center">These are users found</h2>
+<p>
+<?php 
+require ("process_view_found_record.php");
+?>
+</div>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/admin-page.php b/Ch06/finalpostal/admin-page.php
new file mode 100644
index 0000000..80aad6c
--- /dev/null
+++ b/Ch06/finalpostal/admin-page.php
@@ -0,0 +1,57 @@
+<?php                                                                                     
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Administration Page</h2>
+<h3>You have permission to:</h3>
+<p>&#9632;Edit and Delete a record</p>
+<p>&#9632;Use the View Members button to page through all the members</p>
+<p>&#9632;Use the Search button to locate a particular member</p>
+<p>&#9632;Use the New Password button to change your password. 
+</p>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/admin-view-users.php b/Ch06/finalpostal/admin-view-users.php
new file mode 100644
index 0000000..4e28c86
--- /dev/null
+++ b/Ch06/finalpostal/admin-view-users.php
@@ -0,0 +1,121 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Users Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT last_name, first_name, email, DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, class, paid, userid FROM users ORDER BY registration_date DESC";
+$q .=" LIMIT $start, $pagerows";	
+
+
+
+// Prepared statement not needed since hardcoded	
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to #5
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                                                                                                                                      #7
+	mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/admin_view_users.php b/Ch06/finalpostal/admin_view_users.php
new file mode 100644
index 0000000..0874f76
--- /dev/null
+++ b/Ch06/finalpostal/admin_view_users.php
@@ -0,0 +1,52 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{
+ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Users Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-10">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+require ("process_admin_view_users.php");
+?>
+</div>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/cap.php b/Ch06/finalpostal/cap.php
new file mode 100644
index 0000000..201053b
--- /dev/null
+++ b/Ch06/finalpostal/cap.php
@@ -0,0 +1,17 @@
+<?php
+        if(isset($_POST['g-recaptcha-response'])){
+			$captcha=$_POST['g-recaptcha-response'];
+			$secretKey = "Put your secret key here";
+			$ip_address = $_SERVER['REMOTE_ADDR'];
+			$response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha."&remoteip=".$ip_address);
+			$keys = json_decode($response,true);
+			if(intval($keys["success"]) !== 1) {
+				echo "<h4 class='text-center'>Are you human? Click recaptcha</h4>";
+				header( "refresh:1;" );
+			}
+		}
+		else { echo "<h4 class='text-center'>Are you human? Click recaptcha!</h4>";
+		header( "refresh:1;" );
+		}
+		
+?>	
\ No newline at end of file
diff --git a/Ch06/finalpostal/change-password.php b/Ch06/finalpostal/change-password.php
new file mode 100644
index 0000000..eb049c8
--- /dev/null
+++ b/Ch06/finalpostal/change-password.php
@@ -0,0 +1,115 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Change Password</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="passform" id="passform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label text-right">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password'])) 
+		echo htmlspecialchars($_POST['password'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">New Passsword:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/delete_user.php b/Ch06/finalpostal/delete_user.php
new file mode 100644
index 0000000..9607aef
--- /dev/null
+++ b/Ch06/finalpostal/delete_user.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Delete Record</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_delete_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/edit_address.php b/Ch06/finalpostal/edit_address.php
new file mode 100644
index 0000000..d4cb1e1
--- /dev/null
+++ b/Ch06/finalpostal/edit_address.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+ exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Edit an Address</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_edit_address.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/edit_user.php b/Ch06/finalpostal/edit_user.php
new file mode 100644
index 0000000..7610f60
--- /dev/null
+++ b/Ch06/finalpostal/edit_user.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Edit a Record</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_edit_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/finalpostal.sql b/Ch06/finalpostal/finalpostal.sql
new file mode 100644
index 0000000..8a97a89
--- /dev/null
+++ b/Ch06/finalpostal/finalpostal.sql
@@ -0,0 +1,124 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 07:01 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `finalpostal`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `prices`
+--
+
+CREATE TABLE `prices` (
+  `oneyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `oneyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `militarygb` decimal(6,0) UNSIGNED NOT NULL,
+  `militaryus` decimal(6,0) UNSIGNED NOT NULL,
+  `u21gb` decimal(6,0) UNSIGNED NOT NULL,
+  `u21us` decimal(6,0) UNSIGNED NOT NULL,
+  `minpricegb` decimal(6,0) UNSIGNED NOT NULL,
+  `minpriceus` decimal(6,0) UNSIGNED NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `prices`
+--
+
+INSERT INTO `prices` (`oneyeargb`, `oneyearus`, `fiveyeargb`, `fiveyearus`, `militarygb`, `militaryus`, `u21gb`, `u21us`, `minpricegb`, `minpriceus`) VALUES
+('30', '40', '125', '140', '5', '8', '2', '3', '15', '20');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `title` tinytext,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `class` char(20) NOT NULL,
+  `user_level` tinyint(2) UNSIGNED NOT NULL,
+  `address1` varchar(50) NOT NULL,
+  `address2` varchar(50) DEFAULT NULL,
+  `city` varchar(50) NOT NULL,
+  `state_country` char(25) NOT NULL,
+  `zcode_pcode` char(10) NOT NULL,
+  `phone` char(15) DEFAULT NULL,
+  `secret` varchar(30) NOT NULL,
+  `paid` enum('No','Yes') NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `title`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `class`, `user_level`, `address1`, `address2`, `city`, `state_country`, `zcode_pcode`, `phone`, `secret`, `paid`) VALUES
+(1, 'Mr', 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$UiiBhmXca.0/bwopveFq8uInuX.EVrecinUQYQG546WjAWwZLJNoe', '2017-12-06 08:43:41', '30', 0, '4 The Street', 'The Village', 'Townsville', 'USA', 'WA', '0123777888', '', 'Yes'),
+(2, 'Mr', 'Jack', 'Smith', 'jsmith@outcook.com', '$2y$10$NjlsajfCITeb.oDXqu9Neuguh3PBKL5EaqZ5ClfW76nVSnW.W.XNO', '2017-12-06 08:47:24', '30', 1, '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 'Yes'),
+(4, 'Ms', 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$5KM8jy5MwHIgfVchsdfE8OvuF1cT2VYqU6mte2CWBw1HjmEv3r.ES', '2017-12-06 12:20:33', '2', 0, '6 The Street', '', 'Townsville', 'UK', 'EX9 9PG', '01234777888', '', 'Yes'),
+(5, 'Mr', 'Patrick', 'O\'Hara', 'pohara@myisp.org.uk', '$2y$10$0nmGDVmHdWusgFJRmVZADeL43Y7HCPViBrHj/Z2betxiMdMx5Y2sC', '2017-12-06 12:27:32', '30', 0, '5 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 'Yes'),
+(6, 'Mr', 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$KCQhEftEJouWPfuOOVoRVOECY/oJTluxHRr85fWlz6nsfN4OHtCie', '2017-12-06 17:02:16', '30', 0, '6 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PS', '', '', 'Yes'),
+(7, 'Miss', 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$IrQE3TTkWzNm93FP/VYf.O/yMWDJDpIn/.qjrmvN.I97fvakynuza', '2017-12-06 17:11:44', '30', 0, '7 The Street', 'The Village', 'Townsville', 'UK', 'EXP 6PG', '01234777888', '', 'Yes'),
+(8, 'Mrs', 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$R2auBMKMe/Qw2fFr8D.S8eUEENUz8r.YUth5NHAyskNYupUzBen5O', '2017-12-06 17:18:30', '30', 0, '7 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 'Yes'),
+(9, 'Mrs', 'Annie', 'Mossity', 'amossity@myisp.org.uk', '$2y$10$amqmyEfaOfiZ0MkIzdO90uZMPw4Mi/4RR70nNd0nxaZSOlxlr.8DC', '2017-12-06 17:24:42', '30', 0, '4 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', '', 'Yes'),
+(10, 'Mr', 'Percy', 'Veer', 'pveer@myisp.com', '$2y$10$Wvdx/YO4cCcOQvyMVVtapO3F/eiz2Ow3yU9VcczGMC.dcgwbgIXMS', '2017-12-06 17:28:53', '30', 0, '7 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PG', '01234777888', '', 'Yes'),
+(11, 'Mr', 'Darrel', 'Doo', 'ddoo@myisp.co.uk', '$2y$10$cTmJVcuUmTpCOIdQJ8MG3uwLmG7M7V3iE8zPXiNW2PQEdDQZMBftO', '2017-12-06 17:39:30', '30', 0, '5 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '', '', 'Yes'),
+(12, 'Mr', 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$YUYnU8UvOF/WUJ5h4VK4Qe.I48ZcAbedjPiDekKHlODduqGdJoI9i', '2017-12-06 18:02:04', '30', 0, '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '01234777888', '', 'Yes'),
+(13, 'Mrs', 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$k9sMvE001164jjzJLs.OpOmb9LtluUEbR4GQ4RT5/rvSPNIqbL6gC', '2017-12-07 17:39:34', '30', 0, '6 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 'Yes'),
+(14, 'Mr', 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$TOr.IZq/joHIKSk0Oo.jE.yWau48sUSgtC5TzKJ0sl0AoO2Bsk3lW', '2017-12-08 12:16:58', '30', 0, '5 The Street', '', 'Townsville', 'UK', 'EX7 9PG', '01234777888', '', 'Yes'),
+(16, 'Miss', 'Lynn', 'Seed', 'lseed@myisp.com', '$2y$10$nEs3Zhh4V5ZznpcPzGs9gOWupjY2NgV87DPpLu2DjqsdyBNRjf4/C', '2017-12-16 20:03:16', '30', 0, '6 The Street', '', 'Townsville', 'UK', 'EX24 6PG', '01234777888', '', 'Yes'),
+(17, 'Mr', 'Barry', 'Tone', 'btone@myisp.net', '$2y$10$w4zMq7ij7NmVDeBBKDSmbu963EwchZwAHPZmgZmTQAQ8Gha2jTD5W', '2017-12-16 20:16:40', '30', 0, '2 The Street', '', 'Townsville', 'USA', 'CA12345', '', '', 'Yes'),
+(30, 'Mr', 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$lePdxFz7ZKn/bJ41BS0h/ehWyIL2ZgK123iPQJahNCaRjgxVY3Rfq', '2017-12-29 11:28:43', '30', 0, '2 The Street', 'The Village', 'Townsville', 'Germany', 'BL1234', '', '', 'Yes'),
+(31, 'Miss', 'Dee', 'Jected', 'djected@myisp.org.uk', '$2y$10$ujpV7w4blsTdQFWOsE1fiOFYtj9zN4w0WcK5V4WJ60Pc5HWodWlGC', '2017-12-29 11:48:04', '30', 0, '3 The Street', 'The Village', 'Townsville', 'UK', 'EX3 1TH', '', '', 'Yes'),
+(32, 'Mr', 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$Yu.c/cw/TSFa9vcMBGAfAe5vzyOwp3SZarBVc/9vEksfp.F8BzSiW', '2017-12-29 11:58:51', '30', 0, '2 The Street', '', 'Townsville', 'UK', 'EX24 6PS', '01234777888', '', 'Yes');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=38;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch06/finalpostal/images/Thumbs.db b/Ch06/finalpostal/images/Thumbs.db
new file mode 100644
index 0000000..04bb756
Binary files /dev/null and b/Ch06/finalpostal/images/Thumbs.db differ
diff --git a/Ch06/finalpostal/images/logo.jpg b/Ch06/finalpostal/images/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch06/finalpostal/images/logo.jpg differ
diff --git a/Ch06/finalpostal/images/polo.png b/Ch06/finalpostal/images/polo.png
new file mode 100644
index 0000000..bca2bd2
Binary files /dev/null and b/Ch06/finalpostal/images/polo.png differ
diff --git a/Ch06/finalpostal/images/tile-pale.jpg b/Ch06/finalpostal/images/tile-pale.jpg
new file mode 100644
index 0000000..ae45d50
Binary files /dev/null and b/Ch06/finalpostal/images/tile-pale.jpg differ
diff --git a/Ch06/finalpostal/images/vertical_solution_PP.png b/Ch06/finalpostal/images/vertical_solution_PP.png
new file mode 100644
index 0000000..8693bd4
Binary files /dev/null and b/Ch06/finalpostal/images/vertical_solution_PP.png differ
diff --git a/Ch06/finalpostal/includes/footer.php b/Ch06/finalpostal/includes/footer.php
new file mode 100644
index 0000000..742b705
--- /dev/null
+++ b/Ch06/finalpostal/includes/footer.php
@@ -0,0 +1,5 @@
+<p>Copyright &copy; Adrian West & Steve Prettyman 2017  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch06/finalpostal/includes/header-admin.php b/Ch06/finalpostal/includes/header-admin.php
new file mode 100644
index 0000000..50c305b
--- /dev/null
+++ b/Ch06/finalpostal/includes/header-admin.php
@@ -0,0 +1,15 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'admin_view_users.php'">View Members</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'search.php'">Search</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'search_addresses.php'">Addresses</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
diff --git a/Ch06/finalpostal/includes/header-members.php b/Ch06/finalpostal/includes/header-members.php
new file mode 100644
index 0000000..3bf6406
--- /dev/null
+++ b/Ch06/finalpostal/includes/header-members.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch06/finalpostal/includes/header-thanks.php b/Ch06/finalpostal/includes/header-thanks.php
new file mode 100644
index 0000000..b0b0b07
--- /dev/null
+++ b/Ch06/finalpostal/includes/header-thanks.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Cancel</button>
+</div>
+    </nav>
+
diff --git a/Ch06/finalpostal/includes/header.php b/Ch06/finalpostal/includes/header.php
new file mode 100644
index 0000000..69f9524
--- /dev/null
+++ b/Ch06/finalpostal/includes/header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Login</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'safer-register-page.php'">Register</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch06/finalpostal/includes/info-col-cards.php b/Ch06/finalpostal/includes/info-col-cards.php
new file mode 100644
index 0000000..fda610e
--- /dev/null
+++ b/Ch06/finalpostal/includes/info-col-cards.php
@@ -0,0 +1,4 @@
+
+<h3 class="text-center">Payment Methods</h3>
+	<img alt="Pay by PayPal or Credit card" class="float-left" title="Pay by PayPal or Credit card"src="images/vertical_solution_PP.png">
+
diff --git a/Ch06/finalpostal/includes/info-col.php b/Ch06/finalpostal/includes/info-col.php
new file mode 100644
index 0000000..1c1ae88
--- /dev/null
+++ b/Ch06/finalpostal/includes/info-col.php
@@ -0,0 +1,3 @@
+<h3>This is the information column</h3>
+<p>Information area</p>
+
diff --git a/Ch06/finalpostal/includes/login-header.php b/Ch06/finalpostal/includes/login-header.php
new file mode 100644
index 0000000..9602ddc
--- /dev/null
+++ b/Ch06/finalpostal/includes/login-header.php
@@ -0,0 +1,13 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-page.php'">Register</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch06/finalpostal/includes/logo.jpg b/Ch06/finalpostal/includes/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch06/finalpostal/includes/logo.jpg differ
diff --git a/Ch06/finalpostal/includes/members-header.php b/Ch06/finalpostal/includes/members-header.php
new file mode 100644
index 0000000..de443b4
--- /dev/null
+++ b/Ch06/finalpostal/includes/members-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'change-password.php'" >New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch06/finalpostal/includes/nav.php b/Ch06/finalpostal/includes/nav.php
new file mode 100644
index 0000000..db873ad
--- /dev/null
+++ b/Ch06/finalpostal/includes/nav.php
@@ -0,0 +1,15 @@
+    <li class="nav-item">
+          <a class="nav-link active" href="index.php">Home</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-2.php">Page 2</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-3.php">Page 3</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-4.php">Page 4</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-5.php">Page 5</a>
+        </li>
\ No newline at end of file
diff --git a/Ch06/finalpostal/includes/password-header.php b/Ch06/finalpostal/includes/password-header.php
new file mode 100644
index 0000000..e6fc6c8
--- /dev/null
+++ b/Ch06/finalpostal/includes/password-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch06/finalpostal/includes/register-header.php b/Ch06/finalpostal/includes/register-header.php
new file mode 100644
index 0000000..b1a43e8
--- /dev/null
+++ b/Ch06/finalpostal/includes/register-header.php
@@ -0,0 +1,15 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" 
+       aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'register-page'" >Erase Your Entries</button>
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
diff --git a/Ch06/finalpostal/includes/register-thanks.php b/Ch06/finalpostal/includes/register-thanks.php
new file mode 100644
index 0000000..fa2c9f7
--- /dev/null
+++ b/Ch06/finalpostal/includes/register-thanks.php
@@ -0,0 +1,129 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('thanks-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h3 class="h2 text-center" >Thank you for registering</h2>
+<h6 class="text-center">To confirm your registration please verify membership class and pay the membership fee now.</h6>
+<h6 class="text-center">You can use PayPal or a credit/debit card.</h6>
+<p class="text-center" >When you have completed your registration you will be able to login 
+to the member's only pages.</p>
+<?php
+try {
+require ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<p></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="XXXXXXXXXXXXX">
+<div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+$class = htmlspecialchars($_GET['class'], ENT_QUOTES);
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($class)) && ( $class == $row[$i])) 
+		{ 
+	
+			echo ' selected ';
+	 } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<!-- Replace the code below with code provided by PayPal once you obtain a Merchant ID -->
+<input type="hidden" name="currency_code" value="GBP">
+<input style="margin:10px 0 0 40px" type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_buynowCC_LG.gif" name="submit" alt="PayPal  The safer, easier way to pay online.">
+<img alt="" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="1" height="1">
+<!-- Replace code above with PayPal provided code -->
+</div>
+</div>
+</form>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col-cards.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+<?php 
+} // end try
+catch(Exception $e) // We finally handle any problems here   
+ {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+ }
+catch(Error $e)
+{
+     //print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try again later.";
+}
+?>
+</body>
+</html>
diff --git a/Ch06/finalpostal/includes/thanks-header.php b/Ch06/finalpostal/includes/thanks-header.php
new file mode 100644
index 0000000..7a0b906
--- /dev/null
+++ b/Ch06/finalpostal/includes/thanks-header.php
@@ -0,0 +1,11 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch06/finalpostal/index.php b/Ch06/finalpostal/index.php
new file mode 100644
index 0000000..7e9feef
--- /dev/null
+++ b/Ch06/finalpostal/index.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/login.php b/Ch06/finalpostal/login.php
new file mode 100644
index 0000000..955c313
--- /dev/null
+++ b/Ch06/finalpostal/login.php
@@ -0,0 +1,90 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Login page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/login-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-login.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Login</h2>
+<form action="login.php" method="post" name="loginform" id="loginform">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail Address:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label text-right">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password'])) 
+		echo htmlspecialchars($_POST['password'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Login">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/logo.jpg b/Ch06/finalpostal/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch06/finalpostal/logo.jpg differ
diff --git a/Ch06/finalpostal/logout.php b/Ch06/finalpostal/logout.php
new file mode 100644
index 0000000..d8abea1
--- /dev/null
+++ b/Ch06/finalpostal/logout.php
@@ -0,0 +1,18 @@
+<?php
+session_start();//access the current session.                  
+// if no session variable exists then redirect the user
+if (!isset($_SESSION['user_id'])) {        
+header("location:index.php");
+exit();
+//cancel the session and redirect the user:
+}else{ //cancel the session
+    $_SESSION = array(); // Destroy the variables
+	$params = session_get_cookie_params();
+	// Destroy the cookie
+	setcookie(session_name(), '', time()-42000,
+	$params["path"], $params["domain"],
+	$params["secure"], $params["httponly"]);
+if (session_status() == PHP_SESSION_ACTIVE) { 
+session_destroy(); } // Destroy the session itself
+header("location:index.php");
+	}
diff --git a/Ch06/finalpostal/members-page.php b/Ch06/finalpostal/members-page.php
new file mode 100644
index 0000000..706a859
--- /dev/null
+++ b/Ch06/finalpostal/members-page.php
@@ -0,0 +1,61 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 0))
+{ header("Location: login.php");
+  exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-members.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Member's Page</h2>
+<p>The members page content. The members page content. The members page content. 
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+</p>
+<p class="h3 text-center">Special offers to members only.</p>
+    <p class="text-center"><strong>T-Shirts 10.00</strong></p>
+<img class="mx-auto d-block" src="images/polo.png" alt="Polo Shirt"> 
+<br>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
+
diff --git a/Ch06/finalpostal/mysqli_connect.php b/Ch06/finalpostal/mysqli_connect.php
new file mode 100644
index 0000000..87a9d3c
--- /dev/null
+++ b/Ch06/finalpostal/mysqli_connect.php
@@ -0,0 +1,12 @@
+<?php 
+// This creates a connection to the logindb database and to MySQL, 
+// It also sets the encoding.
+// Set the access details as constants:
+DEFINE ('DB_USER', 'cabbage');
+DEFINE ('DB_PASSWORD', 'in4aPin4aL');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'finalpostal');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
\ No newline at end of file
diff --git a/Ch06/finalpostal/password-thanks.php b/Ch06/finalpostal/password-thanks.php
new file mode 100644
index 0000000..5ea4b55
--- /dev/null
+++ b/Ch06/finalpostal/password-thanks.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Password Change Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center">
+	<h2>Thank you for changing your password</h2>
+On the Home Page, you will now be able to login with your new password.
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/process-change-password.php b/Ch06/finalpostal/process-change-password.php
new file mode 100644
index 0000000..13447ae
--- /dev/null
+++ b/Ch06/finalpostal/process-change-password.php
@@ -0,0 +1,126 @@
+
+<?php
+// This script is a query that UPDATES the password in the users table.
+// Check that form has been submitted:       
+    require ('mysqli_connect.php'); // Connect to the db. 
+	$errors = array(); // Initialize an error array. 
+	// Set hidden variable to format any of the echos below
+// Check that an email address has been entered				
+  $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))
+			|| (strlen($email > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password = filter_var( $_POST['password'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password);		
+if (empty($password)){   //                                             
+$errors[] ='Please enter a valid old password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password)) {  //                        
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+    // Prepare and check new password
+	$new_password = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+	$verify_password = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);
+	if (!empty($new_password)) {
+		if(preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$new_password)) {  
+        if (($new_password != $verify_password) ||
+			( $password == $new_password ))
+		{
+            $errors[] = 'Your new password did not match the confirmed password and/or ';
+			$errors[] = 'Your old password is the same as your new password.';
+		}
+} else {
+			$errors[] = 'Your new password is not in correct format.';
+}
+	} else {
+			$errors[] = 'You did not enter a new password.';
+    }
+}
+}
+	if (empty($errors)) { // If everything's OK.              
+try {
+	 // Check that the user has entered the right email address/password combination:
+    $query = "SELECT userid, password FROM users WHERE ( email=? )";
+	$q = mysqli_stmt_init($dbcon);                                 
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 's', $email);
+     // execute query
+    mysqli_stmt_execute($q);
+
+	$result = mysqli_stmt_get_result($q);
+    $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+    if ((mysqli_num_rows($result) == 1)
+          && (password_verify($password, $row['password'])))
+		{	// Found one record		
+	    // Change the password in the database...
+	    // Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($new_password, PASSWORD_DEFAULT);            
+		// Make the query:                                               
+       $query = "UPDATE users SET password=? WHERE email=?";
+	   $q = mysqli_stmt_init($dbcon);                                 
+       mysqli_stmt_prepare($q, $query);
+       // use prepared statement to insure that only text is inserted
+       // bind fields to SQL Statement
+       mysqli_stmt_bind_param($q, 'ss', $hashed_passcode, $email);
+       // execute query
+       mysqli_stmt_execute($q);
+       if (mysqli_stmt_affected_rows($q) == 1) {	// one row updated
+           // Echo a message
+          header ("location: password-thanks.php"); 
+		  exit();   
+		} else { // If it did not run OK.
+		// Public message:
+			$errorstring = "System Error! <br /> You could not change password due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";	
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+			// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		    exit();
+		 }
+    } else { // Invalid email address/password combination.
+		$errorstring = 'Error! <br /> ';
+        $errorstring .= 'The email address and/or password do not match those on file.';
+	    $errorstring .= " Please try again.";
+		echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";
+} }	
+   catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+	} else { // Report the errors.                                            
+		//header ("location: register-page.php"); 
+		$errorstring = "Error! The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
+
+
+
+
+
+
+
diff --git a/Ch06/finalpostal/process-login.php b/Ch06/finalpostal/process-login.php
new file mode 100644
index 0000000..180dedc
--- /dev/null
+++ b/Ch06/finalpostal/process-login.php
@@ -0,0 +1,93 @@
+<?php 
+// This section processes submissions from the login form
+// Check if the form has been submitted:
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    //connect to database
+try {
+    require ('mysqli_connect.php');
+// Check that an email address has been entered				
+  $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))
+			|| (strlen($email > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password = filter_var( $_POST['password'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password);		
+if (empty($password)){  
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+}
+}	
+   if (empty($errors)) { // If everything's OK.         #1
+// Retrieve the user_id, psword, first_name and user_level for that
+// email/password combination
+ $query = "SELECT userid, password, first_name, user_level FROM users ";
+ $query .= "WHERE paid='Yes' AND email=?";
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) == 1) {
+//if one database row (record) matches the input:-
+// Start the session, fetch the record and insert the 
+// values in an array 
+if (password_verify($password, $row[1])) {          //#2
+session_start();								
+// Ensure that the user level is an integer. 
+$_SESSION['user_level'] = (int) $row[3];
+// Use a ternary operation to set the URL             #3
+$url = ($_SESSION['user_level'] === 1) ? 'admin-page.php' :
+ 'members-page.php'; 
+header('Location: ' . $url); 
+// Make the browser load either the members or the admin page
+} else { // No password match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps your fee has not yet been processed from ';
+$errors[] = ' PayPal or the credit card.';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} else { // No e-mail match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} 
+if (!empty($errors)) {                     
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (!empty($errors)) IF.
+mysqli_stmt_free_result($q);
+mysqli_stmt_close($q);
+}
+ catch(Exception $e) // We finally handle any problems here   
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+} // no else to allow user to enter values
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/process-register-page.php b/Ch06/finalpostal/process-register-page.php
new file mode 100644
index 0000000..f3a6c15
--- /dev/null
+++ b/Ch06/finalpostal/process-register-page.php
@@ -0,0 +1,195 @@
+<?php
+// Has the form been submitted?
+try {
+require ('mysqli_connect.php'); // Connect to the database
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+//Is the title present? If it is, sanitize it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}							
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password1trim);		
+if (empty($password1trim)){   //                                             #7
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password1trim)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+$password2trim = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);	
+if($password1trim === $password2trim) { //                                 #9
+$password = $password1trim;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+}
+//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}
+//If the 2nd address is present? If it is, sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the secret present? If it is, sanitize it
+$secret = filter_var( $_POST['secret'], FILTER_SANITIZE_STRING);		
+if ((!empty($secret)) && (preg_match('/[a-z\.\s\,\-]/i', $secret)) &&
+  (strlen($secret) <= 30)) {					
+	//Sanitize the trimmed city	
+	$secrettrim = $secret;					
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+//Is the phone number present? If it is, sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+//Is the class present? If it is, sanitize it
+$class = filter_var( $_POST['level'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($class)) && (strlen($class) <= 3)) {					
+	//Sanitize the trimmed phone number	
+	$classtrim = (filter_var($class, FILTER_SANITIZE_NUMBER_INT));	
+	}else{	
+	$errors[] = 'Missing Level Selection.';
+	}	
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT userid FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $emailtrim);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+
+	$query = "INSERT INTO users (userid, title, first_name, last_name, email, password, class, "; 
+    $query .= "address1, address2, city, state_country, zcode_pcode, phone, secret, registration_date) ";
+    $query .= "VALUES ";
+	$query .= "(' ',?,?,?,?,?,?,?,?,?,?,?,?,?,NOW())"; 	
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'sssssssssssss', 
+	$titletrim, $first_nametrim, $last_nametrim, $emailtrim, $hashed_password, $classtrim, $address1trim, 
+	$address2trim, $citytrim, $state_countrytrim, $zcode_pcodetrim, $phonetrim, $secrettrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+	header ("location: register-thanks.php?class=" . $classtrim); 					
+	} else {
+	// echo 'Invalid query:' . $dbcon->error; 
+    $errorstring = "System is busy, please try later";
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+	}
+	}else{//The email address is already registered                         
+    $errorstring = 'The email address is already registered.';
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+$errorstring = 'Error! The following error(s) occurred: ';
+foreach ($errors as $msg) { // Print each error.				
+$errorstring .= " - $msg<br>\n";
+    }
+$errorstring .= 'Please try again.';
+echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+    }// End of if (empty($errors)) IF.
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/process_admin_view_users.php b/Ch06/finalpostal/process_admin_view_users.php
new file mode 100644
index 0000000..5e61925
--- /dev/null
+++ b/Ch06/finalpostal/process_admin_view_users.php
@@ -0,0 +1,129 @@
+<?php
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+//set the number of rows per display page
+$pagerows = 4; //                                                                       
+// Has the total number of pagess already been calculated?
+if ((isset($_GET['p']) && is_numeric($_GET['p']))) { //already been calculated
+$pages = htmlspecialchars($_GET['p'], ENT_QUOTES);
+// make sure it is not executable XSS
+}else{//use the next block of code to calculate the number of pages                     
+//First, check for the total number of records
+$q = "SELECT COUNT(userid) FROM users";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$records = htmlspecialchars($row[0], ENT_QUOTES);
+// make sure it is not executable XSS
+//Now calculate the number of pages
+if ($records > $pagerows){ //if the number of records will fill more than one page
+//Calculate the number of pages and round the result up to the nearest integer
+$pages = ceil ($records/$pagerows); //                                                   
+}else{
+$pages = 1;
+}
+}//page check finished
+//Declare which record to start with                                                     
+if ((isset($_GET['s'])) &&( is_numeric($_GET['s'])))
+{
+$start = htmlspecialchars($_GET['s'], ENT_QUOTES);
+// make sure it is not executable XSS
+}else{
+$start = 0;
+}
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users ORDER BY registration_date ASC";
+$query .=" LIMIT ?, ?";
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind $id to SQL Statement
+mysqli_stmt_bind_param($q, "ii", $start, $pagerows); 
+
+// execute query
+
+mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran OK (records were returned), display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';				
+// Fetch and print all the records:							
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Error message:
+echo '<p class="text-center">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of else ($result) 
+// Now display the total number of records/members.           
+$q = "SELECT COUNT(userid) FROM users";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$members = htmlspecialchars($row[0], ENT_QUOTES);
+mysqli_close($dbcon); // Close the database connection.     
+$echostring = "<p class='text-center'>Total membership: $members </p>";
+$echostring .= "<p class='text-center'>";
+if ($pages > 1) {//                                             
+//What number is the current page?
+$current_page = ($start/$pagerows) + 1;
+//If the page is not the first page then create a Previous link
+if ($current_page != 1) {
+$echostring .= '<a href="admin_view_users.php?s=' . ($start - $pagerows) . 
+'&p=' . $pages . '">Previous</a> ';
+}
+//Create a Next link                                                  
+if ($current_page != $pages) {
+$echostring .= ' <a href="admin_view_users.php?s=' . ($start + $pagerows) . 
+'&p=' . $pages . '">Next</a> ';
+}
+$echostring .= '</p>';
+echo $echostring;
+}
+//}
+//mysqli_close($dbcon); // Close the database connection.
+} //end of try
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/process_delete_record.php b/Ch06/finalpostal/process_delete_record.php
new file mode 100644
index 0000000..ab86e19
--- /dev/null
+++ b/Ch06/finalpostal/process_delete_record.php
@@ -0,0 +1,95 @@
+<?php
+try { 
+// Check for a valid user ID, through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+	$id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} else
+if ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.      #1
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+//	return to login page
+header("Location: login.php");
+exit();
+}
+require ('mysqli_connect.php');
+// Check if the form has been submitted:                                               #2
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$sure = htmlspecialchars($_POST['sure'], ENT_QUOTES);
+if ($sure == 'Yes') { // Delete the record.
+	// Make the query:
+	
+	// Use prepare statement to remove security problems
+	$q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, 'DELETE FROM users WHERE userid=? LIMIT 1');
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	if (mysqli_stmt_affected_rows($q) == 1) { // It ran OK
+// Print a message:
+		echo '<h3 class="text-center">The record has been deleted.</h3>';	
+		} else { // If the query did not run OK display public message
+			echo '<p class="text-center">The record could not be deleted.';
+			echo '<br>Either it does not exist or due to a system error.</p>';
+		//	echo '<p>' . mysqli_error($dbcon ) . '<br />Query: ' . $q . '</p>'; 
+		// Debugging message. When live comment out because this displays sql
+		}
+	} else { // User did not confirm deletion.
+		echo '<h3 class="text-center">The user has NOT been deleted as you requested</h3>';	
+	}
+} else { // Show the form.                                                               #3
+	
+	$q = mysqli_stmt_init($dbcon);
+	$query = "SELECT CONCAT(first_name, ' ', last_name) FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	 $result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM); // get user info
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+		
+		// Display the record being deleted:
+		$user = htmlspecialchars($row[0], ENT_QUOTES);
+?>
+	<h2 class="h2 text-center">
+	Are you sure you want to permanently delete <?php echo $user; ?>?</h2>
+	<form action="delete_user.php" method="post"	
+			name="deleteform" id="deleteform">
+	<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8" style="padding-left: 70px;">
+	<input type="hidden" name="id" value="<?php echo $id; ?>">
+	<input id="submit-yes" class="btn btn-primary" type="submit" name="sure" value="Yes"> - 
+	<input id="submit-no" class="btn btn-primary" type="submit" name="sure" value="No">
+    </div>
+	</div>
+	</form>
+<?php
+	} else { // Not a valid user ID.
+		echo '<p class="text-center">This page has been accessed in error.</p>';
+		echo '<p>&nbsp;</p>';
+	}
+} // End of the main submission conditional.
+mysqli_stmt_close($q);
+mysqli_close($dbcon );
+}
+catch(Exception $e)
+{
+	print "The system is busy. Please try again.";
+	//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is currently busy. Please try again soon.";
+	//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/process_edit_address.php b/Ch06/finalpostal/process_edit_address.php
new file mode 100644
index 0000000..63dc607
--- /dev/null
+++ b/Ch06/finalpostal/process_edit_address.php
@@ -0,0 +1,300 @@
+<?php
+try
+{ 
+// After clicking the Edit link in the found_record.php page. This code is executed 
+// The code looks for a valid user ID, either through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+    $id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+	include ('footer.php'); 
+	exit();
+}
+require ('mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array();
+	// Look for the first name:
+//Is the title present? If it is, sanitize it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}	
+	//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}
+//If the 2nd address is present? If it is, sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the phone number present? If it is, sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}	
+	if (empty($errors)) { // If everything's OK.                                         #2	
+		 $query = 'UPDATE users SET title=?, first_name=?, last_name=?, address1=?,';
+		 $query .= ' address2=?, city=?, state_country=?, zcode_pcode=?,';
+		 $query .= ' phone=?';
+         $query .= ' WHERE userid=? LIMIT 1';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'ssssssssss', $titletrim, $first_nametrim, $last_nametrim, 
+				$address1trim, $address2trim, $citytrim, $state_countrytrim, 
+				$zcode_pcodetrim, $phonetrim, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+			
+			// Echo a message if the edit was satisfactory:
+				echo '<h3 class="text-center">The user has been edited.</h3>';	
+						} else { // Echo a message if the query failed.
+				echo '<p class="text-center">The user could not be edited due to a system error.';
+                echo ' We apologize for any inconvenience.</p>'; // Public message.
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		} else { // Display the errors.
+		echo '<p class="text-center">The following error(s) occurred:<br />';
+		foreach ($errors as $msg) { // Echo each error.
+			echo " - $msg<br />\n";
+		}
+		echo '</p><p>Please try again.</p>';
+		} // End of if (empty($errors))section.
+} // End of the conditionals
+// Select the user's information to display in textboxes:                                    #3
+
+	$q = mysqli_stmt_init($dbcon);
+	$query = "SELECT * FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	mysqli_stmt_bind_param($q, 'i', $id); 
+      
+       // execute query
+	   
+    mysqli_stmt_execute($q);  
+	   
+	$result = mysqli_stmt_get_result($q);
+
+	$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	
+	// Create the form:
+?>
+<h2 class="h2 text-center">Edit User</h2>
+<h3 class="text-center">Items marked with an asterisk * are required</h3>
+<form action="edit_address.php" method="post"
+name="editform" id="editform">
+<div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	   value=
+		"<?php if (isset($row['title'])) 
+		echo htmlspecialchars($row['title'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($row['first_name'])) 
+		echo htmlspecialchars($row['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($row['last_name'])) 
+		echo htmlspecialchars($row['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($row['address1'])) 
+		echo htmlspecialchars($row['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($row['address2'])) 
+		echo htmlspecialchars($row['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($row['city'])) 
+		echo htmlspecialchars($row['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($row['state_country'])) 
+		echo htmlspecialchars($row['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>	
+<div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	   value=
+		"<?php if (isset($row['zcode_pcode'])) 
+		echo htmlspecialchars($row['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($row['phone'])) 
+		echo htmlspecialchars($row['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>  
+<input type="hidden" name="id" value="<?php echo $id ?>" />
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="float-left g-recaptcha" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Edit User">
+</div>
+</div>
+</form>
+<?php
+} else { // The user could not be validated
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+}
+mysqli_stmt_free_result($q);
+mysqli_close($dbcon);
+}
+catch(Exception $e)
+{
+	print "The system is busy. Please try later";
+	//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is currently busy. Please try again later";
+	//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/process_edit_record.php b/Ch06/finalpostal/process_edit_record.php
new file mode 100644
index 0000000..ab7dd33
--- /dev/null
+++ b/Ch06/finalpostal/process_edit_record.php
@@ -0,0 +1,235 @@
+<?php
+try
+{ 
+// After clicking the Edit link in the found_record.php page. This code is executed 
+// The code looks for a valid user ID, either through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+    $id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+	include ('footer.php'); 
+	exit();
+}
+
+require ('./mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array();
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}	
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+//Is the class present? If it is, sanitize it
+$class = filter_var( $_POST['level'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($class)) && (strlen($class) <= 3)) {					
+	//Sanitize the trimmed phone number	
+	$classtrim = (filter_var($class, FILTER_SANITIZE_NUMBER_INT));	
+	}else{	
+	$errors[] = 'Missing Level Selection.';
+	}
+	// Look for the Paid Status:
+	$paid = filter_var( $_POST['paid'], FILTER_SANITIZE_STRING);	
+	if (empty($paid)) {
+		$errors[] = 'You forgot to enter the paid status.';
+	}
+	if (!(($paid == "No") || ($paid == "Yes"))) {
+		$errors[] = "Paid must be No or Yes.";
+	}	
+	if (empty($errors)) { // If everything's OK.                                     
+		$q = mysqli_stmt_init($dbcon);
+		$query = 'SELECT userid FROM users WHERE email=? AND userid !=?';
+        mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'si', $email, $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+	if (mysqli_num_rows($result) == 0) { // e-mail does not exist in another record
+		 $query = 'UPDATE users SET first_name=?, last_name=?, email=?,';
+		 $query .= ' class=?, paid=?';
+         $query .= ' WHERE userid=? LIMIT 1';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'sssssi', $first_name, $last_name, $email, $class, $paid, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+			
+			// Echo a message if the edit was satisfactory:
+				echo '<h3 class="text-center">The user has been edited.</h3>';	
+						} else { // Echo a message if the query failed.
+				echo '<p class="text-center">The user could not be edited. Did you change anything?';
+                echo ' We apologize for any inconvenience.</p>'; // Public message.
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		} else { // Already registered.
+			echo '<p class="text-center">The email address has already been registered.</p>';
+		}
+		} else { // Display the errors.
+		echo '<p class="text-center">The following error(s) occurred:<br />';
+		foreach ($errors as $msg) { // Echo each error.
+			echo " - $msg<br />\n";
+		}
+		echo '</p><p>Please try again.</p>';
+		} // End of if (empty($errors))section.
+} // End of the conditionals
+// Select the user's information to display in textboxes:                                    #3
+
+	$q = mysqli_stmt_init($dbcon);
+	$query = 
+	"SELECT first_name, last_name, email, class, paid FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	mysqli_stmt_bind_param($q, 'i', $id); 
+      
+       // execute query
+	   
+    mysqli_stmt_execute($q);  
+	   
+	$result = mysqli_stmt_get_result($q);
+
+	$row1 = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	
+	// Create the form:
+?>
+<h2 class="h2 text-center">Edit a Record</h2>
+<form action="edit_user.php" method="post"	
+	name="editform" id="editform">
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($row1['first_name'])) 
+		echo htmlspecialchars($row1['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($row1['last_name'])) 
+		echo htmlspecialchars($row1['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($row1['email'])) 
+		echo htmlspecialchars($row1['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label text-right">Membership Class*</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php
+ require_once("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($row1['level'])) && ( $row1['level'] == $row[$i])) 
+		{ 
+	?>
+			selected
+	<?php } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+}
+echo "here";
+?>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+    <label for="paid" class="col-sm-4 col-form-label text-right">Paid:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="paid" name="paid" 
+	  placeholder="Paid" maxlength="60" required
+	  value="<?php echo htmlspecialchars($row1['paid'], ENT_QUOTES); ?>">
+    </div>
+  </div> 
+<input type="hidden" name="id" value="<?php echo $id ?>" />
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+<?php
+} else { // The user could not be validated
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+}
+mysqli_stmt_free_result($q);
+mysqli_close($dbcon);
+}
+catch(Exception $e)
+{
+	print "The system is busy. Please try later";
+	//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is currently busy. Please try again later";
+	//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/process_temp_view_found_record.php b/Ch06/finalpostal/process_temp_view_found_record.php
new file mode 100644
index 0000000..cd08dfa
--- /dev/null
+++ b/Ch06/finalpostal/process_temp_view_found_record.php
@@ -0,0 +1,70 @@
+<?php
+try
+{
+
+// This script retrieves records from the users table.                         
+require ('mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users WHERE ";
+$query .= "last_name='Smith' AND first_name='James' ";
+$query .="ORDER BY registration_date ASC ";		
+// Perpared statement not needed because string is hard coded
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';	
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="text-center">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+print "The system is currently busy. Please try later.";
+//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+print "The system us busy. Please try later.";
+//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/process_view_found_addresses.php b/Ch06/finalpostal/process_view_found_addresses.php
new file mode 100644
index 0000000..4b42938
--- /dev/null
+++ b/Ch06/finalpostal/process_view_found_addresses.php
@@ -0,0 +1,96 @@
+<?php
+try
+{
+// This script retrieves records from the users table.                         
+require ('./mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+$first_name = htmlspecialchars($_POST['first_name'], ENT_QUOTES);
+$last_name = htmlspecialchars($_POST['last_name'], ENT_QUOTES);
+// Since it's a prepared statement below this sanitizing is not needed
+// However, to consistantly retrieve than sanitize is a good habit
+
+$query = "SELECT userid, title, last_name, first_name, ";
+$query .= "address1, address2, city, state_country, zcode_pcode, phone ";
+$query .= "FROM users WHERE ";
+$query .= "last_name=? AND first_name=?";
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+mysqli_stmt_bind_param($q, 'ss', $last_name, $first_name);
+
+// execute query	 
+mysqli_stmt_execute($q); 
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped table-sm">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Title</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Address1</th>
+<th scope="col">Address2</th>
+<th scope="col">City</th>
+<th scope="col">State or Country</th>
+<th scope="col">Zip or Postal Code</th>
+<th scope="col">Phone</th>
+</tr>';	
+
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$title = htmlspecialchars($row['title'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$address1 = htmlspecialchars($row['address1'], ENT_QUOTES);
+	$address2 = htmlspecialchars($row['address2'], ENT_QUOTES);
+	$city = htmlspecialchars($row['city'], ENT_QUOTES);
+	$state_country = htmlspecialchars($row['state_country'], ENT_QUOTES);
+	$zcode_pcode = htmlspecialchars($row['zcode_pcode'], ENT_QUOTES);
+	$phone = htmlspecialchars($row['phone'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row"><a href="edit_address.php?id=' . $user_id . '">Edit</a></td>
+	<td scope="row">' . $title . '</td>
+	<td scope="row">' . $first_name . '</td>
+	<td scope="row">' . $last_name . '</td>
+	<td scope="row">' . $address1 . '</td>
+	<td scope="row">' . $address2 . '</td>
+	<td scope="row">' . $city . '</td>
+	<td scope="row">' . $state_country . '</td>
+	<td scope="row">' . $zcode_pcode . '</td>
+	<td scope="row">' . $phone . '</td>
+	</tr>';	
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="center-text">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+print "The system is currently busy. Please try later.";
+//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+print "The system us busy. Please try later.";
+//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/process_view_found_record.php b/Ch06/finalpostal/process_view_found_record.php
new file mode 100644
index 0000000..a56dc08
--- /dev/null
+++ b/Ch06/finalpostal/process_view_found_record.php
@@ -0,0 +1,89 @@
+<?php
+try
+{
+// This script retrieves records from the users table.                         
+require ('mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+$first_name = htmlspecialchars($_POST['first_name'], ENT_QUOTES);
+$last_name = htmlspecialchars($_POST['last_name'], ENT_QUOTES);
+// Since it's a prepared statement below this sanitizing is not needed
+// However, to consistantly retrieve than sanitize is a good habit
+
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, class, paid, userid FROM users WHERE ";
+$query .= "last_name=? AND first_name=? ";
+$query .="ORDER BY registration_date ASC ";		
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+mysqli_stmt_bind_param($q, 'ss', $last_name, $first_name);
+
+// execute query	 
+mysqli_stmt_execute($q); 
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+<th scope="col">Class</th>
+<th scope="col">Paid</th>
+</tr>';	
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	$class = htmlspecialchars($row['class'], ENT_QUOTES);
+	$paid = htmlspecialchars($row['paid'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	<td>' . $class . '</td>
+	<td>' . $paid . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="center-text">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+print "The system is currently busy. Please try later.";
+//print "An Exception occurred.Message: " . $e->getMessage();
+}catch(Error $e)
+{
+print "The system us busy. Please try later.";
+//print "An Error occured. Message: " . $e->getMessage();
+}
+?>
\ No newline at end of file
diff --git a/Ch06/finalpostal/register-page.php b/Ch06/finalpostal/register-page.php
new file mode 100644
index 0000000..9b35e6b
--- /dev/null
+++ b/Ch06/finalpostal/register-page.php
@@ -0,0 +1,245 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/register-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<h3 class="text-center">Items marked with an asterisk * are required</h3>
+<?php
+try {
+require_once ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<form action="register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">*First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">*Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	   value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label">*E-mail:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label">*Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label">*Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($_POST['level'])) && ( $_POST['level'] == $row[$i])) 
+		{ 
+	?>
+			selected
+	<?php } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+echo "here";
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label">*Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['address1'])) 
+		echo htmlspecialchars($_POST['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['address2'])) 
+		echo htmlspecialchars($_POST['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label">*City:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['city'])) 
+		echo htmlspecialchars($_POST['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label">*State/Country:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['state_country'])) 
+		echo htmlspecialchars($_POST['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label">*Zip Code/Post Code:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  placeholder="Zip Code or Postal Code" maxlength="15" required
+	   value=
+		"<?php if (isset($_POST['zcode_pcode'])) 
+		echo htmlspecialchars($_POST['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label">Phone Number:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['phone'])) 
+		echo htmlspecialchars($_POST['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col-cards.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php');
+  echo "</footer>";
+  echo "</div>";
+  }
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+ ?>
+</body>
+</html>
diff --git a/Ch06/finalpostal/register-password.php b/Ch06/finalpostal/register-password.php
new file mode 100644
index 0000000..3425993
--- /dev/null
+++ b/Ch06/finalpostal/register-password.php
@@ -0,0 +1,116 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Change Password</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="register-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label text-right">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Current Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password'])) 
+		echo htmlspecialchars($_POST['password'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/register-thanks.php b/Ch06/finalpostal/register-thanks.php
new file mode 100644
index 0000000..f936bd1
--- /dev/null
+++ b/Ch06/finalpostal/register-thanks.php
@@ -0,0 +1,129 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/thanks-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h3 class="h2 text-center" >Thank you for registering</h2>
+<h6 class="text-center">To confirm your registration please verify membership class and pay the membership fee now.</h6>
+<h6 class="text-center">You can use PayPal or a credit/debit card.</h6>
+<p class="text-center" >When you have completed your registration you will be able to login 
+to the member's only pages.</p>
+<?php
+try {
+require ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<p></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="XXXXXXXXXXXXX">
+<div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label text-right">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+$class = htmlspecialchars($_GET['class'], ENT_QUOTES);
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($class)) && ( $class == $row[$i])) 
+		{ 
+	
+			echo ' selected ';
+	 } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<!-- Replace the code below with code provided by PayPal once you obtain a Merchant ID -->
+<input type="hidden" name="currency_code" value="GBP">
+<input style="margin:10px 0 0 40px" type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_buynowCC_LG.gif" name="submit" alt="PayPal  The safer, easier way to pay online.">
+<img alt="" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="1" height="1">
+<!-- Replace code above with PayPal provided code -->
+</div>
+</div>
+</form>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col-cards.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+<?php 
+} // end try
+catch(Exception $e) // We finally handle any problems here   
+ {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+ }
+catch(Error $e)
+{
+     //print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try again later.";
+}
+?>
+</body>
+</html>
diff --git a/Ch06/finalpostal/register-view-users.php b/Ch06/finalpostal/register-view-users.php
new file mode 100644
index 0000000..57aea19
--- /dev/null
+++ b/Ch06/finalpostal/register-view-users.php
@@ -0,0 +1,93 @@
+ <?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+   catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/safer-register-page.php b/Ch06/finalpostal/safer-register-page.php
new file mode 100644
index 0000000..76a028c
--- /dev/null
+++ b/Ch06/finalpostal/safer-register-page.php
@@ -0,0 +1,313 @@
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script>
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/register-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<h3 class="text-center">Items marked with an asterisk * are required</h3>
+<?php
+try {
+require_once("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<form action="safer-register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+ <div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	   value=
+		"<?php if (isset($_POST['title'])) 
+		echo htmlspecialchars($_POST['title'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label text-right">Membership Class*</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($_POST['level'])) && ( $_POST['level'] == $row[$i])) 
+		{ 
+	?>
+			selected
+	<?php } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+echo "here";
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['adress1'])) 
+		echo htmlspecialchars($_POST['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['address2'])) 
+		echo htmlspecialchars($_POST['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['city'])) 
+		echo htmlspecialchars($_POST['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['state_country'])) 
+		echo htmlspecialchars($_POST['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>	
+ <div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['zcode_pcode'])) 
+		echo htmlspecialchars($_POST['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['phone'])) 
+		echo htmlspecialchars($_POST['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+      <label for="question" class="col-sm-4 col-form-label text-right">
+	  Secret Question*:</label>
+	  <div class="col-sm-8">
+      <select id="question" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Maiden">Mother's Maiden Name</option>
+	<option value="Pet">Pet's Name</option>
+	<option value="School">High School</option>
+	<option value="Vacation">Favorite Vacation Spot</option>
+	</select>
+	</div>
+	</div>  
+	<div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Answer*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Secret Answer" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['secret'])) 
+		echo htmlspecialchars($_POST['secret'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="float-left g-recaptcha" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col-cards.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php');
+  echo "</footer>";
+  echo "</div>";
+  }
+catch(Exception $e) // We finally handle any problems here                
+   {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   }
+catch(Error $e)
+   {
+      //print "An Error occurred. Message: " . $e->getMessage();
+      print "The system is busy please try again later.";
+   }
+ ?>
+</body>
+</html>
diff --git a/Ch06/finalpostal/search.php b/Ch06/finalpostal/search.php
new file mode 100644
index 0000000..7b97053
--- /dev/null
+++ b/Ch06/finalpostal/search.php
@@ -0,0 +1,90 @@
+<?php											
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{
+header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Search Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Search for a record</h2>
+<h6 class="text-center">Both names are required items</h6>
+<form action="view_found_record.php" method="post" >
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value=
+			"<?php if (isset($_POST['first_name'])) 
+				echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+			"<?php if (isset($_POST['last_name'])) 
+				echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" 
+		name="submit" value="Search">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/search_addresses.php b/Ch06/finalpostal/search_addresses.php
new file mode 100644
index 0000000..919bea6
--- /dev/null
+++ b/Ch06/finalpostal/search_addresses.php
@@ -0,0 +1,96 @@
+<?php                                                                                     
+//session_start();
+//if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+//{ header("Location: login.php");
+//exit();
+//}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Search Address Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/login-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-view_found_addresses.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<div class="h2 text-center">
+<h5>Search for an Address or Phone Number</h5>
+<h5 style="color: red;">Both Names are required items</h5>
+</div>
+<form action="view_found_addresses.php" method="post" name="searchform" id="searchform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="l" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Search">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/temp_view_found_record.php b/Ch06/finalpostal/temp_view_found_record.php
new file mode 100644
index 0000000..8a78417
--- /dev/null
+++ b/Ch06/finalpostal/temp_view_found_record.php
@@ -0,0 +1,55 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are found users</h2>
+<p>
+<?php 
+require ("process_temp_view_found_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/verify.js b/Ch06/finalpostal/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch06/finalpostal/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch06/finalpostal/view_found_address.php b/Ch06/finalpostal/view_found_address.php
new file mode 100644
index 0000000..ef2ae9b
--- /dev/null
+++ b/Ch06/finalpostal/view_found_address.php
@@ -0,0 +1,123 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1)) {
+header("Location: login.php");
+exit();
+}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>View found address page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="styles.css">
+<style type="text/css"><!--                              #1 -->
+p { text-align:center; }
+table, tr { width:850px; }
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include("includes/header-admin.php"); ?>
+</header>
+<nav>
+<?php include("includes/nav.php"); ?>
+</nav>
+<aside>
+<?php include("includes/info-col.php"); ?>
+</aside>
+<div id="content"><!-- Start of the page-specific content. -->
+<h2>Search Address Result</h2>
+<?php 
+
+// This script fetches records from the users table.
+require ('mysqli_connect.php'); // Connect to the database.
+$fname = $_POST['fname'];
+$fname = mysqli_real_escape_string($dbcon, $fname);
+$lname=$_POST['lname'];
+$lname = mysqli_real_escape_string($dbcon, $lname);
+echo '<p>If no record is shown, this is because you had an incorrect ';
+echo 'or missing entry in the search form.<br>';
+echo 'Or the person is not registered with us.';
+echo '<br>Please click the Addresses button and try again</p>';
+try {
+$query = "SELECT user_id, title, lname, fname, addr1, addr2, ";
+$query .= "city, state_country, zcode_pcode, phone FROM users ";
+$query .= "WHERE fname=? AND lname=?";	
+// prepared statement to protect $lname $fname values
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+mysqli_stmt_bind_param($q, 'ss', $fname, $lname);
+
+// execute query
+	   
+mysqli_stmt_execute($q);  
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran, display the records.
+// Table header.                                     #2
+
+echo '<table>
+<tr><th><b>Edit</b></th>
+<th><b>Title</b></th>
+<th><b>Last Name</b></th>
+<th><b>First Name</b></th>
+<th><b>Addrs1</b></th>
+<th><b>Addrs2</b></th>
+<th><b>City</b></th>
+<th><b>State_Country</b></th>
+<th><b>zcode_pcode</b></th>
+<th><b>Phone</b></th>
+</tr>';
+// Fetch and display the records:                     #3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	echo '<tr>
+	<td><a href="edit_address.php?id=' . 
+	$row['user_id'] . '">Edit</a></td>
+	<td>' . $row['title'] . '</td>
+	<td>' . $row['fname'] . '</td>
+	<td>' . $row['lname'] . '</td>
+	<td>' . $row['addr1'] . '</td>
+	<td>' . $row['addr2'] . '</td>
+	<td>' . $row['city'] . '</td>
+	<td>' . $row['state_country'] . '</td>
+	<td>' . $row['zcode_pcode'] . '</td>
+	<td>' . $row['phone'] . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it failed to run
+// Public message:
+	echo '<p class="error">The current users could not be retrieved. ';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+} // End of if ($result). Now display the total number of records/members.
+$q = "SELECT COUNT(user_id) FROM users";
+$result = @mysqli_query ($dbcon, $q);
+$row = @mysqli_fetch_array ($result, MYSQLI_NUM);
+$members = $row[0];
+mysqli_close($dbcon); //Close the database connection.
+echo "<p>Total membership: $members</p>";
+}
+catch(Exception $e)
+{
+print "an Exception occurred. Message:" . $e->getMessage();
+}
+catch(Error $e)
+{
+print "an Error occurred. Message:" . $e->getMessage();
+}
+?>
+</div><!-- End of address found content. -->
+<footer>
+<?php include("includes/footer.php"); ?>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch06/finalpostal/view_found_addresses.php b/Ch06/finalpostal/view_found_addresses.php
new file mode 100644
index 0000000..611c09e
--- /dev/null
+++ b/Ch06/finalpostal/view_found_addresses.php
@@ -0,0 +1,51 @@
+<?php                                                                       
+//session_start();
+//if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+//{ header("Location: login.php");
+// exit();
+//}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Found Addresses</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-10"> 
+  <h2 class="text-center">These are addresses found</h2>
+<p>
+<?php 
+require ("process_view_found_addresses.php");
+?>
+</div>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch06/finalpostal/view_found_record.php b/Ch06/finalpostal/view_found_record.php
new file mode 100644
index 0000000..dd02ecf
--- /dev/null
+++ b/Ch06/finalpostal/view_found_record.php
@@ -0,0 +1,51 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+ exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Found Records</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-10"> 
+  <h2 class="text-center">These are users found</h2>
+<p>
+<?php 
+require ("process_view_found_record.php");
+?>
+</div>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/admin-page.php b/Ch07/migrate/admin-page.php
new file mode 100644
index 0000000..88edab9
--- /dev/null
+++ b/Ch07/migrate/admin-page.php
@@ -0,0 +1,57 @@
+<?php                                                                                     
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Admin Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Administration Page</h2>
+<h3>You have permission to:</h3>
+<p>&#9632;Edit and Delete a record</p>
+<p>&#9632;Use the View Members button to page through all the members</p>
+<p>&#9632;Use the Search button to locate a particular member</p>
+<p>&#9632;Use the New Password button to change your password. 
+</p>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/admin-view-users.php b/Ch07/migrate/admin-view-users.php
new file mode 100644
index 0000000..c3637ce
--- /dev/null
+++ b/Ch07/migrate/admin-view-users.php
@@ -0,0 +1,138 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+define(ERROR_LOG,"errors.log");
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Users Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT last_name, first_name, email, DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, class, paid, userid FROM users ORDER BY registration_date DESC";
+$q .=" LIMIT $start, $pagerows";	
+
+
+
+// Prepared statement not needed since hardcoded	
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to #5
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                                                                                                                                      #7
+	mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/admin_view_users.php b/Ch07/migrate/admin_view_users.php
new file mode 100644
index 0000000..0874f76
--- /dev/null
+++ b/Ch07/migrate/admin_view_users.php
@@ -0,0 +1,52 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{
+ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Users Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-10">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+require ("process_admin_view_users.php");
+?>
+</div>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/cap.php b/Ch07/migrate/cap.php
new file mode 100644
index 0000000..201053b
--- /dev/null
+++ b/Ch07/migrate/cap.php
@@ -0,0 +1,17 @@
+<?php
+        if(isset($_POST['g-recaptcha-response'])){
+			$captcha=$_POST['g-recaptcha-response'];
+			$secretKey = "Put your secret key here";
+			$ip_address = $_SERVER['REMOTE_ADDR'];
+			$response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha."&remoteip=".$ip_address);
+			$keys = json_decode($response,true);
+			if(intval($keys["success"]) !== 1) {
+				echo "<h4 class='text-center'>Are you human? Click recaptcha</h4>";
+				header( "refresh:1;" );
+			}
+		}
+		else { echo "<h4 class='text-center'>Are you human? Click recaptcha!</h4>";
+		header( "refresh:1;" );
+		}
+		
+?>	
\ No newline at end of file
diff --git a/Ch07/migrate/change-password.php b/Ch07/migrate/change-password.php
new file mode 100644
index 0000000..eb049c8
--- /dev/null
+++ b/Ch07/migrate/change-password.php
@@ -0,0 +1,115 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Change Password</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="change-password.php" method="post" name="passform" id="passform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label text-right">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password'])) 
+		echo htmlspecialchars($_POST['password'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">New Passsword:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <div class="col-sm-12">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/delete_record.php b/Ch07/migrate/delete_record.php
new file mode 100644
index 0000000..6c63eb2
--- /dev/null
+++ b/Ch07/migrate/delete_record.php
@@ -0,0 +1,156 @@
+<?php											
+session_start();
+if (!isset($_SESSION['user_level']) or 
+($_SESSION['user_level'] != 1))
+{
+header("Location: login.php");
+exit();
+}
+define(ERROR_LOG,"errors.log");
+?>
+
+<!doctype html>
+<html lang="en">
+<head>
+<title>Delete a record</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="styles.css">
+<style type="text/css">
+p { text-align:center; }
+form { text-align:center;}
+}
+input.fl-left { float:left; 
+}
+#submit-yes { float:left; margin-left:220px;
+}
+#submit-no { float:left; margin-left:20px;
+}
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header-admin.php'); ?>
+</header>
+<nav>
+<?php include('includes/nav.php'); ?>
+</nav>
+<aside>
+<?php include('includes/info-col.php'); ?>
+</aside>
+<div id="content"><!-- Start of the page-specific content. -->
+<h2>Delete a Record</h2>
+<?php
+try { 
+// Check for a valid user ID, through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { 
+// From view_users.php
+$id = $_GET['id'];
+} else
+if ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) {
+	// Form submission.     
+	$id = $_POST['id'];
+} else { // No valid ID, kill the script.
+//	return to login page
+header("Location: login.php");
+exit();
+}
+require ('./mysqli_connect.php');
+// Check if the form has been submitted:                                              
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+if ($_POST['sure'] == 'Yes') { // Delete the record.
+	// Make the query:
+	
+	// Use prepare statement to remove security problems
+	$q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, 'DELETE FROM users WHERE user_id=? LIMIT 1');
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	if (mysqli_stmt_affected_rows($q) == 1) { // It ran OK
+// Print a message:
+		echo '<h3>The record has been deleted.</h3>';	
+		} else { // If the query did not run OK display public message
+		echo '<p class="error">The record could not be deleted.';
+		echo '<br>Either it does not exist or due to a system error.</p>';
+	//	echo '<p>' . mysqli_error($dbcon ) . '<br />Query: ' . $q . '</p>'; 
+	// Debugging message. When live comment out because this displays sql
+		}
+	} else { // User did not confirm deletion.
+		echo '<h3>The user has NOT been deleted as you requested</h3>';	
+	}
+} else { // Show the form.                                                               
+	
+	$q = mysqli_stmt_init($dbcon);
+	$query = "SELECT CONCAT(fname, ' ', lname) FROM users WHERE user_id=?";
+    mysqli_stmt_prepare($q, $query);
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	 $result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM); // get user info
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+		
+		// Display the record being deleted:
+		echo "<h3>Are you sure you want to permanently delete $row[0]?</h3>"; 
+		// Create the form:
+		echo '<form action="delete_record.php" method="post">
+	<input id="submit-yes" type="submit" name="sure" value="Yes"> 
+	<input id="submit-no" type="submit" name="sure" value="No">
+	
+	<input type="hidden" name="id" value="' . $id . '">
+	</form>';
+
+	} else { // Not a valid user ID.
+		echo '<p class="error">This page has been accessed in error.</p>';
+		echo '<p>&nbsp;</p>';
+	}
+} // End of the main submission conditional.
+mysqli_stmt_close($q);
+mysqli_close($dbcon );
+		echo '<p>&nbsp;</p>';
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
+<footer>
+<?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch07/migrate/delete_user.php b/Ch07/migrate/delete_user.php
new file mode 100644
index 0000000..9607aef
--- /dev/null
+++ b/Ch07/migrate/delete_user.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Delete Record</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_delete_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/edit_address.php b/Ch07/migrate/edit_address.php
new file mode 100644
index 0000000..d4cb1e1
--- /dev/null
+++ b/Ch07/migrate/edit_address.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+ exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Edit an Address</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_edit_address.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/edit_user.php b/Ch07/migrate/edit_user.php
new file mode 100644
index 0000000..7610f60
--- /dev/null
+++ b/Ch07/migrate/edit_user.php
@@ -0,0 +1,53 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Edit a Record</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+<?php 
+require ("process_edit_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/edit_your_account.php b/Ch07/migrate/edit_your_account.php
new file mode 100644
index 0000000..3001515
--- /dev/null
+++ b/Ch07/migrate/edit_your_account.php
@@ -0,0 +1,409 @@
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}										
+session_start();
+//                                                                #1
+if (isset($_SESSION['user_id']) && ($_SESSION['user_level'] == 0)){
+$id = filter_var( $_SESSION['user_id'], FILTER_SANITIZE_STRING);
+	define('ERROR_LOG',"errors.log");
+} else {
+header("Location: login.php");
+exit();
+}		
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Edit Your Account Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script>
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header_members_account.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<?php
+try { 
+require ('mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array(); 
+//Is the title present? If it is, sanitize it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+
+//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}
+
+//If the 2nd address is present? If it is, sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the phone number present? If it is, sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+	if (empty($errors)) { // If everything's OK.
+		//  make the query
+		$q = mysqli_stmt_init($dbcon);
+		$query = 'SELECT userid FROM users WHERE email=? AND userid !=?';
+         mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'si', $emailtrim, $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0) { // e-mail does not exist in another record
+		// Make the update query:                                     #5
+		
+		 $query = 'UPDATE users SET title=?, first_name=?, last_name=?, email=?, ';
+		 $query .='address1=?, address2=?, city=?, state_country=?, zcode_pcode=?, ';
+		 $query .='phone=?';
+         $query .= ' WHERE userid=?';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'ssssssssssi', $titletrim, $first_nametrim, $last_nametrim, 
+			$emailtrim, $address1trim, $address2trim, $citytrim, $state_countrytrim, 
+			$zcode_pcodetrim, $phonetrim, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+	
+			// Echo a message if the edit was satisfactory:
+                $errorstring = 'The user has been edited.';
+				echo "<p class=' text-center col-sm-2' style='color:green'>$errorstring</p>";
+						} else { // Echo a message if the query failed.
+				$errorstring = 'The user could not be edited. Did you change anything?';
+                $errorstring .= ' We apologize for any inconvenience.'; // Public message.
+				echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		}
+		} else { // Display the errors.
+		// ---------------Process User Errors---------------
+		// Display the users entry errors
+		$errorstring = 'Error! The following error(s) occurred: ';
+		foreach ($errors as $msg) { // Print each error.				
+		$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= 'Please try again.';
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+} // End of the conditionals
+// Select the user's information:                                                       #6
+
+$query = "SELECT title, first_name, last_name, email, address1, address2, city, state_country, zcode_pcode, phone ";
+$query .=" FROM users WHERE userid=?";	
+// id was retrieved from database prepared not needed	
+   $q = mysqli_stmt_init($dbcon);
+   mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'i', $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	$row = mysqli_fetch_array ($result, MYSQLI_ASSOC);
+	// Create the form: 	#7
+	
+	
+?>
+  <!-- Validate Input -->
+<div class="col-sm-8">
+<h2 class="h2 text-center">Edit Your Account Details</h2>
+<h3 class="text-center">For your own security, please remember to log out!</h3>
+
+<form action="edit_your_account.php" method="post"
+name="editform" id="editform">
+ <div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	   value=
+		"<?php if (isset($row['title'])) 
+		echo htmlspecialchars($row['title'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($row['first_name'])) 
+		echo htmlspecialchars($row['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($row['last_name'])) 
+		echo htmlspecialchars($row['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($row['email'])) 
+		echo htmlspecialchars($row['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($row['address1'])) 
+		echo htmlspecialchars($row['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($row['address2'])) 
+		echo htmlspecialchars($row['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($row['city'])) 
+		echo htmlspecialchars($row['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($row['state_country'])) 
+		echo htmlspecialchars($row['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>	
+<div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	   value=
+		"<?php if (isset($row['zcode_pcode'])) 
+		echo htmlspecialchars($row['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($row['phone'])) 
+		echo htmlspecialchars($row['phone'], ENT_QUOTES); ?>" >
+    </div>
+	</div>
+	<input type="hidden" name="id" value="' . $id . '">
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="float-left g-recaptcha" style="padding-left: 80px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Edit Your Record">
+    </div>
+	</div>
+	</form>
+</div>
+<?php
+
+   }
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php');
+  echo "</footer>";
+  echo "</div>";
+ 
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+ ?>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch07/migrate/feedback-form.css b/Ch07/migrate/feedback-form.css
new file mode 100644
index 0000000..bd6761f
--- /dev/null
+++ b/Ch07/migrate/feedback-form.css
@@ -0,0 +1,8 @@
+#sb, form{
+    display: block;
+    margin-left: auto;
+    margin-right: auto;
+	text-align: center;
+}
+body {margin:0; padding:0; }
+.cntr { text-align:center; }
diff --git a/Ch07/migrate/feedback-form.php b/Ch07/migrate/feedback-form.php
new file mode 100644
index 0000000..a358960
--- /dev/null
+++ b/Ch07/migrate/feedback-form.php
@@ -0,0 +1,219 @@
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Feedback Form</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<div class="col-sm-8">
+<h3 class="text-center">Edit Your Account Details</h3>
+<h4 class="text-center">For your own security, please remember to log out!</h4>
+<h5 class="text-center"><strong>Address:</strong> 1 The Street, Townsville, AA6 8PF, <strong>Tel:</strong> 01111 800777</h5>
+<h5 class="text-center"><strong>To email us:</strong> Please use this form and click the Send button at the bottom.</h5>
+<h4 class="text-center">Essential items are marked with an asterisk</h4>
+<form action="feedback-handler.php" method="post" name="feedbackform" id="feedbackform">
+<!--START OF TEXT FIELDS-->
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($row['first_name'])) 
+		echo htmlspecialchars($row['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($row['last_name'])) 
+		echo htmlspecialchars($row['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($row['email'])) 
+		echo htmlspecialchars($row['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($row['phone'])) 
+		echo htmlspecialchars($row['phone'], ENT_QUOTES); ?>" >
+    </div>
+	</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>	
+<h5 class="col-sm-8 text-center">Would you like us to send a Brochure? (check box):</h5>
+</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>	
+<div class="checkbox col-sm-8 text-center">Yes
+      <input class="" type="checkbox" name="brochure" id="brochure" value="yes">
+</div>
+</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>	
+<h6 class="col-sm-8 text-center">Please enter address if you checked the brochure box above</h6>
+</div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($row['address1'])) 
+		echo htmlspecialchars($row['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($row['address2'])) 
+		echo htmlspecialchars($row['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['city'])) 
+		echo htmlspecialchars($_POST['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['state_country'])) 
+		echo htmlspecialchars($_POST['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>	
+ <div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['zcode_pcode'])) 
+		echo htmlspecialchars($_POST['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>	
+<h5 class="col-sm-8 text-center">Would you like to receive emailed newletters?</h5>
+</div>
+<fieldset class="form-group row">
+	  <label for="" class="col-sm-4 col-form-label text-right"></label>
+      <div class="col-sm-8 text-center">
+        <div class="form-check form-check-inline">
+          <input class="form-check-input" type="radio" name="letter" id="letter" value="yes" checked>
+          <label class="form-check-label" for="letter">
+            Yes
+          </label>
+        </div>
+        <div class="form-check form-check-inline">
+          <input class="form-check-input" type="radio" name="noletter" id="noletter" value="no">
+          <label class="form-check-label" for="noletter">
+            No
+          </label>
+        </div>
+	</div>
+</fieldset>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+<div class="col-sm-8 text-center">
+    <label for="comment">Please enter your message below</label>
+    <textarea class="form-control" id="comment" name="comment" rows="12" cols="40"
+	value=
+		"<?php if (isset($_POST['comment'])) 
+		echo htmlspecialchars($_POST['comment'], ENT_QUOTES); ?>" >
+	</textarea>
+  </div>
+ </div>
+ <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="g-recaptcha" style="margin-left: 80px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Send">
+    </div>
+	</div>
+	</form>
+	</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+<!-- Footer Content Section -->
+</div>
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch07/migrate/feedback-handler.php b/Ch07/migrate/feedback-handler.php
new file mode 100644
index 0000000..4c94327
--- /dev/null
+++ b/Ch07/migrate/feedback-handler.php
@@ -0,0 +1,131 @@
+<?php
+// Feedback form handler
+// set the error and thank you pages
+$formurl = "feedback/feedback_form.html" ;
+$errorurl = "feedback/error.html" ; 
+$thankyouurl = "feedback/thankyou.html" ; 
+$emailerrurl = "feedback/emailerr.html" ; 
+$errorcommenturl =  "feedback/commenterror.html" ;
+// set to the email address of the recipient
+$mailto = "none@noone.com" ;             
+// Is first name present? If it is, sanitize it
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {			
+	//Save first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors = 'yes';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Save last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors = 'yes';
+	}
+// Check that an email address has been entered	correctly			
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		// if email is bad display error page
+		header( "Location: $emailerrurl" ); 
+        exit ;
+	}
+// Is the phone number present? if so, sanitize it
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize and validate phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL; // if not valid or missing do not save
+	}
+	//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Save the 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors = 'yes';
+	}
+//If the 2nd address is present? If it is, sanitize it          
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Save the 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL; // If missing or not valid do not save
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Save the city						
+	$citytrim = $city;							
+	}else{	
+	$errors = 'yes';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Save the state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors = 'yes';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Save the zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors = 'yes';
+	}
+	
+$brochure = filter_var( $_POST['brochure'], FILTER_SANITIZE_STRING);
+if($brochure != "yes") {$brochure = "no";} // if not yes, then no
+
+$letter = filter_var( $_POST['letter'], FILTER_SANITIZE_STRING);
+if($letter != "yes") {$letter = "no"; } // if not yes, then no
+
+$comment = filter_var( $_POST['comment'], FILTER_SANITIZE_STRING);
+if ((!empty($comment)) && (strlen($comment) <= 480)) {
+	// remove ability to create link in email
+	$patterns = array("/http/", "/https/", "/\:/","/\/\//","/www./");
+	$commenttrim = preg_replace($patterns," ", $comment);	
+	}else{	// if comment not valid display error page
+	header( "Location: $errorcommenturl" );
+	exit;
+}
+
+if (!empty($errors)) { // if errors display error page
+header( "Location: $errorurl" );
+exit ; }
+// everything OK send e-mail
+$subject = "Message from customer " . $first_nametrim . " " . $last_nametrim;
+$messageproper =                                                                        
+"------------------------------------------------------------\n" .
+"Name of sender: $first_nametrim $last_nametrim\n" . 
+"Email of sender: $emailtrim\n" . 
+"Telephone: $phonetrim\n" . 
+"brochure?: $brochure\n" . 
+"Address: $address1trim\n" . 
+"Address: $address2trim\n" .
+"City: $citytrim\n" .
+"Postcode: $zcode_pcodetrim\n" .
+"Newsletter?:$letter\n" .
+"------------------------- MESSAGE -------------------------\n\n" . 
+$commenttrim . 
+"\n\n------------------------------------------------------------\n" ; 
+mail($mailto, $subject, $messageproper, "From: \"$first_nametrim $last_nametrim\" <$emailtrim>" ); 
+header( "Location: $thankyouurl" ); 
+exit ;
+?>
diff --git a/Ch07/migrate/feedback/commenterr.php b/Ch07/migrate/feedback/commenterr.php
new file mode 100644
index 0000000..315c783
--- /dev/null
+++ b/Ch07/migrate/feedback/commenterr.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Email Error Message</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('../includes/thankyou-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('../includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h4 class="text-center">Sorry the format of your comments is not correct.</h4>
+<h4 class="text-center">Return to the form by clicking the back button on your browser<br> and correct your comments.</h4>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('../includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('../includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/feedback/emailerr.php b/Ch07/migrate/feedback/emailerr.php
new file mode 100644
index 0000000..5e02f0d
--- /dev/null
+++ b/Ch07/migrate/feedback/emailerr.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Email Error Message</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('../includes/thankyou-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('../includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h4 class="text-center">Your email address has an incorrect format.</h4>
+<h4 class="text-center">Return to the form by clicking the back button on your browser<br> and correct your email address.</h4>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('../includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('../includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/feedback/error.php b/Ch07/migrate/feedback/error.php
new file mode 100644
index 0000000..03e9810
--- /dev/null
+++ b/Ch07/migrate/feedback/error.php
@@ -0,0 +1,46 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Error Message</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('../includes/thankyou-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('../includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h4 class="text-center">One or more of the essential items in the form has not been filled in.</h4>
+<h4 class="text-center">Essential items have an asterisk like this <span>*</span></h4>
+<h4 class="text-center">Return to the form by clicking the back button on your browser<br> and then fill in the missing items.</h4>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('../includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('../includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/feedback/thankyou.php b/Ch07/migrate/feedback/thankyou.php
new file mode 100644
index 0000000..26f215f
--- /dev/null
+++ b/Ch07/migrate/feedback/thankyou.php
@@ -0,0 +1,55 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Thank you for your inquiry</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('../includes/thankyou-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('../includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h3 class="text-center" >Thank you for your inquiry.</h3>
+<h3 class="text-center" >We will email an answer to you shortly.</h3>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('../includes/info-col.php'); ?> 
+	</aside>
+  </div>
+ <div class="row col-sm-12" style="padding-left: 0px;  padding-bottom: 20px;"> 
+<div class="col-sm-5"></div>
+<nav class="col-sm-4 text-center">
+<ul class="nav nav-pills">
+<li class="nav-item">
+          <a class="nav-link active" href="index.php">Return to Home Page</a>
+</li>
+</ul>
+</nav>
+</div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('../includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/header-members-account.php b/Ch07/migrate/header-members-account.php
new file mode 100644
index 0000000..6585f39
--- /dev/null
+++ b/Ch07/migrate/header-members-account.php
@@ -0,0 +1,8 @@
+<h1>This is the Header</h1>
+<div id="reg-navigation">
+    <ul>
+        <li><a href="logout.php">Logout</a></li>
+		<li><a href="edit_your_account.php">Your Account</a></li>
+        <li><a href="register-password.php">New Password</a></li>
+    </ul>
+</div>
diff --git a/Ch07/migrate/images/Thumbs.db b/Ch07/migrate/images/Thumbs.db
new file mode 100644
index 0000000..04bb756
Binary files /dev/null and b/Ch07/migrate/images/Thumbs.db differ
diff --git a/Ch07/migrate/images/fredsemail.jpg b/Ch07/migrate/images/fredsemail.jpg
new file mode 100644
index 0000000..42bc75d
Binary files /dev/null and b/Ch07/migrate/images/fredsemail.jpg differ
diff --git a/Ch07/migrate/images/logo.jpg b/Ch07/migrate/images/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch07/migrate/images/logo.jpg differ
diff --git a/Ch07/migrate/images/polo.png b/Ch07/migrate/images/polo.png
new file mode 100644
index 0000000..bca2bd2
Binary files /dev/null and b/Ch07/migrate/images/polo.png differ
diff --git a/Ch07/migrate/images/tile-pale.jpg b/Ch07/migrate/images/tile-pale.jpg
new file mode 100644
index 0000000..ae45d50
Binary files /dev/null and b/Ch07/migrate/images/tile-pale.jpg differ
diff --git a/Ch07/migrate/images/vertical_solution_PP.png b/Ch07/migrate/images/vertical_solution_PP.png
new file mode 100644
index 0000000..8693bd4
Binary files /dev/null and b/Ch07/migrate/images/vertical_solution_PP.png differ
diff --git a/Ch07/migrate/includes/_vti_cnf/footer.php b/Ch07/migrate/includes/_vti_cnf/footer.php
new file mode 100644
index 0000000..d722bce
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/footer.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|17 Aug 2017 16:37:50 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|index.php login.php view_found_record.php admin-page.php search_address.php edit_record.php members-page.php page-5.php admin_view_users.php page-3.php page-4.php view_found_address.php search.php delete_record.php page-2.php safer-register-page.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|17 Aug 2017 16:37:50 -0000
+vti_cacheddtm:TX|17 Aug 2017 16:37:50 -0000
+vti_filesize:IR|315
+vti_cachedlinkinfo:VX|H|http://www.colycomputerhelp.co.uk/ H|http://www.littleoceanwaves.com H|http://jigsaw.w3.org/css-validator/ H|http://validator.w3.org/
+vti_cachedsvcrellinks:VX|NHHS|http://www.colycomputerhelp.co.uk/ NHHS|http://www.littleoceanwaves.com NHHS|http://jigsaw.w3.org/css-validator/ NHHS|http://validator.w3.org/
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/header-admin.php b/Ch07/migrate/includes/_vti_cnf/header-admin.php
new file mode 100644
index 0000000..122f566
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/header-admin.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|19 Dec 2017 20:13:21 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|view_found_record.php admin-page.php search_address.php edit_address.php edit_record.php admin_view_users.php view_found_address.php search.php delete_record.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|19 Dec 2017 20:13:21 -0000
+vti_cacheddtm:TX|19 Dec 2017 20:13:21 -0000
+vti_filesize:IR|357
+vti_cachedlinkinfo:VX|H|logout.php H|admin_view_users.php H|search.php H|search_address.php H|register-password.php
+vti_cachedsvcrellinks:VX|NHUS|includes/logout.php NHUS|includes/admin_view_users.php NHUS|includes/search.php NHUS|includes/search_address.php NHUS|includes/register-password.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/header-members.php b/Ch07/migrate/includes/_vti_cnf/header-members.php
new file mode 100644
index 0000000..9c8ffb8
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/header-members.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|07 Sep 2017 17:40:15 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|members-page.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|07 Sep 2017 17:40:15 -0000
+vti_cacheddtm:TX|07 Sep 2017 17:40:15 -0000
+vti_filesize:IR|202
+vti_cachedlinkinfo:VX|H|logout.php H|register-password.php
+vti_cachedsvcrellinks:VX|NHUS|includes/logout.php NHUS|includes/register-password.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/header-thanks.php b/Ch07/migrate/includes/_vti_cnf/header-thanks.php
new file mode 100644
index 0000000..6d9334e
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/header-thanks.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|06 Dec 2012 20:36:08 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|register-thanks.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|06 Dec 2012 20:36:08 -0000
+vti_cacheddtm:TX|06 Dec 2012 20:36:08 -0000
+vti_filesize:IR|167
+vti_cachedlinkinfo:VX|H|index.php
+vti_cachedsvcrellinks:VX|NHUS|includes/index.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/header.php b/Ch07/migrate/includes/_vti_cnf/header.php
new file mode 100644
index 0000000..93fdbed
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/header.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|26 Dec 2017 18:19:35 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|index.php page-5.php page-3.php page-4.php page-2.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|26 Dec 2017 18:19:35 -0000
+vti_cacheddtm:TX|26 Dec 2017 18:19:35 -0000
+vti_filesize:IR|199
+vti_cachedlinkinfo:VX|H|login.php H|safer-register-page.php
+vti_cachedsvcrellinks:VX|NHUS|includes/login.php NHUS|includes/safer-register-page.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/info-col-cards.php b/Ch07/migrate/includes/_vti_cnf/info-col-cards.php
new file mode 100644
index 0000000..b802ce2
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/info-col-cards.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|28 Feb 2013 20:36:56 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|register-thanks.php admin-page.php members-page.php safer-register-page.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|28 Feb 2013 20:36:56 -0000
+vti_cacheddtm:TX|28 Feb 2013 20:36:56 -0000
+vti_filesize:IR|380
+vti_cachedlinkinfo:VX|S|images/vertical_solution_PP.png
+vti_cachedsvcrellinks:VX|NSUS|includes/images/vertical_solution_PP.png
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/info-col.php b/Ch07/migrate/includes/_vti_cnf/info-col.php
new file mode 100644
index 0000000..5b90dcd
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/info-col.php
@@ -0,0 +1,14 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|07 Dec 2017 12:14:16 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|index.php login.php view_found_record.php search_address.php edit_address.php edit_record.php page-5.php admin_view_users.php view_found_address.php page-3.php page-4.php search.php delete_record.php page-2.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|07 Dec 2017 12:14:16 -0000
+vti_cacheddtm:TX|07 Dec 2017 12:14:16 -0000
+vti_filesize:IR|128
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/login-header.php b/Ch07/migrate/includes/_vti_cnf/login-header.php
new file mode 100644
index 0000000..c7bcfc6
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/login-header.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|20 Aug 2017 15:20:59 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|login.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|20 Aug 2017 15:20:59 -0000
+vti_cacheddtm:TX|20 Aug 2017 15:20:59 -0000
+vti_filesize:IR|249
+vti_cachedlinkinfo:VX|H|login.php H|register-page.php H|index.php
+vti_cachedsvcrellinks:VX|NHUS|includes/login.php NHUS|includes/register-page.php NHUS|includes/index.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/login_page.inc.php b/Ch07/migrate/includes/_vti_cnf/login_page.inc.php
new file mode 100644
index 0000000..47aafce
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/login_page.inc.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|29 Oct 2017 18:16:10 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|login.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|29 Oct 2017 18:16:10 -0000
+vti_cacheddtm:TX|29 Oct 2017 18:16:10 -0000
+vti_filesize:IR|668
+vti_cachedlinkinfo:VX|A|login.php
+vti_cachedsvcrellinks:VX|NAUS|includes/login.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/nav.php b/Ch07/migrate/includes/_vti_cnf/nav.php
new file mode 100644
index 0000000..c315156
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/nav.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|17 Aug 2017 16:24:57 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|login.php view_found_record.php register-thanks.php index.php admin-page.php search_address.php edit_address.php edit_record.php members-page.php page-5.php admin_view_users.php view_found_address.php page-3.php page-4.php search.php delete_record.php page-2.php safer-register-page.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|17 Aug 2017 16:24:57 -0000
+vti_cacheddtm:TX|17 Aug 2017 16:24:57 -0000
+vti_filesize:IR|387
+vti_cachedlinkinfo:VX|H|page-2.php H|page-3.php H|page-4.php H|page-5.php H|index.php
+vti_cachedsvcrellinks:VX|NHUS|includes/page-2.php NHUS|includes/page-3.php NHUS|includes/page-4.php NHUS|includes/page-5.php NHUS|includes/index.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/_vti_cnf/password-header.php b/Ch07/migrate/includes/_vti_cnf/password-header.php
new file mode 100644
index 0000000..5cb747e
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/password-header.php
@@ -0,0 +1,16 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|26 Sep 2017 17:12:27 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|26 Sep 2017 17:12:27 -0000
+vti_cacheddtm:TX|26 Sep 2017 17:12:27 -0000
+vti_filesize:IR|202
+vti_cachedlinkinfo:VX|H|register-password.php H|index.php
+vti_cachedsvcrellinks:VX|NHUS|includes/register-password.php NHUS|includes/index.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
+vti_backlinkinfo:VX|
diff --git a/Ch07/migrate/includes/_vti_cnf/register-header.php b/Ch07/migrate/includes/_vti_cnf/register-header.php
new file mode 100644
index 0000000..3aa2834
--- /dev/null
+++ b/Ch07/migrate/includes/_vti_cnf/register-header.php
@@ -0,0 +1,17 @@
+vti_encoding:SR|utf8-nl
+vti_timelastmodified:TR|31 Dec 2017 17:55:46 -0000
+vti_extenderversion:SR|12.0.0.0
+vti_backlinkinfo:VX|safer-register-page.php
+vti_author:SR|USERX-893NME34B\\Janice
+vti_modifiedby:SR|USERX-893NME34B\\Janice
+vti_timecreated:TR|22 Nov 2017 11:42:03 -0000
+vti_nexttolasttimemodified:TW|31 Dec 2017 17:50:34 -0000
+vti_cacheddtm:TX|31 Dec 2017 17:55:46 -0000
+vti_filesize:IR|145
+vti_cachedlinkinfo:VX|H|safer-register-page.php
+vti_cachedsvcrellinks:VX|NHUS|includes/safer-register-page.php
+vti_cachedneedsrewrite:BR|false
+vti_cachedhasbots:BR|false
+vti_cachedhastheme:BR|false
+vti_cachedhasborder:BR|false
+vti_charset:SR|utf-8
diff --git a/Ch07/migrate/includes/footer.php b/Ch07/migrate/includes/footer.php
new file mode 100644
index 0000000..4ccb7e8
--- /dev/null
+++ b/Ch07/migrate/includes/footer.php
@@ -0,0 +1,5 @@
+<p class="h6 col-sm-12">Copyright &copy; Adrian West & Steve Prettyman 2018  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/header-admin.php b/Ch07/migrate/includes/header-admin.php
new file mode 100644
index 0000000..50c305b
--- /dev/null
+++ b/Ch07/migrate/includes/header-admin.php
@@ -0,0 +1,15 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'admin_view_users.php'">View Members</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'search.php'">Search</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'search_addresses.php'">Addresses</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
diff --git a/Ch07/migrate/includes/header-members-account.php b/Ch07/migrate/includes/header-members-account.php
new file mode 100644
index 0000000..6585f39
--- /dev/null
+++ b/Ch07/migrate/includes/header-members-account.php
@@ -0,0 +1,8 @@
+<h1>This is the Header</h1>
+<div id="reg-navigation">
+    <ul>
+        <li><a href="logout.php">Logout</a></li>
+		<li><a href="edit_your_account.php">Your Account</a></li>
+        <li><a href="register-password.php">New Password</a></li>
+    </ul>
+</div>
diff --git a/Ch07/migrate/includes/header-members.php b/Ch07/migrate/includes/header-members.php
new file mode 100644
index 0000000..3bf6406
--- /dev/null
+++ b/Ch07/migrate/includes/header-members.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'">New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/header-thanks.php b/Ch07/migrate/includes/header-thanks.php
new file mode 100644
index 0000000..b0b0b07
--- /dev/null
+++ b/Ch07/migrate/includes/header-thanks.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Cancel</button>
+</div>
+    </nav>
+
diff --git a/Ch07/migrate/includes/header.php b/Ch07/migrate/includes/header.php
new file mode 100644
index 0000000..69f9524
--- /dev/null
+++ b/Ch07/migrate/includes/header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Login</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'safer-register-page.php'">Register</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/header1.php b/Ch07/migrate/includes/header1.php
new file mode 100644
index 0000000..11a86b0
--- /dev/null
+++ b/Ch07/migrate/includes/header1.php
@@ -0,0 +1,73 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">    
+	  <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+ 
+	<?php
+	 switch ($menu) {
+	case 1: //header.php
+	    ?>
+		 <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Login</button>
+		 <button type="button" class="btn btn-secondary" onclick="location.href = 'safer-register-page.php'">Register</button>
+		 
+		<?php
+        break;	 	 
+    
+    case 2: //heder_members_account.php
+        ?>
+		<button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+        <button type="button" class="btn btn-secondary" onclick="location.href = 'edit_your_account.php'">Your Account</button>
+        <button type="button" class="btn btn-secondary" onclick="location.href = 'safer-register-password.php'">New Password</button>
+		<?php
+        break;
+    case 3: // header-thanks.php
+        ?>
+		 <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Cancel</button>
+		<?php
+        break;
+	case 4: // login-header.php
+        ?>
+		<button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Erase Entries</button>
+        <button type="button" class="btn btn-secondary" onclick="location.href = 'safer-register-page.php'">Register</button>
+        <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+		<?php
+        break;
+	case 5: //; members-header.php
+        ?> 
+		<button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+        <button type="button" class="btn btn-secondary" onclick="location.href = 'change-password.php'" >New Password</button>
+		<?php
+        break;
+	case 6: //password-header.php
+        ?>
+		<button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'" >Erase Entries</button>
+        <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+		<?php
+        break;
+	case 7: //password-header.php
+        ?>
+		<button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>
+		<?php
+        break;
+	case 8: //thankyou-header.php
+        ?>
+		<!-- <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>-->
+		<?php
+        break;
+	case 9: //register-header.php
+        ?>
+		<button type="button" class="btn btn-secondary" 
+			onclick="location.href = 'register-page'" >Erase Your Entries</button>
+		<button type="button" class="btn btn-secondary" 
+			onclick="location.href = 'index.php'">Cancel</button>
+		<?php
+        break;
+}
+	?>
+	</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/header_members_account.php b/Ch07/migrate/includes/header_members_account.php
new file mode 100644
index 0000000..48978e3
--- /dev/null
+++ b/Ch07/migrate/includes/header_members_account.php
@@ -0,0 +1,13 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'edit_your_account.php'">Your Account</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'safer-register-password.php'">New Password</button>
+</div>
+    </nav>
diff --git a/Ch07/migrate/includes/info-col-cards.php b/Ch07/migrate/includes/info-col-cards.php
new file mode 100644
index 0000000..fda610e
--- /dev/null
+++ b/Ch07/migrate/includes/info-col-cards.php
@@ -0,0 +1,4 @@
+
+<h3 class="text-center">Payment Methods</h3>
+	<img alt="Pay by PayPal or Credit card" class="float-left" title="Pay by PayPal or Credit card"src="images/vertical_solution_PP.png">
+
diff --git a/Ch07/migrate/includes/info-col.php b/Ch07/migrate/includes/info-col.php
new file mode 100644
index 0000000..1c1ae88
--- /dev/null
+++ b/Ch07/migrate/includes/info-col.php
@@ -0,0 +1,3 @@
+<h3>This is the information column</h3>
+<p>Information area</p>
+
diff --git a/Ch07/migrate/includes/login-header.php b/Ch07/migrate/includes/login-header.php
new file mode 100644
index 0000000..aa7c252
--- /dev/null
+++ b/Ch07/migrate/includes/login-header.php
@@ -0,0 +1,13 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'login.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'safer-register-page.php'">Register</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/login_page.inc.php b/Ch07/migrate/includes/login_page.inc.php
new file mode 100644
index 0000000..9ee78ca
--- /dev/null
+++ b/Ch07/migrate/includes/login_page.inc.php
@@ -0,0 +1,14 @@
+<h2>Login</h2>
+<form action="login.php" method="post">
+<p><label class="label" for="email">Email Address:</label>
+<input id="email" type="text" name="email" size="30" maxlength="60"
+value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" 
+required> </p>
+<!--<br>-->
+<p><label class="label" for="psword">Password:</label>
+<input id="psword" type="password" name="psword" size="12" minlength="8"� maxlength="12"
+value="<?php if (isset($_POST['psword'])) echo $_POST['psword']; ?>" 
+required>
+<span>&nbsp;Between 8 and 12 characters.</span></p>
+<!--<p>&nbsp;</p>--><p><input id="submit" type="submit" name="submit" value="Login"></p>
+</form><br>
diff --git a/Ch07/migrate/includes/logo.jpg b/Ch07/migrate/includes/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch07/migrate/includes/logo.jpg differ
diff --git a/Ch07/migrate/includes/members-header.php b/Ch07/migrate/includes/members-header.php
new file mode 100644
index 0000000..de443b4
--- /dev/null
+++ b/Ch07/migrate/includes/members-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'change-password.php'" >New Password</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/nav.php b/Ch07/migrate/includes/nav.php
new file mode 100644
index 0000000..db873ad
--- /dev/null
+++ b/Ch07/migrate/includes/nav.php
@@ -0,0 +1,15 @@
+    <li class="nav-item">
+          <a class="nav-link active" href="index.php">Home</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-2.php">Page 2</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="page-3.php">Page 3</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-4.php">Page 4</a>
+        </li>
+		 <li class="nav-item">
+          <a class="nav-link" href="page-5.php">Page 5</a>
+        </li>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/password-header.php b/Ch07/migrate/includes/password-header.php
new file mode 100644
index 0000000..e6fc6c8
--- /dev/null
+++ b/Ch07/migrate/includes/password-header.php
@@ -0,0 +1,12 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'register-password.php'" >Erase Entries</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/register-header.php b/Ch07/migrate/includes/register-header.php
new file mode 100644
index 0000000..b1a43e8
--- /dev/null
+++ b/Ch07/migrate/includes/register-header.php
@@ -0,0 +1,15 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" 
+       aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'register-page'" >Erase Your Entries</button>
+  <button type="button" class="btn btn-secondary" 
+    onclick="location.href = 'index.php'">Cancel</button>
+</div>
+    </nav>
diff --git a/Ch07/migrate/includes/register-thanks.php b/Ch07/migrate/includes/register-thanks.php
new file mode 100644
index 0000000..fa2c9f7
--- /dev/null
+++ b/Ch07/migrate/includes/register-thanks.php
@@ -0,0 +1,129 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('thanks-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h3 class="h2 text-center" >Thank you for registering</h2>
+<h6 class="text-center">To confirm your registration please verify membership class and pay the membership fee now.</h6>
+<h6 class="text-center">You can use PayPal or a credit/debit card.</h6>
+<p class="text-center" >When you have completed your registration you will be able to login 
+to the member's only pages.</p>
+<?php
+try {
+require ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<p></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="XXXXXXXXXXXXX">
+<div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+$class = htmlspecialchars($_GET['class'], ENT_QUOTES);
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($class)) && ( $class == $row[$i])) 
+		{ 
+	
+			echo ' selected ';
+	 } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<!-- Replace the code below with code provided by PayPal once you obtain a Merchant ID -->
+<input type="hidden" name="currency_code" value="GBP">
+<input style="margin:10px 0 0 40px" type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_buynowCC_LG.gif" name="submit" alt="PayPal  The safer, easier way to pay online.">
+<img alt="" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="1" height="1">
+<!-- Replace code above with PayPal provided code -->
+</div>
+</div>
+</form>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('info-col-cards.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('footer.php'); ?>
+</footer>
+<?php 
+} // end try
+catch(Exception $e) // We finally handle any problems here   
+ {
+     // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+ }
+catch(Error $e)
+{
+     //print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try again later.";
+}
+?>
+</body>
+</html>
diff --git a/Ch07/migrate/includes/thanks-header.php b/Ch07/migrate/includes/thanks-header.php
new file mode 100644
index 0000000..7bdb175
--- /dev/null
+++ b/Ch07/migrate/includes/thanks-header.php
@@ -0,0 +1,11 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="../images/logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch07/migrate/includes/thankyou-header.php b/Ch07/migrate/includes/thankyou-header.php
new file mode 100644
index 0000000..81dd37e
--- /dev/null
+++ b/Ch07/migrate/includes/thankyou-header.php
@@ -0,0 +1,11 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="../images/logo.jpg" alt="Logo"> 
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" aria-label="Button Group">
+  <!-- <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button> -->
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch07/migrate/index.php b/Ch07/migrate/index.php
new file mode 100644
index 0000000..7e9feef
--- /dev/null
+++ b/Ch07/migrate/index.php
@@ -0,0 +1,48 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+     <h2 class="text-center">This is the Home Page</h2>
+	<p>The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. The home page content. <br>
+	The home page content. The home page content. <br>
+	The home page content. The home page content. The home page content. </p>
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/login.php b/Ch07/migrate/login.php
new file mode 100644
index 0000000..955c313
--- /dev/null
+++ b/Ch07/migrate/login.php
@@ -0,0 +1,90 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Login page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/login-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-login.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Login</h2>
+<form action="login.php" method="post" name="loginform" id="loginform">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail Address:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label text-right">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password'])) 
+		echo htmlspecialchars($_POST['password'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Login">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/logo.jpg b/Ch07/migrate/logo.jpg
new file mode 100644
index 0000000..4fe01c8
Binary files /dev/null and b/Ch07/migrate/logo.jpg differ
diff --git a/Ch07/migrate/logout.php b/Ch07/migrate/logout.php
new file mode 100644
index 0000000..d8abea1
--- /dev/null
+++ b/Ch07/migrate/logout.php
@@ -0,0 +1,18 @@
+<?php
+session_start();//access the current session.                  
+// if no session variable exists then redirect the user
+if (!isset($_SESSION['user_id'])) {        
+header("location:index.php");
+exit();
+//cancel the session and redirect the user:
+}else{ //cancel the session
+    $_SESSION = array(); // Destroy the variables
+	$params = session_get_cookie_params();
+	// Destroy the cookie
+	setcookie(session_name(), '', time()-42000,
+	$params["path"], $params["domain"],
+	$params["secure"], $params["httponly"]);
+if (session_status() == PHP_SESSION_ACTIVE) { 
+session_destroy(); } // Destroy the session itself
+header("location:index.php");
+	}
diff --git a/Ch07/migrate/members-page.php b/Ch07/migrate/members-page.php
new file mode 100644
index 0000000..e6d18c1
--- /dev/null
+++ b/Ch07/migrate/members-page.php
@@ -0,0 +1,61 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 0))
+{ header("Location: login.php");
+  exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header_members_account.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h2 class="text-center">This is the Member's Page</h2>
+<p>The members page content. The members page content. The members page content. 
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+<br>The members page content. The members page content. The members page content.
+</p>
+<p class="h3 text-center">Special offers to members only.</p>
+    <p class="text-center"><strong>T-Shirts 10.00</strong></p>
+<img class="mx-auto d-block" src="images/polo.png" alt="Polo Shirt"> 
+<br>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
+
diff --git a/Ch07/migrate/migrate.sql b/Ch07/migrate/migrate.sql
new file mode 100644
index 0000000..a54470e
--- /dev/null
+++ b/Ch07/migrate/migrate.sql
@@ -0,0 +1,120 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 07:04 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `migrate`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `prices`
+--
+
+CREATE TABLE `prices` (
+  `oneyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `oneyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `militarygb` decimal(6,0) UNSIGNED NOT NULL,
+  `militaryus` decimal(6,0) UNSIGNED NOT NULL,
+  `u21gb` decimal(6,0) UNSIGNED NOT NULL,
+  `u21us` decimal(6,0) UNSIGNED NOT NULL,
+  `minpricegb` decimal(6,0) UNSIGNED NOT NULL,
+  `minpriceus` decimal(6,0) UNSIGNED NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `prices`
+--
+
+INSERT INTO `prices` (`oneyeargb`, `oneyearus`, `fiveyeargb`, `fiveyearus`, `militarygb`, `militaryus`, `u21gb`, `u21us`, `minpricegb`, `minpriceus`) VALUES
+('30', '40', '125', '140', '5', '8', '2', '3', '15', '20');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `title` tinytext,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `class` char(20) NOT NULL,
+  `user_level` tinyint(2) UNSIGNED NOT NULL,
+  `address1` varchar(50) NOT NULL,
+  `address2` varchar(50) DEFAULT NULL,
+  `city` varchar(50) NOT NULL,
+  `state_country` char(25) NOT NULL,
+  `zcode_pcode` char(10) NOT NULL,
+  `phone` char(15) DEFAULT NULL,
+  `secret` varchar(30) NOT NULL,
+  `paid` enum('No','Yes') NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `title`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `class`, `user_level`, `address1`, `address2`, `city`, `state_country`, `zcode_pcode`, `phone`, `secret`, `paid`) VALUES
+(34, 'Mr.', 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$TZRpkkmeP6fIl2hy1z2H6OV6WwL1ZcjHLTdrASs1jJm5N77a5kFie', '2018-06-20 10:08:01', '125', 0, '111 Main St', NULL, 'Key West', 'FL', '33040', NULL, 'Smith', 'Yes'),
+(35, NULL, 'Jack', 'Smith', 'jsmith@outcook.com', '$2y$10$i9uYUhvXZqbkPuTWnukM7uLGqo/aksE6TlPCTqVVL4h3NtYmRmdpm', '2018-06-20 10:09:52', '125', 1, '111 Main St', NULL, 'Key West', 'FL', '33040', NULL, 'Smith', 'Yes'),
+(36, 'Mr.', 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$UmWacPiHiECQmJz6VpPS5u2ne5oLPswKyhDIF6PcwhbpV7BcYLtGa', '2018-06-20 10:13:51', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(37, 'Ms.', 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$w/O9nBxDkm5j8E3apHVP3u6NH6O7VHUizH2TuZC5.Y4OpDXE2POBy', '2018-06-20 10:15:23', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(38, 'Mr.', 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$cEgamDEeI79Ka14BDoDjCeeV4z0xrNpYxNFeGdlJ9OIPqnvJxiVL2', '2018-06-20 10:16:49', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(39, 'Miss', 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$WFkNsErvl331HYWPx1I6yOMbXqRGjzJCY.xMYucu.AIOsDpw0dtZ2', '2018-06-20 10:18:51', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(40, 'Mr.', 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$RYRudOlD4i9dWjY.jlFpQOmiOEeT9YECQCanqTmsUwzs7RVWa0oPG', '2018-06-20 10:20:13', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(41, 'Mrs', 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$d6N2TjV82II07r7VSpLmeeYt4DbmU8iUx8C8B/uZ03gAemFDxGDti', '2018-06-20 10:31:08', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(42, 'Mrs', 'Annie', 'Mossity', 'amositty@myisp.org.uk', '$2y$10$tgY2g9J0elkfrQIb7j2Jau4U275a/V08eaYsmQqnuwIOGEbTbYxAe', '2018-06-20 10:32:24', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(43, 'Mr.', 'Percey', 'Veer', 'pveer@myisp.com', '$2y$10$Lh4JbdwseMeV0ozvCxAmd.mLjZdkB6lg4OkhA3IxaEeESvO8ug97.', '2018-06-20 10:33:58', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(44, 'Mr.', 'Darrel', 'Doo', 'ddoo@myisp.co.uk', '$2y$10$Ko7pl4a2yNY1SkXFIb6LMu1ROoGvRFjYVMOU0cC6ypNoNZC95/6Xq', '2018-06-20 10:35:50', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(45, 'Mr.', 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$RKyMLj.ZvtBFwsOgqKS1.O5aW/tQgDdbcfzKpejiHvPtSMn8GzXQ2', '2018-06-20 10:37:14', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(46, 'Mrs', 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$BLioPYg2pLPz5yHnmnhqvOCr6QbAuGpg6KIhIPA//j8jTJqbXv8Fa', '2018-06-20 10:39:02', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(47, 'Mr.', 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$P/7yQfboAVJvDfC275LuxerpTVaOs6yLhsZEeJ1SBoKX.Y8pCFrA2', '2018-06-20 10:40:33', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=48;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch07/migrate/mysqli_connect.php b/Ch07/migrate/mysqli_connect.php
new file mode 100644
index 0000000..ebc4124
--- /dev/null
+++ b/Ch07/migrate/mysqli_connect.php
@@ -0,0 +1,12 @@
+<?php 
+// This creates a connection to the logindb database and to MySQL, 
+// It also sets the encoding.
+// Set the access details as constants:
+DEFINE ('DB_USER', 'trevithick');
+DEFINE ('DB_PASSWORD', 'l0c0m0t1v3');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'migrate');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
\ No newline at end of file
diff --git a/Ch07/migrate/nav.php b/Ch07/migrate/nav.php
new file mode 100644
index 0000000..caf0e50
--- /dev/null
+++ b/Ch07/migrate/nav.php
@@ -0,0 +1,8 @@
+<!--The side menu column contains the vertical menu block-->
+<ul>
+<li><a href="page-2.php" title="Page two">Page 2</a></li>
+<li><a href="page-3.php" title="Page three">Page 3</a></li>
+<li><a href="page-4.php" title="Page four">Page 4</a></li>
+<li><a href="page-5.php" title="Page five">Page 5</a></li>
+<li><a href="index.php" title="Return to Home Page">Home Page</a></li>
+</ul>
diff --git a/Ch07/migrate/password-thanks.php b/Ch07/migrate/password-thanks.php
new file mode 100644
index 0000000..5ea4b55
--- /dev/null
+++ b/Ch07/migrate/password-thanks.php
@@ -0,0 +1,45 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Password Change Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center">
+	<h2>Thank you for changing your password</h2>
+On the Home Page, you will now be able to login with your new password.
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/process-change-password.php b/Ch07/migrate/process-change-password.php
new file mode 100644
index 0000000..8fcbd94
--- /dev/null
+++ b/Ch07/migrate/process-change-password.php
@@ -0,0 +1,143 @@
+
+<?php
+define(ERROR_LOG,"errors.log");
+// This script is a query that UPDATES the password in the users table.
+// Check that form has been submitted:       
+    require ('mysqli_connect.php'); // Connect to the db. 
+	$errors = array(); // Initialize an error array. 
+	// Set hidden variable to format any of the echos below
+// Check that an email address has been entered				
+  $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))
+			|| (strlen($email > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password = filter_var( $_POST['password'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password);		
+if (empty($password)){   //                                             
+$errors[] ='Please enter a valid old password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password)) {  //                        
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+    // Prepare and check new password
+	$new_password = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+	$verify_password = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);
+	if (!empty($new_password)) {
+		if(preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$new_password)) {  
+        if (($new_password != $verify_password) ||
+			( $password == $new_password ))
+		{
+            $errors[] = 'Your new password did not match the confirmed password and/or ';
+			$errors[] = 'Your old password is the same as your new password.';
+		}
+} else {
+			$errors[] = 'Your new password is not in correct format.';
+}
+	} else {
+			$errors[] = 'You did not enter a new password.';
+    }
+}
+}
+	if (empty($errors)) { // If everything's OK.              
+try {
+	 // Check that the user has entered the right email address/password combination:
+    $query = "SELECT userid, password FROM users WHERE ( email=? )";
+	$q = mysqli_stmt_init($dbcon);                                 
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 's', $email);
+     // execute query
+    mysqli_stmt_execute($q);
+
+	$result = mysqli_stmt_get_result($q);
+    $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+    if ((mysqli_num_rows($result) == 1)
+          && (password_verify($password, $row['password'])))
+		{	// Found one record		
+	    // Change the password in the database...
+	    // Hash password current 60 characters but can increase
+	    $hashed_passcode = password_hash($new_password, PASSWORD_DEFAULT);            
+		// Make the query:                                               
+       $query = "UPDATE users SET password=? WHERE email=?";
+	   $q = mysqli_stmt_init($dbcon);                                 
+       mysqli_stmt_prepare($q, $query);
+       // use prepared statement to insure that only text is inserted
+       // bind fields to SQL Statement
+       mysqli_stmt_bind_param($q, 'ss', $hashed_passcode, $email);
+       // execute query
+       mysqli_stmt_execute($q);
+       if (mysqli_stmt_affected_rows($q) == 1) {	// one row updated
+           // Echo a message
+          header ("location: password-thanks.php"); 
+		  exit();   
+		} else { // If it did not run OK.
+		// Public message:
+			$errorstring = "System Error! <br /> You could not change password due ";
+			$errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
+			echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";	
+			// Debugging message below do not use in production
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $query . '</p>';
+			// include footer then close program to stop execution
+			echo '<footer class="jumbotron text-center col-sm-12"
+	        style="padding-bottom:1px; padding-top:8px;">
+            include("footer.php"); 
+            </footer>';
+		    exit();
+		 }
+    } else { // Invalid email address/password combination.
+		$errorstring = 'Error! <br /> ';
+        $errorstring .= 'The email address and/or password do not match those on file.';
+	    $errorstring .= " Please try again.";
+		echo "<p class='text-center col-sm-2' style='color:red'>$errorstring</p>";
+} }	
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+	} else { // Report the errors.                                            
+		//header ("location: register-page.php"); 
+		$errorstring = "Error! The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+?>
+
+
+
+
+
+
+
diff --git a/Ch07/migrate/process-login.php b/Ch07/migrate/process-login.php
new file mode 100644
index 0000000..cb346a8
--- /dev/null
+++ b/Ch07/migrate/process-login.php
@@ -0,0 +1,110 @@
+<?php 
+define(ERROR_LOG,"errors.log");
+// This section processes submissions from the login form
+// Check if the form has been submitted:
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    //connect to database
+try {
+    require ('mysqli_connect.php');
+// Check that an email address has been entered				
+  $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))
+			|| (strlen($email > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password = filter_var( $_POST['password'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password);		
+if (empty($password)){  
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+}
+}	
+   if (empty($errors)) { // If everything's OK.         #1
+// Retrieve the user_id, psword, first_name and user_level for that
+// email/password combination
+ $query = "SELECT userid, password, first_name, user_level FROM users ";
+ $query .= "WHERE paid='Yes' AND email=?";
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) == 1) {
+//if one database row (record) matches the input:-
+// Start the session, fetch the record and insert the 
+// values in an array 
+if (password_verify($password, $row[1])) {          //#2
+session_start();								
+// Ensure that the user level is an integer. 
+$_SESSION['user_id'] = $row[0];
+$_SESSION['user_level'] = (int) $row[3];
+// Use a ternary operation to set the URL             #3
+$url = ($_SESSION['user_level'] === 1) ? 'admin-page.php' :
+ 'members-page.php'; 
+header('Location: ' . $url); 
+// Make the browser load either the members or the admin page
+} else { // No password match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps your fee has not yet been processed from ';
+$errors[] = ' PayPal or the credit card.';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} else { // No e-mail match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} 
+if (!empty($errors)) {                     
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (!empty($errors)) IF.
+
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+} // no else to allow user to enter values
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process-register-page.php b/Ch07/migrate/process-register-page.php
new file mode 100644
index 0000000..78a1a97
--- /dev/null
+++ b/Ch07/migrate/process-register-page.php
@@ -0,0 +1,213 @@
+<?php
+define("ERROR_LOG","errors.log");
+// Has the form been submitted?
+try {
+require ('mysqli_connect.php'); // Connect to the database
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+//Is the title present? If it is, sanitize it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}							
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password1trim);		
+if (empty($password1trim)){   //                                             #7
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password1trim)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+$password2trim = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);	
+if($password1trim === $password2trim) { //                                 #9
+$password = $password1trim;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+}
+//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}
+//If the 2nd address is present? If it is, sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the secret present? If it is, sanitize it
+$secret = filter_var( $_POST['secret'], FILTER_SANITIZE_STRING);		
+if ((!empty($secret)) && (preg_match('/[a-z\.\s\,\-]/i', $secret)) &&
+  (strlen($secret) <= 30)) {					
+	//Sanitize the trimmed city	
+	$secrettrim = $secret;					
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+//Is the phone number present? If it is, sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+//Is the class present? If it is, sanitize it
+$class = filter_var( $_POST['level'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($class)) && (strlen($class) <= 3)) {					
+	//Sanitize the trimmed phone number	
+	$classtrim = (filter_var($class, FILTER_SANITIZE_NUMBER_INT));	
+	}else{	
+	$errors[] = 'Missing Level Selection.';
+	}	
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT userid FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $emailtrim);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+
+	$query = "INSERT INTO users (userid, title, first_name, last_name, email, password, class, "; 
+    $query .= "address1, address2, city, state_country, zcode_pcode, phone, secret, registration_date) ";
+    $query .= "VALUES ";
+	$query .= "(' ',?,?,?,?,?,?,?,?,?,?,?,?,?,NOW())"; 	
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'sssssssssssss', 
+	$titletrim, $first_nametrim, $last_nametrim, $emailtrim, $hashed_password, $classtrim, $address1trim, 
+	$address2trim, $citytrim, $state_countrytrim, $zcode_pcodetrim, $phonetrim, $secrettrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+	header ("location: register-thanks.php?class=" . $classtrim); 					
+	} else {
+	// echo 'Invalid query:' . $dbcon->error; 
+    $errorstring = "System is busy, please try later";
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+	}
+	}else{//The email address is already registered                         
+    $errorstring = 'The email address is already registered.';
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+$errorstring = 'Error! The following error(s) occurred: ';
+foreach ($errors as $msg) { // Print each error.				
+$errorstring .= " - $msg<br>\n";
+    }
+$errorstring .= 'Please try again.';
+echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+    }// End of if (empty($errors)) IF.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_admin_view_users.php b/Ch07/migrate/process_admin_view_users.php
new file mode 100644
index 0000000..a139a91
--- /dev/null
+++ b/Ch07/migrate/process_admin_view_users.php
@@ -0,0 +1,146 @@
+<?php
+define(ERROR_LOG,"errors.log");
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+//set the number of rows per display page
+$pagerows = 4; //                                                                       
+// Has the total number of pagess already been calculated?
+if ((isset($_GET['p']) && is_numeric($_GET['p']))) { //already been calculated
+$pages = htmlspecialchars($_GET['p'], ENT_QUOTES);
+// make sure it is not executable XSS
+}else{//use the next block of code to calculate the number of pages                     
+//First, check for the total number of records
+$q = "SELECT COUNT(userid) FROM users";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$records = htmlspecialchars($row[0], ENT_QUOTES);
+// make sure it is not executable XSS
+//Now calculate the number of pages
+if ($records > $pagerows){ //if the number of records will fill more than one page
+//Calculate the number of pages and round the result up to the nearest integer
+$pages = ceil ($records/$pagerows); //                                                   
+}else{
+$pages = 1;
+}
+}//page check finished
+//Declare which record to start with                                                     
+if ((isset($_GET['s'])) &&( is_numeric($_GET['s'])))
+{
+$start = htmlspecialchars($_GET['s'], ENT_QUOTES);
+// make sure it is not executable XSS
+}else{
+$start = 0;
+}
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users ORDER BY registration_date ASC";
+$query .=" LIMIT ?, ?";
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind $id to SQL Statement
+mysqli_stmt_bind_param($q, "ii", $start, $pagerows); 
+
+// execute query
+
+mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran OK (records were returned), display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';				
+// Fetch and print all the records:							
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Error message:
+echo '<p class="text-center">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of else ($result) 
+// Now display the total number of records/members.           
+$q = "SELECT COUNT(userid) FROM users";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$members = htmlspecialchars($row[0], ENT_QUOTES);
+mysqli_close($dbcon); // Close the database connection.     
+$echostring = "<p class='text-center'>Total membership: $members </p>";
+$echostring .= "<p class='text-center'>";
+if ($pages > 1) {//                                             
+//What number is the current page?
+$current_page = ($start/$pagerows) + 1;
+//If the page is not the first page then create a Previous link
+if ($current_page != 1) {
+$echostring .= '<a href="admin_view_users.php?s=' . ($start - $pagerows) . 
+'&p=' . $pages . '">Previous</a> ';
+}
+//Create a Next link                                                  
+if ($current_page != $pages) {
+$echostring .= ' <a href="admin_view_users.php?s=' . ($start + $pagerows) . 
+'&p=' . $pages . '">Next</a> ';
+}
+$echostring .= '</p>';
+echo $echostring;
+}
+//}
+//mysqli_close($dbcon); // Close the database connection.
+} //end of try
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_delete_record.php b/Ch07/migrate/process_delete_record.php
new file mode 100644
index 0000000..e3ec5b8
--- /dev/null
+++ b/Ch07/migrate/process_delete_record.php
@@ -0,0 +1,113 @@
+<?php
+define(ERROR_LOG,"errors.log");
+try { 
+// Check for a valid user ID, through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+	$id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} else
+if ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.      #1
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+//	return to login page
+header("Location: login.php");
+exit();
+}
+require ('mysqli_connect.php');
+// Check if the form has been submitted:                                               #2
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$sure = htmlspecialchars($_POST['sure'], ENT_QUOTES);
+if ($sure == 'Yes') { // Delete the record.
+	// Make the query:
+	
+	// Use prepare statement to remove security problems
+	$q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, 'DELETE FROM users WHERE userid=? LIMIT 1');
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	if (mysqli_stmt_affected_rows($q) == 1) { // It ran OK
+// Print a message:
+		echo '<h3 class="text-center">The record has been deleted.</h3>';	
+		} else { // If the query did not run OK display public message
+			echo '<p class="text-center">The record could not be deleted.';
+			echo '<br>Either it does not exist or due to a system error.</p>';
+		//	echo '<p>' . mysqli_error($dbcon ) . '<br />Query: ' . $q . '</p>'; 
+		// Debugging message. When live comment out because this displays sql
+		}
+	} else { // User did not confirm deletion.
+		echo '<h3 class="text-center">The user has NOT been deleted as you requested</h3>';	
+	}
+} else { // Show the form.                                                               #3
+	
+	$q = mysqli_stmt_init($dbcon);
+	$query = "SELECT CONCAT(first_name, ' ', last_name) FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+    // bind $id to SQL Statement
+    mysqli_stmt_bind_param($q, "s", $id);
+
+    // execute query
+    mysqli_stmt_execute($q);
+	
+	 $result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM); // get user info
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+		
+		// Display the record being deleted:
+		$user = htmlspecialchars($row[0], ENT_QUOTES);
+?>
+	<h2 class="h2 text-center">
+	Are you sure you want to permanently delete <?php echo $user; ?>?</h2>
+	<form action="delete_user.php" method="post"	
+			name="deleteform" id="deleteform">
+	<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8" style="padding-left: 70px;">
+	<input type="hidden" name="id" value="<?php echo $id; ?>">
+	<input id="submit-yes" class="btn btn-primary" type="submit" name="sure" value="Yes"> - 
+	<input id="submit-no" class="btn btn-primary" type="submit" name="sure" value="No">
+    </div>
+	</div>
+	</form>
+<?php
+	} else { // Not a valid user ID.
+		echo '<p class="text-center">This page has been accessed in error.</p>';
+		echo '<p>&nbsp;</p>';
+	}
+} // End of the main submission conditional.
+mysqli_stmt_close($q);
+mysqli_close($dbcon );
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_edit_address.php b/Ch07/migrate/process_edit_address.php
new file mode 100644
index 0000000..eb4aa02
--- /dev/null
+++ b/Ch07/migrate/process_edit_address.php
@@ -0,0 +1,318 @@
+<?php
+define(ERROR_LOG,"errors.log");
+try
+{ 
+// After clicking the Edit link in the found_record.php page. This code is executed 
+// The code looks for a valid user ID, either through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+    $id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+	include ('footer.php'); 
+	exit();
+}
+require ('mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array();
+	// Look for the first name:
+//Is the title present? If it is, sanitize it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}	
+	//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}
+//If the 2nd address is present? If it is, sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the phone number present? If it is, sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}	
+	if (empty($errors)) { // If everything's OK.                                         #2	
+		 $query = 'UPDATE users SET title=?, first_name=?, last_name=?, address1=?,';
+		 $query .= ' address2=?, city=?, state_country=?, zcode_pcode=?,';
+		 $query .= ' phone=?';
+         $query .= ' WHERE userid=? LIMIT 1';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'ssssssssss', $titletrim, $first_nametrim, $last_nametrim, 
+				$address1trim, $address2trim, $citytrim, $state_countrytrim, 
+				$zcode_pcodetrim, $phonetrim, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+			
+			// Echo a message if the edit was satisfactory:
+				echo '<h3 class="text-center">The user has been edited.</h3>';	
+						} else { // Echo a message if the query failed.
+				echo '<p class="text-center">The user could not be edited due to a system error.';
+                echo ' We apologize for any inconvenience.</p>'; // Public message.
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		} else { // Display the errors.
+		echo '<p class="text-center">The following error(s) occurred:<br />';
+		foreach ($errors as $msg) { // Echo each error.
+			echo " - $msg<br />\n";
+		}
+		echo '</p><p>Please try again.</p>';
+		} // End of if (empty($errors))section.
+} // End of the conditionals
+// Select the user's information to display in textboxes:                                    #3
+
+	$q = mysqli_stmt_init($dbcon);
+	$query = "SELECT * FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	mysqli_stmt_bind_param($q, 'i', $id); 
+      
+       // execute query
+	   
+    mysqli_stmt_execute($q);  
+	   
+	$result = mysqli_stmt_get_result($q);
+
+	$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	
+	// Create the form:
+?>
+<h2 class="h2 text-center">Edit User</h2>
+<h3 class="text-center">Items marked with an asterisk * are required</h3>
+<form action="edit_address.php" method="post"
+name="editform" id="editform">
+<div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	   value=
+		"<?php if (isset($row['title'])) 
+		echo htmlspecialchars($row['title'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($row['first_name'])) 
+		echo htmlspecialchars($row['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($row['last_name'])) 
+		echo htmlspecialchars($row['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($row['address1'])) 
+		echo htmlspecialchars($row['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($row['address2'])) 
+		echo htmlspecialchars($row['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($row['city'])) 
+		echo htmlspecialchars($row['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($row['state_country'])) 
+		echo htmlspecialchars($row['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>	
+<div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	   value=
+		"<?php if (isset($row['zcode_pcode'])) 
+		echo htmlspecialchars($row['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($row['phone'])) 
+		echo htmlspecialchars($row['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>  
+<input type="hidden" name="id" value="<?php echo $id ?>" />
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="float-left g-recaptcha" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Edit User">
+</div>
+</div>
+</form>
+<?php
+} else { // The user could not be validated
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+}
+mysqli_stmt_free_result($q);
+mysqli_close($dbcon);
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_edit_record.php b/Ch07/migrate/process_edit_record.php
new file mode 100644
index 0000000..180d9b9
--- /dev/null
+++ b/Ch07/migrate/process_edit_record.php
@@ -0,0 +1,253 @@
+<?php
+define(ERROR_LOG,"errors.log");
+try
+{ 
+// After clicking the Edit link in the found_record.php page. This code is executed 
+// The code looks for a valid user ID, either through GET or POST:
+if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
+    $id = htmlspecialchars($_GET['id'], ENT_QUOTES);
+} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
+	$id = htmlspecialchars($_POST['id'], ENT_QUOTES);
+} else { // No valid ID, kill the script.
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+	include ('footer.php'); 
+	exit();
+}
+
+require ('./mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array();
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}	
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+//Is the class present? If it is, sanitize it
+$class = filter_var( $_POST['level'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($class)) && (strlen($class) <= 3)) {					
+	//Sanitize the trimmed phone number	
+	$classtrim = (filter_var($class, FILTER_SANITIZE_NUMBER_INT));	
+	}else{	
+	$errors[] = 'Missing Level Selection.';
+	}
+	// Look for the Paid Status:
+	$paid = filter_var( $_POST['paid'], FILTER_SANITIZE_STRING);	
+	if (empty($paid)) {
+		$errors[] = 'You forgot to enter the paid status.';
+	}
+	if (!(($paid == "No") || ($paid == "Yes"))) {
+		$errors[] = "Paid must be No or Yes.";
+	}	
+	if (empty($errors)) { // If everything's OK.                                     
+		$q = mysqli_stmt_init($dbcon);
+		$query = 'SELECT userid FROM users WHERE email=? AND userid !=?';
+        mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'si', $email, $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+	if (mysqli_num_rows($result) == 0) { // e-mail does not exist in another record
+		 $query = 'UPDATE users SET first_name=?, last_name=?, email=?,';
+		 $query .= ' class=?, paid=?';
+         $query .= ' WHERE userid=? LIMIT 1';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'sssssi', $first_name, $last_name, $email, $class, $paid, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+			
+			// Echo a message if the edit was satisfactory:
+				echo '<h3 class="text-center">The user has been edited.</h3>';	
+						} else { // Echo a message if the query failed.
+				echo '<p class="text-center">The user could not be edited due to a system error.';
+                echo ' We apologize for any inconvenience.</p>'; // Public message.
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		} else { // Already registered.
+			echo '<p class="text-center">The email address has already been registered.</p>';
+		}
+		} else { // Display the errors.
+		echo '<p class="text-center">The following error(s) occurred:<br />';
+		foreach ($errors as $msg) { // Echo each error.
+			echo " - $msg<br />\n";
+		}
+		echo '</p><p>Please try again.</p>';
+		} // End of if (empty($errors))section.
+} // End of the conditionals
+// Select the user's information to display in textboxes:                                    #3
+
+	$q = mysqli_stmt_init($dbcon);
+	$query = 
+	"SELECT first_name, last_name, email, class, paid FROM users WHERE userid=?";
+    mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	mysqli_stmt_bind_param($q, 'i', $id); 
+      
+       // execute query
+	   
+    mysqli_stmt_execute($q);  
+	   
+	$result = mysqli_stmt_get_result($q);
+
+	$row1 = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	
+	// Create the form:
+?>
+<h2 class="h2 text-center">Edit a Record</h2>
+<form action="edit_user.php" method="post"	
+	name="editform" id="editform">
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($row1['first_name'])) 
+		echo htmlspecialchars($row1['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($row1['last_name'])) 
+		echo htmlspecialchars($row1['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($row1['email'])) 
+		echo htmlspecialchars($row1['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label text-right">Membership Class*</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php
+ require_once("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($row1['level'])) && ( $row1['level'] == $row[$i])) 
+		{ 
+	?>
+			selected
+	<?php } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+}
+echo "here";
+?>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+    <label for="paid" class="col-sm-4 col-form-label text-right">Paid:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="paid" name="paid" 
+	  placeholder="Paid" maxlength="60" required
+	  value="<?php echo htmlspecialchars($row1['paid'], ENT_QUOTES); ?>">
+    </div>
+  </div> 
+<input type="hidden" name="id" value="<?php echo $id ?>" />
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+<?php
+} else { // The user could not be validated
+	echo '<p class="text-center">This page has been accessed in error.</p>';
+}
+mysqli_stmt_free_result($q);
+mysqli_close($dbcon);
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_edit_your_account.php b/Ch07/migrate/process_edit_your_account.php
new file mode 100644
index 0000000..d8fc974
--- /dev/null
+++ b/Ch07/migrate/process_edit_your_account.php
@@ -0,0 +1,174 @@
+<?php
+try { 
+require ('mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array(); 
+//Is the title present? If it is, sanitize it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+
+//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}
+
+//If the 2nd address is present? If it is, sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the phone number present? If it is, sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+	if (empty($errors)) { // If everything's OK.
+		//  make the query
+		$q = mysqli_stmt_init($dbcon);
+		$query = 'SELECT userid FROM users WHERE email=? AND userid !=?';
+         mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'si', $emailtrim, $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0) { // e-mail does not exist in another record
+		// Make the update query:                                     #5
+		
+		 $query = 'UPDATE users SET title=?, first_name=?, last_name=?, email=?, ';
+		 $query .='address1=?, address2=?, city=?, state_country=?, zcode_pcode=?, ';
+		 $query .='phone=?';
+         $query .= ' WHERE userid=?';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'ssssssssssi', $titletrim, $first_nametrim, $last_nametrim, 
+			$emailtrim, $address1trim, $address2trim, $citytrim, $state_countrytrim, 
+			$zcode_pcodetrim, $phonetrim, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+	
+			// Echo a message if the edit was satisfactory:
+				echo '<h3 class="text-center">The user has been edited!!</h3>';	
+						} else { // Echo a message if the query failed.
+				echo '<p class="text-center">The user could not be edited. Did you change anything?';
+                echo ' We apologize for any inconvenience.</p>'; // Public message.
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		}
+		} else { // Display the errors.
+		// ---------------Process User Errors---------------
+		// Display the users entry errors
+		$errorstring = 'Error! The following error(s) occurred: ';
+		foreach ($errors as $msg) { // Print each error.				
+		$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= 'Please try again.';
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+} // End of the conditionals
+// Select the user's information:                                                       #6
+
+$query = "SELECT title, first_name, last_name, email, address1, address2, city, state_country, zcode_pcode, phone ";
+$query .=" FROM users WHERE userid=?";	
+// id was retrieved from database prepared not needed	
+   $q = mysqli_stmt_init($dbcon);
+   mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'i', $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	$row = mysqli_fetch_array ($result, MYSQLI_ASSOC);
+	// Create the form: 	#7
+	
+	
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_edit_your_account1.php b/Ch07/migrate/process_edit_your_account1.php
new file mode 100644
index 0000000..42b81e4
--- /dev/null
+++ b/Ch07/migrate/process_edit_your_account1.php
@@ -0,0 +1,173 @@
+<?php
+try { 
+require ('mysqli_connect.php'); 
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array(); 
+//Is the title present? If it is, sanitize it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+
+//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}
+
+//If the 2nd address is present? If it is, sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the phone number present? If it is, sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+	if (empty($errors)) { // If everything's OK.
+		//  make the query
+		$q = mysqli_stmt_init($dbcon);
+		$query = 'SELECT userid FROM users WHERE email=? AND userid !=?';
+         mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'si', $emailtrim, $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0) { // e-mail does not exist in another record
+		// Make the update query:                                     #5
+		
+		 $query = 'UPDATE users SET title=?, first_name=?, last_name=?, email=?, ';
+		 $query .='address1=?, address2=?, city=?, state_country=?, zcode_pcode=?, ';
+		 $query .='phone=?';
+         $query .= ' WHERE userid=?';
+		 $q = mysqli_stmt_init($dbcon);
+         mysqli_stmt_prepare($q, $query);
+
+        // bind values to SQL Statement
+	
+		mysqli_stmt_bind_param($q, 'ssssssssssi', $titletrim, $first_nametrim, $last_nametrim, 
+			$emailtrim, $address1trim, $address2trim, $citytrim, $state_countrytrim, 
+			$zcode_pcodetrim, $phonetrim, $id);
+       // execute query
+	   
+       mysqli_stmt_execute($q);   
+			if (mysqli_stmt_affected_rows($q) == 1) { // Update OK
+	
+			// Echo a message if the edit was satisfactory:
+				echo '<h3 class="text-center">The user has been edited!!</h3>';	
+						} else { // Echo a message if the query failed.
+				echo '<p class="text-center">The user could not be edited. Did you change anything?';
+                echo ' We apologize for any inconvenience.</p>'; // Public message.
+				//echo '<p>' . mysqli_error($dbcon) . '<br />Query: ' . $q . '</p>'; // Debugging message.
+				// Message above is only for debug and should not display sql in live mode
+			}
+		}
+		} else { // Display the errors.
+		// ---------------Process User Errors---------------
+		// Display the users entry errors
+		$errorstring = 'Error! The following error(s) occurred: ';
+		foreach ($errors as $msg) { // Print each error.				
+		$errorstring .= " - $msg<br>\n";
+		}
+		$errorstring .= 'Please try again.';
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (empty($errors)) IF.
+} // End of the conditionals
+// Select the user's information:                                                       #6
+
+$query = "SELECT title, first_name, last_name, email, address1, 
+address2, city, state_country, zcode_pcode, phone ";
+$query .=" FROM users WHERE userid=?";	
+// id was retrieved from database prepared not needed	
+   $q = mysqli_stmt_init($dbcon);
+   mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+		mysqli_stmt_bind_param($q, 'i', $id);
+		
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+	   $result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 1) { // Valid user ID, display the form.
+	// Get the user's information:
+	$row = mysqli_fetch_array ($result, MYSQLI_ASSOC);
+	// Create the form: 	#7
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_temp_view_found_record.php b/Ch07/migrate/process_temp_view_found_record.php
new file mode 100644
index 0000000..76770f5
--- /dev/null
+++ b/Ch07/migrate/process_temp_view_found_record.php
@@ -0,0 +1,88 @@
+<?php
+define(ERROR_LOG,"errors.log");
+try
+{
+
+// This script retrieves records from the users table.                         
+require ('mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, userid FROM users WHERE ";
+$query .= "last_name='Smith' AND first_name='James' ";
+$query .="ORDER BY registration_date ASC ";		
+// Perpared statement not needed because string is hard coded
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+</tr>';	
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="text-center">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_view_found_addresses.php b/Ch07/migrate/process_view_found_addresses.php
new file mode 100644
index 0000000..1d665f0
--- /dev/null
+++ b/Ch07/migrate/process_view_found_addresses.php
@@ -0,0 +1,114 @@
+<?php
+define(ERROR_LOG,"errors.log");
+try
+{
+// This script retrieves records from the users table.                         
+require ('./mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+$first_name = htmlspecialchars($_POST['first_name'], ENT_QUOTES);
+$last_name = htmlspecialchars($_POST['last_name'], ENT_QUOTES);
+// Since it's a prepared statement below this sanitizing is not needed
+// However, to consistantly retrieve than sanitize is a good habit
+
+$query = "SELECT userid, title, last_name, first_name, ";
+$query .= "address1, address2, city, state_country, zcode_pcode, phone ";
+$query .= "FROM users WHERE ";
+$query .= "last_name=? AND first_name=?";
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+mysqli_stmt_bind_param($q, 'ss', $last_name, $first_name);
+
+// execute query	 
+mysqli_stmt_execute($q); 
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped table-sm">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Title</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Address1</th>
+<th scope="col">Address2</th>
+<th scope="col">City</th>
+<th scope="col">State or Country</th>
+<th scope="col">Zip or Postal Code</th>
+<th scope="col">Phone</th>
+</tr>';	
+
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$title = htmlspecialchars($row['title'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$address1 = htmlspecialchars($row['address1'], ENT_QUOTES);
+	$address2 = htmlspecialchars($row['address2'], ENT_QUOTES);
+	$city = htmlspecialchars($row['city'], ENT_QUOTES);
+	$state_country = htmlspecialchars($row['state_country'], ENT_QUOTES);
+	$zcode_pcode = htmlspecialchars($row['zcode_pcode'], ENT_QUOTES);
+	$phone = htmlspecialchars($row['phone'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row"><a href="edit_address.php?id=' . $user_id . '">Edit</a></td>
+	<td scope="row">' . $title . '</td>
+	<td scope="row">' . $first_name . '</td>
+	<td scope="row">' . $last_name . '</td>
+	<td scope="row">' . $address1 . '</td>
+	<td scope="row">' . $address2 . '</td>
+	<td scope="row">' . $city . '</td>
+	<td scope="row">' . $state_country . '</td>
+	<td scope="row">' . $zcode_pcode . '</td>
+	<td scope="row">' . $phone . '</td>
+	</tr>';	
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="center-text">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/process_view_found_record.php b/Ch07/migrate/process_view_found_record.php
new file mode 100644
index 0000000..17bcf49
--- /dev/null
+++ b/Ch07/migrate/process_view_found_record.php
@@ -0,0 +1,107 @@
+<?php
+define(ERROR_LOG,"errors.log");
+try
+{
+// This script retrieves records from the users table.                         
+require ('mysqli_connect.php'); // Connect to the db.
+echo '<p class="text-center">If no record is shown, ';
+echo 'this is because you had an incorrect ';
+echo ' or missing entry in the search form.';
+echo '<br>Click the back button on the browser and try again</p>';
+$first_name = htmlspecialchars($_POST['first_name'], ENT_QUOTES);
+$last_name = htmlspecialchars($_POST['last_name'], ENT_QUOTES);
+// Since it's a prepared statement below this sanitizing is not needed
+// However, to consistantly retrieve than sanitize is a good habit
+
+$query = "SELECT last_name, first_name, email, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y')";
+$query .=" AS regdat, class, paid, userid FROM users WHERE ";
+$query .= "last_name=? AND first_name=? ";
+$query .="ORDER BY registration_date ASC ";		
+
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+mysqli_stmt_bind_param($q, 'ss', $last_name, $first_name);
+
+// execute query	 
+mysqli_stmt_execute($q); 
+
+$result = mysqli_stmt_get_result($q);
+
+if ($result) { // If it ran, display the records.
+// Table header.
+echo '<table class="table table-striped">
+<tr>
+<th scope="col">Edit</th>
+<th scope="col">Delete</th>
+<th scope="col">Last Name</th>
+<th scope="col">First Name</th>
+<th scope="col">Email</th>
+<th scope="col">Date Registered</th>
+<th scope="col">Class</th>
+<th scope="col">Paid</th>
+</tr>';	
+// Fetch and display the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$user_id = htmlspecialchars($row['userid'], ENT_QUOTES);
+	$last_name = htmlspecialchars($row['last_name'], ENT_QUOTES);
+	$first_name = htmlspecialchars($row['first_name'], ENT_QUOTES);
+	$email = htmlspecialchars($row['email'], ENT_QUOTES);
+	$registration_date = htmlspecialchars($row['regdat'], ENT_QUOTES);
+	$class = htmlspecialchars($row['class'], ENT_QUOTES);
+	$paid = htmlspecialchars($row['paid'], ENT_QUOTES);
+	echo '<tr>
+	<td><a href="edit_user.php?id=' . $user_id . '">Edit</a></td>
+	<td><a href="delete_user.php?id=' . $user_id . '">Delete</a></td>
+	<td>' . $last_name . '</td>
+	<td>' . $first_name . '</td>
+	<td>' . $email . '</td>
+	<td>' . $registration_date . '</td>
+	<td>' . $class . '</td>
+	<td>' . $paid . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	//                                                            
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Public message:
+	echo '<p class="center-text">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch07/migrate/register-password.php b/Ch07/migrate/register-password.php
new file mode 100644
index 0000000..3425993
--- /dev/null
+++ b/Ch07/migrate/register-password.php
@@ -0,0 +1,116 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Change Password</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/password-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+  <?php
+  if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
+   require('process-change-password.php');
+  } // End of the main Submit conditional. 
+  ?>  
+<div class="col-sm-8">
+<h2 class="h2 text-center">Change Password</h2>
+<form action="register-password.php" method="post" name="regform" id="regform"
+onsubmit="return checked();">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label text-right">Current Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password" name="password"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Current Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password'])) 
+		echo htmlspecialchars($_POST['password'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">New Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" 
+	value="Change Password">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(isset($errorstring)) {
+	 echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/register-thanks.php b/Ch07/migrate/register-thanks.php
new file mode 100644
index 0000000..4a85a50
--- /dev/null
+++ b/Ch07/migrate/register-thanks.php
@@ -0,0 +1,146 @@
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Thanks</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/thanks-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h3 class="h2 text-center" >Thank you for registering</h2>
+<h6 class="text-center">To confirm your registration please verify membership class and pay the membership fee now.</h6>
+<h6 class="text-center">You can use PayPal or a credit/debit card.</h6>
+<p class="text-center" >When you have completed your registration you will be able to login 
+to the member's only pages.</p>
+<?php
+define(ERROR_LOG,"errors.log");
+try {
+require ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<p></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="XXXXXXXXXXXXX">
+<div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label text-right">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+$class = htmlspecialchars($_GET['class'], ENT_QUOTES);
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($class)) && ( $class == $row[$i])) 
+		{ 
+	
+			echo ' selected ';
+	 } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<!-- Replace the code below with code provided by PayPal once you obtain a Merchant ID -->
+<input type="hidden" name="currency_code" value="GBP">
+<input style="margin:10px 0 0 40px" type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_buynowCC_LG.gif" name="submit" alt="PayPal  The safer, easier way to pay online.">
+<img alt="" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="1" height="1">
+<!-- Replace code above with PayPal provided code -->
+</div>
+</div>
+</form>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col-cards.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+<?php 
+} // end try
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
+</body>
+</html>
diff --git a/Ch07/migrate/register-view-users.php b/Ch07/migrate/register-view-users.php
new file mode 100644
index 0000000..337fb50
--- /dev/null
+++ b/Ch07/migrate/register-view-users.php
@@ -0,0 +1,110 @@
+ <?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']))
+{ header("Location: login.php");
+  exit();
+}
+define(ERROR_LOG,"errors.log");
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are the registered users</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require('mysqli_connect.php'); // Connect to the database.
+// Make the query:
+// Nothing passed from user safe query									#1
+$query = "SELECT CONCAT(last_name, ', ', first_name) AS name, ";
+$query .= "DATE_FORMAT(registration_date, '%M %d, %Y') AS ";
+$query .= "regdat FROM users ORDER BY registration_date ASC";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+// Table header. 									#2
+echo '<table class="table table-striped">
+<tr><th scope="col">Name</th><th scope="col">Date Registered</th></tr>';				
+// Fetch and print all the records:							#3
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+echo '<tr><td>' . $row['name'] . '</td><td>' . $row['regdat'] . '</td></tr>'; }
+    echo '</table>'; // Close the table so that it is ready for displaying.
+    mysqli_free_result ($result); // Free up the resources.
+} else { // If it did not run OK.
+// Error message:
+echo '<p class="error">The current users could not be retrieved. We apologize';
+echo ' for any inconvenience.</p>';
+// Debug message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+exit;
+} // End of if ($result) 
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
+
+  </div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/safer-register-page.php b/Ch07/migrate/safer-register-page.php
new file mode 100644
index 0000000..53b6442
--- /dev/null
+++ b/Ch07/migrate/safer-register-page.php
@@ -0,0 +1,330 @@
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script>
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/register-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+define(ERROR_LOG,"errors.log");
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<h3 class="text-center">Items marked with an asterisk * are required</h3>
+<?php
+try {
+require_once("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<form action="safer-register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+ <div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	   value=
+		"<?php if (isset($_POST['title'])) 
+		echo htmlspecialchars($_POST['title'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label text-right">Membership Class*</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($_POST['level'])) && ( $_POST['level'] == $row[$i])) 
+		{ 
+	?>
+			selected
+	<?php } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+echo "here";
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['adress1'])) 
+		echo htmlspecialchars($_POST['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['address2'])) 
+		echo htmlspecialchars($_POST['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['city'])) 
+		echo htmlspecialchars($_POST['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['state_country'])) 
+		echo htmlspecialchars($_POST['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>	
+ <div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['zcode_pcode'])) 
+		echo htmlspecialchars($_POST['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['phone'])) 
+		echo htmlspecialchars($_POST['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+      <label for="question" class="col-sm-4 col-form-label text-right">
+	  Secret Question*:</label>
+	  <div class="col-sm-8">
+      <select id="question" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Maiden">Mother's Maiden Name</option>
+	<option value="Pet">Pet's Name</option>
+	<option value="School">High School</option>
+	<option value="Vacation">Favorite Vacation Spot</option>
+	</select>
+	</div>
+	</div>  
+	<div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Answer*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Secret Answer" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['secret'])) 
+		echo htmlspecialchars($_POST['secret'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="float-left g-recaptcha" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col-cards.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php');
+  echo "</footer>";
+  echo "</div>";
+  }
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+ ?>
+</body>
+</html>
diff --git a/Ch07/migrate/search.php b/Ch07/migrate/search.php
new file mode 100644
index 0000000..7b97053
--- /dev/null
+++ b/Ch07/migrate/search.php
@@ -0,0 +1,90 @@
+<?php											
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{
+header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Search Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Search for a record</h2>
+<h6 class="text-center">Both names are required items</h6>
+<form action="view_found_record.php" method="post" >
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	  value=
+			"<?php if (isset($_POST['first_name'])) 
+				echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+			"<?php if (isset($_POST['last_name'])) 
+				echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" 
+		name="submit" value="Search">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/search_addresses.php b/Ch07/migrate/search_addresses.php
new file mode 100644
index 0000000..a1631ee
--- /dev/null
+++ b/Ch07/migrate/search_addresses.php
@@ -0,0 +1,96 @@
+<?php                                                                                     
+session_start();
+if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Search Address Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/login-header.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                //#1
+ require('process-view_found_addresses.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<div class="h2 text-center">
+<h5>Search for an Address or Phone Number</h5>
+<h5 style="color: red;">Both Names are required items</h5>
+</div>
+<form action="view_found_addresses.php" method="post" name="searchform" id="searchform">
+  <div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="l" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Search">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+		style="padding-bottom:1px; padding-top:8px;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+	style="padding-bottom:1px; padding-top:8px;">';
+ }
+  include('includes/footer.php'); 
+ ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/styles.css b/Ch07/migrate/styles.css
new file mode 100644
index 0000000..6242b84
--- /dev/null
+++ b/Ch07/migrate/styles.css
@@ -0,0 +1,69 @@
+body {text-align:center; background-color:#D7FFEB; color:navy; font-family: "times new roman"; 
+font-size: 100%; color: navy; margin: auto; 
+}
+h2 { font-size:150%; color:navy; text-align:center;
+}
+h3 { font-size:110%; color:navy; text-align:center;
+}
+#container {position:relative; min-width:960px; max-width:1200px; margin:auto; text-align:left;	
+}
+header, #header-members, #header-admin { margin:10 px auto 0 auto; min-width:960px; max-width:1200px; height:175px; background-image: url('images/tile-pale.jpg'); 
+background-repeat: repeat; padding:0; color:white;	
+}
+h1 {position:relative; top:40px; font-size:350%; color:white; margin:auto 0 auto 20px; 	width: 600px;
+}
+#info-col p {
+	text-align:center;
+}
+ul { position:absolute; top:160px; left:-40px; color:navy; width:135px; text-align:center; margin:0;
+}
+nav ul { position:absolute; top:185px; left:-30px; color:navy; width:135px; text-align:center; margin:0;
+}
+/* set general side button styles */
+li { width:115px; list-style-type :none; margin-bottom: 3px; text-align: center;
+}
+/* set general anchor styles */
+li a { display: block; width:115px; color: white; font-weight: bold; text-decoration: none
+}
+/* specify state styles. */
+/* mouseout (default) */
+li a { background: #5B78BE; border: 4px outset #aabaff;
+}
+/* mouseover */
+li a:hover { display:block; background: #0a4adf; border: 4px outset #8abaff; width:115px;
+}
+/* onmousedown */
+li a:active { background:#aecbff; border: 4px inset #aecbff;
+}
+#reg-navigation ul { float:right;
+	font-size:medium; width:160px; margin:-150px 15px 0 88%;
+}
+aside {
+	float:right; width:150px;
+}
+#midcol {width:90%; margin:auto;}
+#mid-left-col { width:48%; float:left; text-align:left;
+}
+#mid-right-col {width:48%; float:right; text-align:left;
+}
+#content { 	margin-left:150px; margin-right:150px;
+}
+table { width:700px; border:1px navy solid; border-collapse:collapse; margin:auto;
+}
+th, td { border:1px navy solid; padding:1px 0 1px 4px; text-align:left;
+}
+/*td { border:1px navy solid; padding:1px 0 1px 4px; text-align:left;
+}*/
+form { margin-left:180px;
+}
+footer { margin:auto; text-align:center; clear:both;
+}
+p.error { color:red; font-size:105%; font-weight:bold; text-align:center;
+}
+.label { float:left; width:210px; text-align:right; clear:left; margin-right:5px;
+}
+#submit { margin-left:215px; text-align:center;
+}
+span.left {
+	text-align:left;
+}  
\ No newline at end of file
diff --git a/Ch07/migrate/temp_view_found_record.php b/Ch07/migrate/temp_view_found_record.php
new file mode 100644
index 0000000..8a78417
--- /dev/null
+++ b/Ch07/migrate/temp_view_found_record.php
@@ -0,0 +1,55 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+  exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-8">
+  <h2 class="text-center">These are found users</h2>
+<p>
+<?php 
+require ("process_temp_view_found_record.php");
+?>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/users.sql b/Ch07/migrate/users.sql
new file mode 100644
index 0000000..373fbe1
--- /dev/null
+++ b/Ch07/migrate/users.sql
@@ -0,0 +1,120 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jun 20, 2018 at 05:02 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `migrate`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `prices`
+--
+
+CREATE TABLE `prices` (
+  `oneyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `oneyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `militarygb` decimal(6,0) UNSIGNED NOT NULL,
+  `militaryus` decimal(6,0) UNSIGNED NOT NULL,
+  `u21gb` decimal(6,0) UNSIGNED NOT NULL,
+  `u21us` decimal(6,0) UNSIGNED NOT NULL,
+  `minpricegb` decimal(6,0) UNSIGNED NOT NULL,
+  `minpriceus` decimal(6,0) UNSIGNED NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `prices`
+--
+
+INSERT INTO `prices` (`oneyeargb`, `oneyearus`, `fiveyeargb`, `fiveyearus`, `militarygb`, `militaryus`, `u21gb`, `u21us`, `minpricegb`, `minpriceus`) VALUES
+('30', '40', '125', '140', '5', '8', '2', '3', '15', '20');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `title` tinytext,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `class` char(20) NOT NULL,
+  `user_level` tinyint(2) UNSIGNED NOT NULL,
+  `address1` varchar(50) NOT NULL,
+  `address2` varchar(50) DEFAULT NULL,
+  `city` varchar(50) NOT NULL,
+  `state_country` char(25) NOT NULL,
+  `zcode_pcode` char(10) NOT NULL,
+  `phone` char(15) DEFAULT NULL,
+  `secret` varchar(30) NOT NULL,
+  `paid` enum('No','Yes') NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `title`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `class`, `user_level`, `address1`, `address2`, `city`, `state_country`, `zcode_pcode`, `phone`, `secret`, `paid`) VALUES
+(34, NULL, 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$TZRpkkmeP6fIl2hy1z2H6OV6WwL1ZcjHLTdrASs1jJm5N77a5kFie', '2018-06-20 10:08:01', '125', 0, '111 Main St', NULL, 'Key West', 'FL', '33040', NULL, 'Smith', 'Yes'),
+(35, NULL, 'Jack', 'Smith', 'jsmith@outcook.com', '$2y$10$i9uYUhvXZqbkPuTWnukM7uLGqo/aksE6TlPCTqVVL4h3NtYmRmdpm', '2018-06-20 10:09:52', '125', 1, '111 Main St', NULL, 'Key West', 'FL', '33040', NULL, 'Smith', 'Yes'),
+(36, 'Mr.', 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$UmWacPiHiECQmJz6VpPS5u2ne5oLPswKyhDIF6PcwhbpV7BcYLtGa', '2018-06-20 10:13:51', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(37, 'Ms.', 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$w/O9nBxDkm5j8E3apHVP3u6NH6O7VHUizH2TuZC5.Y4OpDXE2POBy', '2018-06-20 10:15:23', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(38, 'Mr.', 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$cEgamDEeI79Ka14BDoDjCeeV4z0xrNpYxNFeGdlJ9OIPqnvJxiVL2', '2018-06-20 10:16:49', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(39, 'Miss', 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$WFkNsErvl331HYWPx1I6yOMbXqRGjzJCY.xMYucu.AIOsDpw0dtZ2', '2018-06-20 10:18:51', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(40, 'Mr.', 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$RYRudOlD4i9dWjY.jlFpQOmiOEeT9YECQCanqTmsUwzs7RVWa0oPG', '2018-06-20 10:20:13', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(41, 'Mrs', 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$d6N2TjV82II07r7VSpLmeeYt4DbmU8iUx8C8B/uZ03gAemFDxGDti', '2018-06-20 10:31:08', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(42, 'Mrs', 'Annie', 'Mossity', 'amositty@myisp.org.uk', '$2y$10$tgY2g9J0elkfrQIb7j2Jau4U275a/V08eaYsmQqnuwIOGEbTbYxAe', '2018-06-20 10:32:24', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(43, 'Mr.', 'Percey', 'Veer', 'pveer@myisp.com', '$2y$10$Lh4JbdwseMeV0ozvCxAmd.mLjZdkB6lg4OkhA3IxaEeESvO8ug97.', '2018-06-20 10:33:58', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(44, 'Mr.', 'Darrel', 'Doo', 'ddoo@myisp.co.uk', '$2y$10$Ko7pl4a2yNY1SkXFIb6LMu1ROoGvRFjYVMOU0cC6ypNoNZC95/6Xq', '2018-06-20 10:35:50', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(45, 'Mr.', 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$RKyMLj.ZvtBFwsOgqKS1.O5aW/tQgDdbcfzKpejiHvPtSMn8GzXQ2', '2018-06-20 10:37:14', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(46, 'Mrs', 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$BLioPYg2pLPz5yHnmnhqvOCr6QbAuGpg6KIhIPA//j8jTJqbXv8Fa', '2018-06-20 10:39:02', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes'),
+(47, 'Mr.', 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$P/7yQfboAVJvDfC275LuxerpTVaOs6yLhsZEeJ1SBoKX.Y8pCFrA2', '2018-06-20 10:40:33', '125', 0, '2 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 'London', 'Yes');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=48;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch07/migrate/verify.js b/Ch07/migrate/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch07/migrate/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch07/migrate/view_found_addresses.php b/Ch07/migrate/view_found_addresses.php
new file mode 100644
index 0000000..6732633
--- /dev/null
+++ b/Ch07/migrate/view_found_addresses.php
@@ -0,0 +1,51 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+ exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Found Addresses</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-10"> 
+  <h2 class="text-center">These are addresses found</h2>
+<p>
+<?php 
+require ("process_view_found_addresses.php");
+?>
+</div>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch07/migrate/view_found_record.php b/Ch07/migrate/view_found_record.php
new file mode 100644
index 0000000..dd02ecf
--- /dev/null
+++ b/Ch07/migrate/view_found_record.php
@@ -0,0 +1,51 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{ header("Location: login.php");
+ exit();
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Found Records</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header class="jumbotron text-center row"
+style="margin-bottom:2px; background:linear-gradient(white, #0073e6); padding:20px;"> 
+  <?php include('includes/header-admin.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+  <div class="col-sm-10"> 
+  <h2 class="text-center">These are users found</h2>
+<p>
+<?php 
+require ("process_view_found_record.php");
+?>
+</div>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch08/estate/advert.php b/Ch08/estate/advert.php
new file mode 100644
index 0000000..0e61355
--- /dev/null
+++ b/Ch08/estate/advert.php
@@ -0,0 +1,372 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{
+ header("Location: login.php");
+  exit();
+}
+define('ERROR_LOG','errors.log');
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Add Home Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header>
+  <?php include('includes/header_advert.php'); ?>
+</header>
+
+<?php
+// This script is a query that INSERTs a record in the houses table.
+// Check that form has been submitted:
+if (($_SERVER['REQUEST_METHOD'] == 'POST') && ($_POST['submit'] == 'Add')) {
+	
+	// only accept values from same site via post
+try {
+	$errors = array(); // Initialize an error array.
+	require('mysqli_connect.php'); // Connect to the db.
+// Check for a location
+
+
+$location = filter_var($_POST['location'], FILTER_SANITIZE_STRING);
+	if ((empty($location)) || ($location == '- Select -')) {
+		$errors[] = 'You forgot to enter the location.';
+	} else {
+		if (($location == "South_Devon") ||
+			($location == "Mid_Devon") ||
+			($location == "North_Devon"))
+		{
+			// OK
+		} else {
+			$errors[] = "Invalid location";
+		}
+	}
+// Has a price been entered?	
+
+
+$price = filter_var( $_POST['price'], FILTER_SANITIZE_NUMBER_INT);	    		
+if ((empty($price)) || (strlen($price) > 15)) {					
+$errors[] ='You forgot to enter the price.' ;
+}
+// check type
+$type = (filter_var($_POST['type'], FILTER_SANITIZE_STRING));
+	if ((empty($_POST['type'])) || ($_POST['type'] == '- Select -')) {
+		// user could choose - Select - by mistake
+		$errors[] = 'You forgot to enter the type of house.';
+	} else {
+		if (($type == "Det-bung") ||
+			($type == "Sem-det-bung") ||
+			($type == "Det-house") || 
+			($type == "Semi-det-house"))
+		{
+			//OK
+		} else {
+			$errors[] = "Invalid type";
+		}
+	}
+// Check for brief description
+$mini_descriptiontrim = filter_var( $_POST['mini_description'], FILTER_SANITIZE_STRING);			
+if ((!empty($mini_descriptiontrim)) && (preg_match('/[a-z0-9\.\!\?\s\,\-]/i', $mini_descriptiontrim)) &&
+  (strlen($mini_descriptiontrim) <= 120)) {					
+    $mini_description = $mini_descriptiontrim;						
+	}else{	
+	$errors[] = 'Missing description. Only numeric, alphabetic, period, comma, dash and space. Max 120.';
+	}	
+	// Check for number of bedrooms
+$bedrooms = filter_var( $_POST['bedrooms'], FILTER_SANITIZE_NUMBER_INT);	
+	if ((empty($bedrooms)) || ($bedrooms == '- Select -')) {
+		$errors[] = 'You forgot to enter the number of bedrooms';
+	} else {
+		if (($bedrooms == "1") ||
+			($bedrooms == "2") ||
+			($bedrooms == "3") || 
+			($bedrooms == "4"))
+		{
+			// OK
+		} else {
+			$errors[] = "Invalid number of bedrooms";
+		}
+	}
+	// Check if a thumbnail url has been entered
+	$thumb = filter_var( $_POST['thumb'], FILTER_SANITIZE_URL);
+	if ((empty($thumb)) || (strlen($thumb > 45))) {
+		// thumbnail link is optional
+		$thumb = NULL;
+	}
+	// Check if full description has been entered
+	$full_descriptiontrim = 
+		filter_var( $_POST['full_description'], FILTER_SANITIZE_STRING);
+	if ((!empty($full_descriptiontrim)) && 
+		(preg_match('/[a-z0-9\.\!\?\s\,\-]/i', $full_descriptiontrim)) &&
+  (strlen($full_descriptiontrim) <= 400)) {					
+    $full_description = $full_descriptiontrim;						
+	}else{	
+	$errors[] = 
+	'Missing description. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}	
+    // full picture
+	$full_picture = filter_var( $_POST['full_picture'], FILTER_SANITIZE_URL);
+	if ((empty($full_picture)) || (strlen($full_picture) > 45)){
+	// optional
+		$full_picture = NULL;
+	}
+	// Check for status of the house
+$status = filter_var( $_POST['status'], FILTER_SANITIZE_STRING);	
+	if ((empty($status)) || ($status == '- Select -')) {
+		$errors[] = 'You forgot to select a status';
+	} else {
+		if (($status == "Available") ||
+			($status == "Under offer") ||
+			($status == "Withdrawn") || 
+			($status == "Sold"))
+		{
+			// OK
+		} else {
+			$errors[] = "Invalid status";
+		}
+	}
+if (empty($errors)) { // If everything's OK.
+	// Register the house in the database
+	// Make the query:
+	$query = "INSERT INTO houses (ref_number, location, price, type, mini_description, bedrooms, "; 
+    $query .= "thumb, status, full_description, full_picture) ";
+    $query .= " VALUES ";
+	$query .= "(' ', ?, ?,?,?,?,?,?,?,? )"; 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'sssssssss', $location, $price, $type, $mini_description, $bedrooms, 
+	$thumb, $status, $full_description, $full_picture);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+// Good
+	header ("location: another.php"); 
+} else { // If it did not run OK.
+// Message:
+ $errorstring = 'System Error ';
+ $errorstring .= 'The house could not be added due to a system error. ';
+ $errorstring .= 'We apologize for any inconvenience.'; 
+// Debugging message:
+// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+} // End of if ($r) IF.
+mysqli_close($dbcon); // Close the database connection.
+exit();
+} else { // Report the errors.
+ $errorstring = 'Error!';
+ $errorstring .= ' The following error(s) occurred:<br>';
+foreach ($errors as $msg) { // Print each error.
+	$errorstring .= " - $msg<br>\n";
+}
+	$errorstring .= 'Please try again.';
+	
+}// End of if (empty($errors)) IF.
+} // try
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+} // End of the main Submit conditional.
+?>
+<div class="content mx-auto" id="contents" style="padding-top:10px">
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+
+<div class="col-sm-8">
+<form action="advert.php" method="post" name="advert" id="advert">
+<!--START OF TEXT FIELDS-->
+<div class='form-group row'>
+    <label for="" class="col-sm-4 col-form-label text-right">
+	</label>
+<div class="col-sm-8 text-center">
+    <h3>Add a House</h3>
+	<h5>
+	<?php
+	If (!empty($errorstring)) {
+		echo $errorstring;
+	}
+	?></h5>
+</div>
+</div>
+<div class="form-group row">
+      <label for="location" class="col-sm-4 col-form-label text-right">
+	  Location:</label>
+	  <div class="col-sm-8">
+      <select id="location" name="location" class="form-control" required>
+	<option value="">- Select -</option>
+	<option value="South_Devon">South Devon</option>
+	<option value="Mid_Devon">Mid Devon</option>
+	<option value="North_Devon">North Devon</option>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="price" class="col-sm-4 col-form-label text-right">Price:</label>
+    <div class="col-sm-8">
+      <input type="num" class="form-control" id="price" name="price" 
+	  placeholder="Price" maxlength="15"
+	  pattern="[0-9\.]*" 
+	  title="Numbers only max of 120 characters" 
+	   value=
+		"<?php if (isset($_POST['price'])) 
+		echo htmlspecialchars($_POST['price'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+      <label for="type" class="col-sm-4 col-form-label text-right">
+	  Type:</label>
+	  <div class="col-sm-8">
+      <select id="type" name="type" class="form-control" required>
+	<option value="">- Select -</option>
+	<option value="Det-bung">Detached Bungalow</option>
+	<option value="Sem-det-bung">Semi-detached Bungalow</option>
+	<option value="Det-house">Detached House</option>
+	<option value="Semi-det-house">Semi-detached House</option>
+	</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="thumb" class="col-sm-4 col-form-label text-right">Thumbnail URL</label>
+    <div class="col-sm-8">
+      <input type="url" class="form-control" id="thumb" name="thumb" 
+	  placeholder="Thumbnail URL" maxlength="45"
+	   value=
+		"<?php if (isset($_POST['thumb'])) 
+		echo htmlspecialchars($_POST['thumb'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+<div class="col-sm-8 text-center">
+    <label for="comment">Please enter your Brief Description below</label>
+    <textarea class="form-control" id="mini_description" 
+		name="mini_description" rows="3" cols="40"
+		pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-\?\!]*" 
+	  title="Alphabetic, numbers, comma, ., -, ?, !, space only max of 120 characters" 
+	value=
+		"<?php if (isset($_POST['mini_description'])) 
+		echo htmlspecialchars($_POST['mini_description'], ENT_QUOTES); ?>" >
+	</textarea>
+  </div>
+ </div> 
+<div class="form-group row">
+      <label for="bedrooms" class="col-sm-4 col-form-label text-right">
+	  Bedrooms:</label>
+	  <div class="col-sm-8">
+      <select id="bedrooms" name="bedrooms" class="form-control" required>
+	<option value="">- Select -</option>
+	<option value="1">1</option>
+	<option value="2">2</option>
+	<option value="3">3</option>
+	<option value="4">4</option>
+	</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+<div class="col-sm-8 text-center">
+    <label for="comment">Please enter your Full Description below</label>
+    <textarea class="form-control" id="full_description" name="full_description" 
+		rows="10" cols="40"
+		pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-\?\!]*" 
+	  title="Alphabetic, numbers, comma, ., -, ?, !, space only max of 400 characters" 
+	value=
+		"<?php if (isset($_POST['full_description'])) 
+		echo htmlspecialchars($_POST['full_description'], ENT_QUOTES); ?>" >
+	</textarea>
+  </div>
+ </div>
+ <div class="form-group row">
+    <label for="full_picture" class="col-sm-4 col-form-label text-right">Full Picture URL</label>
+    <div class="col-sm-8">
+      <input type="url" class="form-control" id="full_picture" name="full_picture" 
+	  placeholder="Full Picture URL" maxlength="45"
+	   value=
+		"<?php if (isset($_POST['full_picture'])) 
+		echo htmlspecialchars($_POST['full_picture'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+      <label for="status" class="col-sm-4 col-form-label text-right">
+	  Status:</label>
+	  <div class="col-sm-8">
+      <select id="status" name="status" class="form-control" required>
+	<option value="">- Select -</option>
+	<option value="Available">Available</option>
+	<option value="Under offer">Under offer</option>
+	<option value="Withdrawn">Withdrawn</option>
+	<option value="Sold">Sold</option>
+	</select>
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="float-left g-recaptcha" style="padding-left: 50px;" 
+  data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Add">
+    </div>
+	</div>
+</form><!-- End of the add house content. -->
+</div>
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-4">
+		<?php include('includes/menu.php'); ?> 
+  </nav>
+</div>
+</div>
+<div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/advert_houses.php b/Ch08/estate/advert_houses.php
new file mode 100644
index 0000000..3a2455d
--- /dev/null
+++ b/Ch08/estate/advert_houses.php
@@ -0,0 +1,188 @@
+<?php                                                                      
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{
+ header("Location: login.php");
+  exit();
+}
+define('ERROR_LOG', 'errors.log');
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Admin View All Houses</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header>
+  <?php include('includes/header_3btn.php'); ?>
+</header>
+<div class="content mx-auto" id="contents" style="padding-top:10px">
+<!-- Body Section -->
+  <div class="row" style="padding: 10px;">
+
+<div class="col-sm-12">
+<h4 class="text-center">Houses displayed four at-a-time</h4>
+<h5>
+	<?php
+	If (!empty($errorstring)) {
+		echo $errorstring;
+	}
+	?>
+</h5>
+<?php 
+try {
+// This script retrieves all the records from the users table.
+require ('mysqli_connect.php'); // Connect to the database.
+//set the number of rows per display page
+$pagerows = 4;
+// Has the total number of pages already been calculated?
+if (isset($_GET['pages'])) {
+$pages = (filter_var($_GET['pages'], FILTER_SANITIZE_NUMBER_INT));
+} else {
+//use the next block of code to calculate the number of pages
+//First, check for the total number of records
+$query = "SELECT COUNT(ref_number) FROM houses";
+$result = mysqli_query ($dbcon, $query);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$records = $row[0];
+//Now calculate the number of pages
+if ($records > $pagerows){ //if the number of records will fill more than one page
+//Calculatethe number of pages and round the result up to the nearest integer
+$pages = ceil ($records/$pagerows);
+}else{
+$pages = 1;
+}
+}//page check finished. Declare which record to start with
+If (isset($_GET['start'])) {
+$start = (filter_var($_GET['start'], FILTER_SANITIZE_NUMBER_INT));
+} else {
+$start = 0;
+}
+// Make the query:
+$query = "SELECT ref_number, location, thumb, price, mini_description, bedrooms, status ";
+$query .= "FROM houses ORDER BY ref_number DESC LIMIT ?, ?";
+		
+    $q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 'ii', $start, $pagerows );
+    // execute query
+    mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+//$houses = mysqli_num_rows($result);
+if ($result) { // If it ran OK, display the records.
+// Table header.
+echo '<table class="table table-striped table-sm" style="color: black; background-color:white;">
+<tr>
+<th scope="col">Ref-Num</th>
+<th scope="col">Location</th>
+<th scope="col">Thumb</th>
+<th scope="col">Price</th>
+<th scope="col">Features</th>
+<th scope="col">Bedrooms</th>
+<th scope="col">Status</th>
+</tr>';	
+// Fetch and print all the records:
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$ref_number = htmlspecialchars($row['ref_number'], ENT_QUOTES);
+	$location = htmlspecialchars($row['location'], ENT_QUOTES);
+	$thumb = htmlspecialchars($row['thumb'], FILTER_FLAG_NO_ENCODE_QUOTES);
+	$price = htmlspecialchars($row['price'], ENT_QUOTES);
+	$mini_description = htmlspecialchars($row['mini_description'], ENT_QUOTES);
+	$bedrooms = htmlspecialchars($row['bedrooms'], ENT_QUOTES);
+	$status = htmlspecialchars($row['status'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row">' . $ref_number . '</td>
+	<td scope="row">' . $location . '</td>
+	<td scope="row"><img src='. $thumb . '></td>
+	<td scope="row">' . $price . '</td>
+	<td scope="row">' . $mini_description . '</td>
+	<td scope="row">' . $bedrooms . '</td>
+	<td scope="row">' . $status . '</td>
+	</tr>';	
+	}
+	echo '</table>'; // Close the table.
+	mysqli_free_result ($result); // Free up the resources.	
+} else { // If it did not run OK.
+// Message:	
+	$errorstring = '<p class="text-center">The record could not be retrieved. ';
+	$errorstring .= 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+} // End of if ($result). Now display the total number of records/houses
+$q = "SELECT COUNT(ref_number) FROM houses";
+$result = mysqli_query ($dbcon, $q);
+$row = mysqli_fetch_array ($result, MYSQLI_NUM);
+$houses = (filter_var($row[0], FILTER_SANITIZE_NUMBER_INT));
+mysqli_close($dbcon); // Close the database connection.
+echo "<p class='text-center' style='color:black'>Total found: $houses</p>";
+if ($pages > 1) {
+echo '<h5 class="text-center">';
+//What number is the current page?
+$current_page = ($start/$pagerows) + 1;
+//If the page is not the first page then create a Previous link
+if ($current_page != 1) {
+echo '<a href="advert_houses.php?start=' . ($start - $pagerows) . '&pages=' . $pages . '">Previous</a> ';
+}
+//Create a Next link
+if ($current_page != $pages) {
+echo '<a href="advert_houses.php?start=' . ($start + $pagerows) . '&pages=' . $pages . '">Next</a> ';
+}
+echo '</h5>';
+}
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
+</div><!-- End of table display content -->
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/advert_search.php b/Ch08/estate/advert_search.php
new file mode 100644
index 0000000..9eacc62
--- /dev/null
+++ b/Ch08/estate/advert_search.php
@@ -0,0 +1,82 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{
+ header("Location: login.php");
+  exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Admin Search Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header>
+  <?php include('includes/header_4btn.php'); ?>
+</header>
+
+<div class="content mx-auto" id="contents" style="padding-top:10px">
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+
+<div class="col-sm-10">
+<form action="found_houses.php" method="post" name="find" id="find">
+<!--START OF TEXT FIELDS-->
+<div class='form-group row'>
+    <label for="" class="col-sm-4 col-form-label text-right">
+	</label>
+<div class="col-sm-8 text-center">
+    <h3>Search for a record</h3>
+	<h5>Enter the Reference Number</h5>
+	<h5>
+	<?php
+	If (!empty($errorstring)) {
+		echo $errorstring;
+	}
+	?></h5>
+</div>
+</div>
+<div class="form-group row">
+<div class="col-sm-2"></div>
+    <label for="ref_number" class="col-sm-4 col-form-label text-right">Reference Number:</label>
+    <div class="col-sm-4">
+      <input type="num" class="form-control" id="ref_number" name="ref_number" 
+	  placeholder="Reference Number" maxlength="30"
+	  pattern="[0-9]*" 
+	  title="Numbers only max of 30 characters" 
+	   value=
+		"<?php if (isset($_POST['ref_number'])) 
+		echo htmlspecialchars($_POST['ref_number'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Search">
+    </div>
+	</div>
+</form><!-- End of the add house content. -->
+</div>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>	
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/another.php b/Ch08/estate/another.php
new file mode 100644
index 0000000..61f05ea
--- /dev/null
+++ b/Ch08/estate/another.php
@@ -0,0 +1,56 @@
+<?php                                                                       
+session_start();
+if (!isset($_SESSION['user_level']) || ($_SESSION['user_level'] != 1))
+{
+ header("Location: login.php");
+  exit();
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Add Another Home Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header>
+  <?php include('includes/header_advert.php'); ?>
+</header>
+<div class="content mx-auto" id="contents" style="padding-top:10px">
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+
+<div class="col-sm-12">
+<h5 class="text-center">The house was successfully added!!</h5>
+<h5 class="text-center">Add Another?</h5>
+</div>
+</div>
+ <div class="row" style="padding-left: 95px;">
+ <div class="col-sm-4"></div>
+ <div class="col-sm-6">
+<nav>
+<?php include('includes/another-button.php'); ?>
+</nav>
+</div>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/cap.php b/Ch08/estate/cap.php
new file mode 100644
index 0000000..201053b
--- /dev/null
+++ b/Ch08/estate/cap.php
@@ -0,0 +1,17 @@
+<?php
+        if(isset($_POST['g-recaptcha-response'])){
+			$captcha=$_POST['g-recaptcha-response'];
+			$secretKey = "Put your secret key here";
+			$ip_address = $_SERVER['REMOTE_ADDR'];
+			$response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha."&remoteip=".$ip_address);
+			$keys = json_decode($response,true);
+			if(intval($keys["success"]) !== 1) {
+				echo "<h4 class='text-center'>Are you human? Click recaptcha</h4>";
+				header( "refresh:1;" );
+			}
+		}
+		else { echo "<h4 class='text-center'>Are you human? Click recaptcha!</h4>";
+		header( "refresh:1;" );
+		}
+		
+?>	
\ No newline at end of file
diff --git a/Ch08/estate/contact-handler.php b/Ch08/estate/contact-handler.php
new file mode 100644
index 0000000..7ee36d2
--- /dev/null
+++ b/Ch08/estate/contact-handler.php
@@ -0,0 +1,73 @@
+<?php
+// Feedback form handler
+// set the error and thank you pages
+$formurl = "feedback/feedback_form.html" ;
+$errorurl = "feedback/error.html" ; 
+$thankyouurl = "feedback/thankyou.html" ; 
+$emailerrurl = "feedback/emailerr.html" ; 
+$errorcommenturl =  "feedback/commenterror.html" ;
+// set to the email address of the recipient
+$mailto = "none@noone.com" ;             
+// Is first name present? If it is, sanitize it
+   $username = filter_var( $_POST['username'], FILTER_SANITIZE_STRING);	
+if ((!empty($username)) && (preg_match('/[a-z\s]/i',$username)) &&
+		(strlen($username) <= 30)) {			
+	//Save first name
+    $usernametrim = $username;		
+	}else{	
+	$errors = 'yes';
+	}
+// Check that an email address has been entered	correctly			
+  $useremailtrim = filter_var( $_POST['useremail'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($useremailtrim)) || (!filter_var($useremailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($useremailtrim > 60))) {
+		// if email is bad display error page
+		header( "Location: $emailerrurl" ); 
+        exit ;
+	}
+// Is the phone number present? if so, sanitize it
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize and validate phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL; // if not valid or missing do not save
+	}
+	//Is the 1st address present? If it is, sanitize it
+$ref_number = filter_var( $_POST['ref_number'], FILTER_SANITIZE_STRING);			
+if ((!empty($ref_number)) && (preg_match('/[0-9]/', $ref_number)) &&
+  (strlen($ref_number) <= 30)) {					
+	//Save the 1st address
+    $ref_numbertrim = $ref_number;						
+	}else{	
+	$errors = 'yes';
+	}
+$comment = filter_var( $_POST['comment'], FILTER_SANITIZE_STRING);
+if ((!empty($comment)) && (strlen($comment) <= 320)) {
+	// remove ability to create link in email
+	$patterns = array("/http/", "/https/", "/\:/","/\/\//","/www./");
+	$commenttrim = preg_replace($patterns," ", $comment);	
+	}else{	// if comment not valid display error page
+	header( "Location: $errorcommenturl" );
+	exit;
+}
+
+if (!empty($errors)) { // if errors display error page
+header( "Location: $errorurl" );
+exit ; }
+// everything OK send e-mail
+$subject = "Message from customer " . $usernametrim;
+$messageproper =                                                                        
+"------------------------------------------------------------\n" .
+"Name of sender: $usernametrim\n" . 
+"Email of sender: $useremailtrim\n" . 
+"Telephone: $phonetrim\n" . 
+"Ref Number: $ref_numbertrim\n" . 
+"------------------------- MESSAGE -------------------------\n\n" . 
+$commenttrim . 
+"\n\n------------------------------------------------------------\n" ; 
+mail($mailto, $subject, $messageproper, "From: \"$usernametrim\" <$useremailtrim>" ); 
+header( "Location: $thankyouurl" ); 
+exit ;
+?>
diff --git a/Ch08/estate/contact.php b/Ch08/estate/contact.php
new file mode 100644
index 0000000..780342e
--- /dev/null
+++ b/Ch08/estate/contact.php
@@ -0,0 +1,130 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Contact Us Form</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<script src='https://www.google.com/recaptcha/api.js'></script> 
+<link rel="stylesheet" type="text/css" href="transparent.css">  
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header>
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+ <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+  <div class="row" style="padding-left: 0px;">
+<!-- Left-side Column Menu Section -->
+<div class="col-sm-8">
+<form action="contact-handler.php" method="post" name="feedbackform" id="feedbackform">
+  <!-- Validate Input -->
+  <div class="form-group row">
+<div class="col-sm-4"></div>
+<div class="col-sm-8">
+<h4 class="text-center">Contact us to Arrange a Viewing</h4>
+<h5 class="text-center"><strong>Address:</strong> 1 The Street, Townsville, AA6 8PF, <strong>Tel:</strong> 01111 800777</h5>
+<h5 class="text-center"><strong>To contact us:</strong> Please use this form and click the Send button at the bottom.</h5>
+<h5 class="text-center">Essential items are marked with an asterisk</h5>
+</div>
+</div>
+<!--START OF TEXT FIELDS-->
+<div class="form-group row">
+    <label for="username" class="col-sm-4 col-form-label text-right">Your Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="username" name="username" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="Your Name" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['username'])) 
+		echo htmlspecialchars($_POST['username'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="useremail" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="useremail" name="useremail" 
+	  placeholder="Your E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['useremail'])) 
+		echo htmlspecialchars($_POST['useremail'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone*:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['phone'])) 
+		echo htmlspecialchars($_POST['phone'], ENT_QUOTES); ?>" >
+    </div>
+	</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>	
+<h5 class="col-sm-8 text-center">To request a viewing please enter the reference number of the house below</h5>
+</div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">House Reference Number*:</label>
+    <div class="col-sm-8">
+      <input type="num" class="form-control" id="ref_number" name="ref_number" 
+	  pattern="[0-9]*" 
+	  title="Numbers only max of 30 characters" 
+	  placeholder="Reference Number" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['ref_number'])) 
+		echo htmlspecialchars($_POST['ref_number'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+<div class="col-sm-8 text-center">
+    <label for="comment" style="color:white;">Please enter your message below</label>
+    <textarea class="form-control" id="comment" name="comment" rows="8" cols="40"
+	value=
+		"<?php if (isset($_POST['comment'])) 
+		echo htmlspecialchars($_POST['comment'], ENT_QUOTES); ?>" >
+	</textarea>
+  </div>
+ </div>
+ <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="g-recaptcha" style="margin-left: 80px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Send">
+    </div>
+	</div>
+	</form>
+	</div>
+<div class="col-sm-4">
+<?php include ('includes/menu.php'); ?>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/estatedb.sql b/Ch08/estate/estatedb.sql
new file mode 100644
index 0000000..368b367
--- /dev/null
+++ b/Ch08/estate/estatedb.sql
@@ -0,0 +1,141 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 07:07 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `estatedb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `houses`
+--
+
+CREATE TABLE `houses` (
+  `ref_number` mediumint(6) UNSIGNED NOT NULL,
+  `location` tinytext CHARACTER SET utf8 NOT NULL,
+  `price` decimal(9,2) NOT NULL,
+  `type` tinytext CHARACTER SET utf8 NOT NULL,
+  `mini_description` varchar(100) CHARACTER SET utf8 NOT NULL,
+  `bedrooms` tinyint(2) NOT NULL,
+  `thumb` varchar(45) CHARACTER SET utf8 NOT NULL,
+  `status` tinytext CHARACTER SET utf8 NOT NULL,
+  `full_description` varchar(600) CHARACTER SET utf8 NOT NULL,
+  `full_picture` varchar(45) CHARACTER SET utf8 NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Dumping data for table `houses`
+--
+
+INSERT INTO `houses` (`ref_number`, `location`, `price`, `type`, `mini_description`, `bedrooms`, `thumb`, `status`, `full_description`, `full_picture`) VALUES
+(1000, 'South_Devon', '350000.00', 'Det-bung', 'New property in rural situation but close to village shops', 3, 'images/thumbs/house01-191.gif', 'Sold', '<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1001, 'North_Devon', '320000.00', 'Det-bung', 'Delightful rural location but close to village shops', 3, 'images/thumbs/house01-191.gif', 'Available', '<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1002, 'Mid_Devon', '300000.00', 'Det-bung', 'Delightful rural location but close to village shops', 3, 'images/thumbs/house01-191.gif', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1003, 'South_Devon', '400000.00', 'Det-house', 'Located on the outskirts of a thriving town. Stunning rural views.', 4, 'images/thumbs/house10-151.gif', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', 'images/pictures/house10.gif'),
+(1004, 'North_Devon', '380000.00', 'Det-house', 'Semi rural location within walking distance of Townsville ', 4, 'images/thumbs/house10-151.gif', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1005, 'Mid_Devon', '360000.00', 'Det-house', 'Located on the edge of the town of Townsville.', 4, 'images/thumbs/house10-151.gif', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1006, 'Mid_Devon', '330000.00', 'Det-house', 'Semi rural with magnificent views of the countryside', 4, 'images/thumbs/house10-151.gif', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1007, 'South_Devon', '390000.00', 'Det-house', 'A town house with rural views. Located close to shops. ', 4, '\"images/thumbs/house12-102.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1008, 'Mid_Devon', '390000.00', 'Det-house', 'New build in rural loaction within walking distance of shops.', 4, '\"images/thumbs/house02-120.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1009, 'South_Devon', '390000.00', 'Det-house', 'A town house with character ', 4, '\"images/thumbs/house06-126.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1010, 'South_Devon', '295000.00', 'Det_house', 'In need of refurbishment', 4, '\"images/thumbs/house06-126.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1011, 'South_Devon', '295000.00', 'Det-house', 'In need of refurbishment', 4, '\"images/thumbs/house06-126.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1012, 'South_Devon', '350000.00', 'Semi-det-house', 'Recently refurbished throughout. Quiet urban location.', 3, '\"images/thumbs/house03-137-semi.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1013, 'South_Devon', '290000.00', 'Semi-det-house', 'Grade 2 Listed. Needs some refurbishment  Quiet rural location.', 3, '\"images/thumbs/house09-semi-110.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1014, 'South_Devon', '290000.00', 'Det-house', 'Modern town house in quiet location', 3, '\"images/thumbs/house12-102.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1015, 'North_Devon', '390000.00', 'Det-house', 'Modern town house in quiet location', 3, '\"images/thumbs/house10-151.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1016, 'North_Devon', '290000.00', 'Sem-det-bung', 'Modern bugalow in quiet location', 3, '\"images/thumbs/bung13-semi-thumb.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1017, 'North_Devon', '250000.00', 'Sem-det-bung', 'Modern bungalow in quiet location', 2, '\"images/thumbs/bung13-semi-thumb.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1018, 'North_Devon', '150000.00', 'Det-bung', 'Bungalow with character in rural location. Needs some refurbishment.', 2, '\"images/thumbs/house08.jpg\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1019, 'Mid_Devon', '150000.00', 'Det-bung', 'Bungalow with character in rural location. Needs some refurbishment.', 2, '\"images/thumbs/house08.jpg\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1020, 'South_Devon', '150000.00', 'Det-bung', 'Bungalow with character in rural location. Needs some refurbishment.', 2, '\"images/thumbs/house08.jpg\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1021, 'South_Devon', '290000.00', 'Det-house', 'Beach house. Needs some refurbishment.', 2, '\"images/thumbs/house05-104.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1022, 'Mid_Devon', '270000.00', 'Det-house', 'Rural locstion. House needs some refurbishment.', 3, '\"images/thumbs/house07-153.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1023, 'South_Devon', '280000.00', 'Det-house', 'Rural location. House needs some refurbishment.', 3, '\"images/thumbs/house07-153.gif\"', 'Available', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1024, 'South_Devon', '320000.00', 'Det-house', 'Rubbish', 3, '\"images/thumbs/house06-126.gif\"', 'Withdrawn', '	<p>A large and superbly presented detached house located in a beautiful \r\n	valley in South Devon. Four good size bedrooms, all en-suite. Three generous \r\n	reception rooms, luxury kitchen and main bathroom. &nbsp;&nbsp; <br>Double \r\n			Garage with radio operated doors. parking space for three cars in \r\n			front of the house. Large landscaped rear garden (approximately one \r\n			acre) with green house, summer house and hot tub. Neat front garden with rockery. </p>', ''),
+(1025, 'South_Devon', '320000.00', 'Det-house', 'Rubbish', 3, '\"images/house06-126.gif\"', 'Withdrawn', '', ''),
+(1026, 'Mid_Devon', '270000.00', 'Sem-det-bung', 'Recently built semi-detached bungalow in a pleasant cul-de-sac n and bathroom. Good gardens.', 3, '\"images/bung13-semi-thumb.gif\"', 'Available', '', ''),
+(1027, 'North_Devon', '270000.00', 'Sem-det-bung', 'Recently built semi-detached bungalow in a pleasant cul-de-sac n and bathroom. Good gardens.', 3, '\"images/bung13-semi-thumb.gif\"', 'Available', '', ''),
+(1028, 'Mid_Devon', '250000.00', 'Sem-det-bung', 'Recently refurbished semi- detached bungalow. Pleasant estate, quiet and tree lined. ', 3, '\"images/bung13-semi-thumb.gif\"', 'Available', '', ''),
+(1029, 'Mid_Devon', '270000.00', 'Sem-det-bung', 'Located in a delightful village with post office and general stores. Landscaped rear garden. Rural v', 3, '\"images/bung13-semi-thumb.gif\"', 'Available', '', ''),
+(1030, 'Mid_Devon', '270000.00', 'Sem-det-bung', 'Located in a delightful village with post office and general stores. Landscaped rear garden. Rural v', 3, '\"images/bung13-semi-thumb.gif\"', 'Available', '', ''),
+(1031, 'North_Devon', '280000.00', 'Det-bung', 'Recently built house in an attractive location with full amenities, including school, general stores', 3, '\"images/house02-120.gif\"', 'Available', '', ''),
+(1032, 'North_Devon', '290000.00', 'Semi-det-house', 'Delightful semi- detached house in a pleasant urban location', 2, '\"images/house03-137-semi.gif\"', 'Available', '', ''),
+(1033, 'Mid_Devon', '250000.00', 'Semi-det-house', 'Well presented semi-detached house in pleasant surroundings.', 2, '\"images/house03-137-semi.gif\"', 'Available', '', '');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `password` char(60) NOT NULL,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `user_level` tinyint(2) UNSIGNED NOT NULL,
+  `email` varchar(50) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `password`, `first_name`, `last_name`, `user_level`, `email`) VALUES
+(10, '$2y$10$3YLxPRe/dEmD7VLlUTw/QO8.EUtUz9OB01CMlWH/tBv3.Dz8JiHZa', 'Jack', 'Smith', 1, 'jsmith@outcook.com');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `houses`
+--
+ALTER TABLE `houses`
+  ADD PRIMARY KEY (`ref_number`);
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `houses`
+--
+ALTER TABLE `houses`
+  MODIFY `ref_number` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=1034;
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=11;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch08/estate/feedback/commenterr.html b/Ch08/estate/feedback/commenterr.html
new file mode 100644
index 0000000..b82533a
--- /dev/null
+++ b/Ch08/estate/feedback/commenterr.html
@@ -0,0 +1,14 @@
+<!doctype html>
+<html lang=”en”>
+<head>
+<title>Error message. Do not enter URLs</title>
+<meta charset=”utf-8”>
+<link rel="stylesheet" type="text/css" href="../transparent.css">
+<link rel="stylesheet" type="text/css" href="error-style.css">
+</head>
+<body>
+Sorry, but website addresses are not allowed<br><br> 
+<p>Please click the Back button on your internet browser<br>and then remove any
+website addresses from the form.</p>
+</body>
+</html>
diff --git a/Ch08/estate/feedback/emailerr.html b/Ch08/estate/feedback/emailerr.html
new file mode 100644
index 0000000..4bc304e
--- /dev/null
+++ b/Ch08/estate/feedback/emailerr.html
@@ -0,0 +1,18 @@
+<!doctype html> 
+<html lang=en>
+<head>
+<title>Email error message</title>
+<meta charset=utf-8>
+<link rel="stylesheet" type="text/css" href="../transparent.css">
+<link rel="stylesheet" href="error-style.css" type="text/css">
+</head>
+<body>
+<p>&nbsp;</p>
+<p>Your email address has an incorrect format.</p>
+<p>Please return to the form <br>
+ and then correct your email address.</p>
+<form method="post" action=" ">
+<input type="button" value="Return to form" onclick="history.go(-1)">
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/feedback/error-style.css b/Ch08/estate/feedback/error-style.css
new file mode 100644
index 0000000..3f75881
--- /dev/null
+++ b/Ch08/estate/feedback/error-style.css
@@ -0,0 +1,2 @@
+body { text-align:center; font-size:large; font-weight:bold; }
+span {color:red; font-size:x-large; }
diff --git a/Ch08/estate/feedback/error.html b/Ch08/estate/feedback/error.html
new file mode 100644
index 0000000..ee49060
--- /dev/null
+++ b/Ch08/estate/feedback/error.html
@@ -0,0 +1,22 @@
+<!doctype html> 
+<html lang=en>
+<head>
+<title>Error message. Missing essentials</title>
+<meta charset=utf-8>
+<link rel="stylesheet" type="text/css" href="../transparent.css">
+<link rel="stylesheet" type="text/css" href="error-style.css">
+</head>
+<html>
+<body>
+<p>&nbsp;</p>
+<p>&nbsp;</p>
+<p>One or more of the essential items in the form has not been filled in.</p>
+<p>Essential items have a red asterisk like this <span>*</span></p>
+<p>Please return to the form <br>
+ and then fill in the missing items</p>
+<form method="post" action=" ">
+<input type="button" value="Return to form" onclick="history.go(-1)">
+</form>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/feedback/feedback-form.css b/Ch08/estate/feedback/feedback-form.css
new file mode 100644
index 0000000..bd6761f
--- /dev/null
+++ b/Ch08/estate/feedback/feedback-form.css
@@ -0,0 +1,8 @@
+#sb, form{
+    display: block;
+    margin-left: auto;
+    margin-right: auto;
+	text-align: center;
+}
+body {margin:0; padding:0; }
+.cntr { text-align:center; }
diff --git a/Ch08/estate/feedback/feedback.css b/Ch08/estate/feedback/feedback.css
new file mode 100644
index 0000000..38458ca
--- /dev/null
+++ b/Ch08/estate/feedback/feedback.css
@@ -0,0 +1,12 @@
+/*FEEDBACK.CSS*/
+/*reset browsers for cross-client consistency*/
+body,h2,h3,p {margin:0; padding:0 }
+body {text-align:center; background-color:#D7FFEB; color:black; É
+font-family: "times new roman"; max-width:100%; min-width:960px;
+font-size: medium; color: #000000; margin: auto; width:95%;}
+#back-button { margin:20px auto 0 auto; text-align:center; width:200px; height:25px; É
+padding:5px; background-color:brown; color:white; font-size:110%; font-weight:bold; }
+#back-button a { text-decoration:none; color:white; }
+#back-button a:hover { color:red; }
+h2 { margin-top:15px; margin-bottom:10px; font-size:130%; font-weight:bold;}
+h3 { font-size:110%; font-weight:bold; text-align:center;}
diff --git a/Ch08/estate/feedback/thankyou.html b/Ch08/estate/feedback/thankyou.html
new file mode 100644
index 0000000..0e6e108
--- /dev/null
+++ b/Ch08/estate/feedback/thankyou.html
@@ -0,0 +1,19 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Thank you for your enquiry</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="../transparent.css">
+<link rel="stylesheet" type="text/css" href="feedback.css">
+</head>
+<body>
+<p>&nbsp;</p>
+<div id="back-button"><a title="Return to the Home page" href="../index.php">Return to
+Home Page</a>
+</div>
+<div><br>
+<h3>Thank you for your inquiry</h3>
+<h3>We will email an answer to you shortly.</h3>
+</div>
+</body>
+</html>
diff --git a/Ch08/estate/footer.php b/Ch08/estate/footer.php
new file mode 100644
index 0000000..742b705
--- /dev/null
+++ b/Ch08/estate/footer.php
@@ -0,0 +1,5 @@
+<p>Copyright &copy; Adrian West & Steve Prettyman 2017  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch08/estate/found_houses.php b/Ch08/estate/found_houses.php
new file mode 100644
index 0000000..5963270
--- /dev/null
+++ b/Ch08/estate/found_houses.php
@@ -0,0 +1,191 @@
+<?php                                                                                     
+session_start();
+// Data from valid source?
+if ((empty($_SESSION['user_level'])) && (!isset($_SESSION['previous_url']) or ($_SESSION['previous_url'] != "index")))
+{ header("Location: index.php");
+exit();
+}
+else 
+{
+if (!empty($_SESSION['user_level'])) {
+	$user_level = $_SESSION['user_level'];
+
+if(($user_level == 1) && (!empty($_POST['ref_number'])))
+{
+	$ref_number = htmlspecialchars($_POST['ref_number'], ENT_QUOTES);
+} 
+} else { $user_level = 0; }
+}
+define('ERROR_LOG',"errors.log");
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Found Houses Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header>
+<?php
+if ($user_level == 0)
+{
+include("includes/header_found_houses.php");
+}
+else if($user_level==1)
+{
+include('includes/header_4btn.php');
+}
+?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:20px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<div class="row">
+    
+<h3>To arrange a viewing please use the the Contact Us button on the menu and 
+quote the reference number.</h3>
+<?php 
+
+// This script retrieves all the records from the houses table
+try {
+require ('mysqli_connect.php'); // Connect to the database.
+// Make the query:					#3
+$query = "SELECT ref_number, location, thumb, price, mini_description, type, bedrooms, ";
+$query .= "status FROM houses ";
+//if(($user_level == 1) && (!empty($_POST['ref_number']))) {
+	 if((!empty($_POST['ref_number']))) {
+$query .= "WHERE ref_number=? "; 
+} else {
+$query .= "WHERE location= ? AND ";
+$query .= "(price <= ?) AND (price >= (? - 100000)) AND ";
+$query .= "type= ? AND bedrooms= ?  ORDER BY ref_number ASC ";	
+}
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+//if(($user_level == 1) && (!empty($_POST['ref_number']))) {
+	if((!empty($_POST['ref_number']))) {
+	mysqli_stmt_bind_param($q, 's', $ref_number);
+} else {
+$location = htmlspecialchars($_POST['location'], ENT_QUOTES);
+$price = htmlspecialchars($_POST['price'], ENT_QUOTES);
+$type = htmlspecialchars($_POST['type'], ENT_QUOTES);
+$bedrooms = htmlspecialchars($_POST['bedrooms'], ENT_QUOTES);
+mysqli_stmt_bind_param($q, 'sssss', $location, $price, $price, $type, $bedrooms);
+}
+// execute query	 
+mysqli_stmt_execute($q); 
+
+$result = mysqli_stmt_get_result($q);
+
+// SELECT is safe execution - read only
+if ($result) { // If it ran OK, display the records.
+// Table header.
+?>
+<table class="table table-responsive table-striped" style="background: white;color:black;">
+<tr>
+<th scope="col">Ref.</th>
+<th scope="col">Location</th>
+<th scope="col">Thumb</th>
+<th scope="col">Price</th>
+<th scope="col">Features</th>
+<th scope="col">Bedrooms</th>
+<th scope="col">Details</th>
+<th scope="col">Status</th>
+</tr>	
+<?php
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	// Remove special characters that might already be in table to 
+	// reduce the chance of XSS exploits
+	$ref_number = htmlspecialchars($row['ref_number'], ENT_QUOTES);
+	$thumb = htmlspecialchars($row['thumb'], ENT_QUOTES);
+	$price = htmlspecialchars($row['price'], ENT_QUOTES);
+	$mini_description = htmlspecialchars($row['mini_description'], ENT_QUOTES);
+	$bedrooms = htmlspecialchars($row['bedrooms'], ENT_QUOTES);
+	$status = htmlspecialchars($row['status'], ENT_QUOTES);
+	
+	echo '<tr>
+	<td scope="row">' . $row['ref_number'] . '</td>
+	<td scope="row">' . $row['location'] . '</td>';
+	if ($row['thumb'] == "")
+	{echo '<td scope="row"><img src="images/thumbs/default.jpg">';}
+    else { echo'<td scope="row">  <img src='.$row['thumb'] . '></td>';}
+	echo'<td scope="row">' . $row['price'] . '</td>
+	<td scope="row">' . $row['mini_description'] . '</td>
+	<td scope="row">' . $row['bedrooms'] . '</td>
+	<td scope="row"><a href="house_details.php?ref_number=' . $row['ref_number'] . 
+	'">Details</a></td>
+	<td scope="row">' . $row['status'] . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table.
+	mysqli_free_result ($result); // Free up the resources.	
+	} else { // If it did not run OK.
+// Public message:
+	echo '<p class="center-text">The current users could not be retrieved.';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message:
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>'; 
+	//Show $q is debug mode only
+} // End of if ($result). Now display the total number of records/members.
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<h5 class="text-center">No houses displayed? Sorry we have nothing that matches 
+your requirements at the moment</h5>
+</div>
+</div>
+</div><!-- End of table display content -->
+</div>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/house_details.php b/Ch08/estate/house_details.php
new file mode 100644
index 0000000..b5423d1
--- /dev/null
+++ b/Ch08/estate/house_details.php
@@ -0,0 +1,131 @@
+<?php                                                                                     
+session_start();
+// Data from valid source?
+if ((!empty($SESSION['user_level'])) && (!isset($_SESSION['previous_url'])
+	or ($_SESSION['previous_url'] != "index")))
+{ header("Location: index.php");
+exit();
+}
+define('ERROR_LOG','errors.log');
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>House Details Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 10px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:20px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<div class="row">
+    <div class="col-sm-5" style="background-color: white; padding-top: 10px;">
+ <?php
+try {
+$ref_number = htmlspecialchars($_GET['ref_number'], ENT_QUOTES);
+require ('mysqli_connect.php'); // Connect to the database.
+// Make the query:					#3
+$query = "SELECT price, full_description, full_picture ";
+$query .= "FROM houses WHERE ref_number=?";	
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+
+// bind values to SQL Statement
+mysqli_stmt_bind_param($q, 's', $ref_number);
+
+// execute query	 
+mysqli_stmt_execute($q); 
+
+$result = mysqli_stmt_get_result($q);
+
+// SELECT is safe execution - read only
+if ($result) { // If it ran OK, display the records.
+
+$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+?>
+<h5 style="color:green"><strong>Details for House Reference No
+<?php echo $ref_number; ?>
+</strong></h5>
+<?php echo '<img class="img-fluid float-left" alt="house reference ' . $ref_number; 
+echo '" src="';
+if ($row['full_picture']=="") 
+{echo 'images/pictures/default.jpg"/>';}
+else { echo $row['full_picture'];
+echo '">';
+}
+?>
+</div>
+<div class="col-sm-4" style=" background-color: white; color:black; padding-top: 10px;">	
+<h4 style="color:green;">To arrange a viewing please click the Contact Us button 
+	and quote the reference number
+<?php echo $ref_number . '</h4>';
+echo '<p>&pound;';
+echo $row['price'] . '</p>';
+echo $row['full_description'];
+?>
+</div>
+<?php
+mysqli_free_result ($result); // Free up the resources.	
+}
+else { // If it did not run OK.
+// Message:
+	echo '<p class="error">The record could not be retrieved. ';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging error message:
+//	echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+}
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>	
+<div class="col-sm-3">
+<?php include ('includes/menu.php'); ?>
+</div>
+</div>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/images/TIFs/House 2.wmf b/Ch08/estate/images/TIFs/House 2.wmf
new file mode 100644
index 0000000..0f6e075
Binary files /dev/null and b/Ch08/estate/images/TIFs/House 2.wmf differ
diff --git a/Ch08/estate/images/TIFs/Thumbs.db b/Ch08/estate/images/TIFs/Thumbs.db
new file mode 100644
index 0000000..25d8dfe
Binary files /dev/null and b/Ch08/estate/images/TIFs/Thumbs.db differ
diff --git a/Ch08/estate/images/TIFs/house03-120.tif b/Ch08/estate/images/TIFs/house03-120.tif
new file mode 100644
index 0000000..35dafd6
Binary files /dev/null and b/Ch08/estate/images/TIFs/house03-120.tif differ
diff --git a/Ch08/estate/images/TIFs/house03-semi-120.gif b/Ch08/estate/images/TIFs/house03-semi-120.gif
new file mode 100644
index 0000000..04b5b69
Binary files /dev/null and b/Ch08/estate/images/TIFs/house03-semi-120.gif differ
diff --git a/Ch08/estate/images/TIFs/house03-semi.tif b/Ch08/estate/images/TIFs/house03-semi.tif
new file mode 100644
index 0000000..a90e98b
Binary files /dev/null and b/Ch08/estate/images/TIFs/house03-semi.tif differ
diff --git a/Ch08/estate/images/TIFs/house03.tif b/Ch08/estate/images/TIFs/house03.tif
new file mode 100644
index 0000000..b1af265
Binary files /dev/null and b/Ch08/estate/images/TIFs/house03.tif differ
diff --git a/Ch08/estate/images/TIFs/house05.tif b/Ch08/estate/images/TIFs/house05.tif
new file mode 100644
index 0000000..e445894
Binary files /dev/null and b/Ch08/estate/images/TIFs/house05.tif differ
diff --git a/Ch08/estate/images/TIFs/house06.tif b/Ch08/estate/images/TIFs/house06.tif
new file mode 100644
index 0000000..99b7f6d
Binary files /dev/null and b/Ch08/estate/images/TIFs/house06.tif differ
diff --git a/Ch08/estate/images/TIFs/house09.tif b/Ch08/estate/images/TIFs/house09.tif
new file mode 100644
index 0000000..1a52886
Binary files /dev/null and b/Ch08/estate/images/TIFs/house09.tif differ
diff --git a/Ch08/estate/images/TIFs/house10.tif b/Ch08/estate/images/TIFs/house10.tif
new file mode 100644
index 0000000..0349a42
Binary files /dev/null and b/Ch08/estate/images/TIFs/house10.tif differ
diff --git a/Ch08/estate/images/TIFs/house11.tif b/Ch08/estate/images/TIFs/house11.tif
new file mode 100644
index 0000000..0d8006f
Binary files /dev/null and b/Ch08/estate/images/TIFs/house11.tif differ
diff --git a/Ch08/estate/images/TIFs/house12.tif b/Ch08/estate/images/TIFs/house12.tif
new file mode 100644
index 0000000..6f5f067
Binary files /dev/null and b/Ch08/estate/images/TIFs/house12.tif differ
diff --git a/Ch08/estate/images/TIFs/house_01.tif b/Ch08/estate/images/TIFs/house_01.tif
new file mode 100644
index 0000000..c0a6c24
Binary files /dev/null and b/Ch08/estate/images/TIFs/house_01.tif differ
diff --git a/Ch08/estate/images/TIFs/house_08.gif b/Ch08/estate/images/TIFs/house_08.gif
new file mode 100644
index 0000000..cb9fbfb
Binary files /dev/null and b/Ch08/estate/images/TIFs/house_08.gif differ
diff --git a/Ch08/estate/images/Thumbs.db b/Ch08/estate/images/Thumbs.db
new file mode 100644
index 0000000..c72458a
Binary files /dev/null and b/Ch08/estate/images/Thumbs.db differ
diff --git a/Ch08/estate/images/Timberedrow.wmf b/Ch08/estate/images/Timberedrow.wmf
new file mode 100644
index 0000000..e6796c3
Binary files /dev/null and b/Ch08/estate/images/Timberedrow.wmf differ
diff --git a/Ch08/estate/images/bung13-semi-thumb.gif b/Ch08/estate/images/bung13-semi-thumb.gif
new file mode 100644
index 0000000..766ba86
Binary files /dev/null and b/Ch08/estate/images/bung13-semi-thumb.gif differ
diff --git a/Ch08/estate/images/bung13-semi.gif b/Ch08/estate/images/bung13-semi.gif
new file mode 100644
index 0000000..7114f1a
Binary files /dev/null and b/Ch08/estate/images/bung13-semi.gif differ
diff --git a/Ch08/estate/images/bung14-semi-thumb.gif b/Ch08/estate/images/bung14-semi-thumb.gif
new file mode 100644
index 0000000..f531727
Binary files /dev/null and b/Ch08/estate/images/bung14-semi-thumb.gif differ
diff --git a/Ch08/estate/images/bung14-semi.gif b/Ch08/estate/images/bung14-semi.gif
new file mode 100644
index 0000000..9b21e35
Binary files /dev/null and b/Ch08/estate/images/bung14-semi.gif differ
diff --git a/Ch08/estate/images/devon-map-crop.jpg b/Ch08/estate/images/devon-map-crop.jpg
new file mode 100644
index 0000000..5f71cda
Binary files /dev/null and b/Ch08/estate/images/devon-map-crop.jpg differ
diff --git a/Ch08/estate/images/devon-map.jpg b/Ch08/estate/images/devon-map.jpg
new file mode 100644
index 0000000..cd05528
Binary files /dev/null and b/Ch08/estate/images/devon-map.jpg differ
diff --git a/Ch08/estate/images/devon-map.tif b/Ch08/estate/images/devon-map.tif
new file mode 100644
index 0000000..b789dd9
Binary files /dev/null and b/Ch08/estate/images/devon-map.tif differ
diff --git a/Ch08/estate/images/email.png b/Ch08/estate/images/email.png
new file mode 100644
index 0000000..c189923
Binary files /dev/null and b/Ch08/estate/images/email.png differ
diff --git a/Ch08/estate/images/header3.jpg b/Ch08/estate/images/header3.jpg
new file mode 100644
index 0000000..036459a
Binary files /dev/null and b/Ch08/estate/images/header3.jpg differ
diff --git a/Ch08/estate/images/house01-191.gif b/Ch08/estate/images/house01-191.gif
new file mode 100644
index 0000000..f6c8b77
Binary files /dev/null and b/Ch08/estate/images/house01-191.gif differ
diff --git a/Ch08/estate/images/house01.gif b/Ch08/estate/images/house01.gif
new file mode 100644
index 0000000..5fbda95
Binary files /dev/null and b/Ch08/estate/images/house01.gif differ
diff --git a/Ch08/estate/images/house02-120.gif b/Ch08/estate/images/house02-120.gif
new file mode 100644
index 0000000..61ae675
Binary files /dev/null and b/Ch08/estate/images/house02-120.gif differ
diff --git a/Ch08/estate/images/house02.gif b/Ch08/estate/images/house02.gif
new file mode 100644
index 0000000..2266507
Binary files /dev/null and b/Ch08/estate/images/house02.gif differ
diff --git a/Ch08/estate/images/house03-137-semi.gif b/Ch08/estate/images/house03-137-semi.gif
new file mode 100644
index 0000000..baad192
Binary files /dev/null and b/Ch08/estate/images/house03-137-semi.gif differ
diff --git a/Ch08/estate/images/house03-semi.gif b/Ch08/estate/images/house03-semi.gif
new file mode 100644
index 0000000..e73fcbe
Binary files /dev/null and b/Ch08/estate/images/house03-semi.gif differ
diff --git a/Ch08/estate/images/house04-137-semi.gif b/Ch08/estate/images/house04-137-semi.gif
new file mode 100644
index 0000000..a22cec4
Binary files /dev/null and b/Ch08/estate/images/house04-137-semi.gif differ
diff --git a/Ch08/estate/images/house04-semi.tif b/Ch08/estate/images/house04-semi.tif
new file mode 100644
index 0000000..4bcfaad
Binary files /dev/null and b/Ch08/estate/images/house04-semi.tif differ
diff --git a/Ch08/estate/images/house05-104.gif b/Ch08/estate/images/house05-104.gif
new file mode 100644
index 0000000..265f0fc
Binary files /dev/null and b/Ch08/estate/images/house05-104.gif differ
diff --git a/Ch08/estate/images/house05.gif b/Ch08/estate/images/house05.gif
new file mode 100644
index 0000000..a9cd5a6
Binary files /dev/null and b/Ch08/estate/images/house05.gif differ
diff --git a/Ch08/estate/images/house06-126.gif b/Ch08/estate/images/house06-126.gif
new file mode 100644
index 0000000..bc21e43
Binary files /dev/null and b/Ch08/estate/images/house06-126.gif differ
diff --git a/Ch08/estate/images/house06.gif b/Ch08/estate/images/house06.gif
new file mode 100644
index 0000000..eee0d35
Binary files /dev/null and b/Ch08/estate/images/house06.gif differ
diff --git a/Ch08/estate/images/house07-153.gif b/Ch08/estate/images/house07-153.gif
new file mode 100644
index 0000000..1b9453b
Binary files /dev/null and b/Ch08/estate/images/house07-153.gif differ
diff --git a/Ch08/estate/images/house07.gif b/Ch08/estate/images/house07.gif
new file mode 100644
index 0000000..f6a56a2
Binary files /dev/null and b/Ch08/estate/images/house07.gif differ
diff --git a/Ch08/estate/images/house07.tif b/Ch08/estate/images/house07.tif
new file mode 100644
index 0000000..f01183c
Binary files /dev/null and b/Ch08/estate/images/house07.tif differ
diff --git a/Ch08/estate/images/house08.jpg b/Ch08/estate/images/house08.jpg
new file mode 100644
index 0000000..3ae4faf
Binary files /dev/null and b/Ch08/estate/images/house08.jpg differ
diff --git a/Ch08/estate/images/house08.tif b/Ch08/estate/images/house08.tif
new file mode 100644
index 0000000..cff6af7
Binary files /dev/null and b/Ch08/estate/images/house08.tif differ
diff --git a/Ch08/estate/images/house09-semi-110.gif b/Ch08/estate/images/house09-semi-110.gif
new file mode 100644
index 0000000..03e176b
Binary files /dev/null and b/Ch08/estate/images/house09-semi-110.gif differ
diff --git a/Ch08/estate/images/house09-semi.gif b/Ch08/estate/images/house09-semi.gif
new file mode 100644
index 0000000..d690a0b
Binary files /dev/null and b/Ch08/estate/images/house09-semi.gif differ
diff --git a/Ch08/estate/images/house10-151.gif b/Ch08/estate/images/house10-151.gif
new file mode 100644
index 0000000..a027584
Binary files /dev/null and b/Ch08/estate/images/house10-151.gif differ
diff --git a/Ch08/estate/images/house10.gif b/Ch08/estate/images/house10.gif
new file mode 100644
index 0000000..ff3b51a
Binary files /dev/null and b/Ch08/estate/images/house10.gif differ
diff --git a/Ch08/estate/images/house11-127.gif b/Ch08/estate/images/house11-127.gif
new file mode 100644
index 0000000..5c79e59
Binary files /dev/null and b/Ch08/estate/images/house11-127.gif differ
diff --git a/Ch08/estate/images/house11.gif b/Ch08/estate/images/house11.gif
new file mode 100644
index 0000000..d2e3c65
Binary files /dev/null and b/Ch08/estate/images/house11.gif differ
diff --git a/Ch08/estate/images/house12-102.gif b/Ch08/estate/images/house12-102.gif
new file mode 100644
index 0000000..33e6ebe
Binary files /dev/null and b/Ch08/estate/images/house12-102.gif differ
diff --git a/Ch08/estate/images/house12.gif b/Ch08/estate/images/house12.gif
new file mode 100644
index 0000000..9c24452
Binary files /dev/null and b/Ch08/estate/images/house12.gif differ
diff --git a/Ch08/estate/images/house_on_river.gif b/Ch08/estate/images/house_on_river.gif
new file mode 100644
index 0000000..8858552
Binary files /dev/null and b/Ch08/estate/images/house_on_river.gif differ
diff --git a/Ch08/estate/images/lighthouse.wmf b/Ch08/estate/images/lighthouse.wmf
new file mode 100644
index 0000000..8429622
Binary files /dev/null and b/Ch08/estate/images/lighthouse.wmf differ
diff --git a/Ch08/estate/images/pictures/Thumbs.db b/Ch08/estate/images/pictures/Thumbs.db
new file mode 100644
index 0000000..c72458a
Binary files /dev/null and b/Ch08/estate/images/pictures/Thumbs.db differ
diff --git a/Ch08/estate/images/pictures/bung13-semi-thumb.gif b/Ch08/estate/images/pictures/bung13-semi-thumb.gif
new file mode 100644
index 0000000..766ba86
Binary files /dev/null and b/Ch08/estate/images/pictures/bung13-semi-thumb.gif differ
diff --git a/Ch08/estate/images/pictures/bung13-semi.gif b/Ch08/estate/images/pictures/bung13-semi.gif
new file mode 100644
index 0000000..7114f1a
Binary files /dev/null and b/Ch08/estate/images/pictures/bung13-semi.gif differ
diff --git a/Ch08/estate/images/pictures/bung14-semi-thumb.gif b/Ch08/estate/images/pictures/bung14-semi-thumb.gif
new file mode 100644
index 0000000..f531727
Binary files /dev/null and b/Ch08/estate/images/pictures/bung14-semi-thumb.gif differ
diff --git a/Ch08/estate/images/pictures/bung14-semi.gif b/Ch08/estate/images/pictures/bung14-semi.gif
new file mode 100644
index 0000000..9b21e35
Binary files /dev/null and b/Ch08/estate/images/pictures/bung14-semi.gif differ
diff --git a/Ch08/estate/images/pictures/default.jpg b/Ch08/estate/images/pictures/default.jpg
new file mode 100644
index 0000000..817242d
Binary files /dev/null and b/Ch08/estate/images/pictures/default.jpg differ
diff --git a/Ch08/estate/images/pictures/house01-191.gif b/Ch08/estate/images/pictures/house01-191.gif
new file mode 100644
index 0000000..f6c8b77
Binary files /dev/null and b/Ch08/estate/images/pictures/house01-191.gif differ
diff --git a/Ch08/estate/images/pictures/house01.gif b/Ch08/estate/images/pictures/house01.gif
new file mode 100644
index 0000000..5fbda95
Binary files /dev/null and b/Ch08/estate/images/pictures/house01.gif differ
diff --git a/Ch08/estate/images/pictures/house02-120.gif b/Ch08/estate/images/pictures/house02-120.gif
new file mode 100644
index 0000000..61ae675
Binary files /dev/null and b/Ch08/estate/images/pictures/house02-120.gif differ
diff --git a/Ch08/estate/images/pictures/house02.gif b/Ch08/estate/images/pictures/house02.gif
new file mode 100644
index 0000000..2266507
Binary files /dev/null and b/Ch08/estate/images/pictures/house02.gif differ
diff --git a/Ch08/estate/images/pictures/house03-137-semi.gif b/Ch08/estate/images/pictures/house03-137-semi.gif
new file mode 100644
index 0000000..baad192
Binary files /dev/null and b/Ch08/estate/images/pictures/house03-137-semi.gif differ
diff --git a/Ch08/estate/images/pictures/house03-semi.gif b/Ch08/estate/images/pictures/house03-semi.gif
new file mode 100644
index 0000000..e73fcbe
Binary files /dev/null and b/Ch08/estate/images/pictures/house03-semi.gif differ
diff --git a/Ch08/estate/images/pictures/house04-137-semi.gif b/Ch08/estate/images/pictures/house04-137-semi.gif
new file mode 100644
index 0000000..a22cec4
Binary files /dev/null and b/Ch08/estate/images/pictures/house04-137-semi.gif differ
diff --git a/Ch08/estate/images/pictures/house04-semi.tif b/Ch08/estate/images/pictures/house04-semi.tif
new file mode 100644
index 0000000..4bcfaad
Binary files /dev/null and b/Ch08/estate/images/pictures/house04-semi.tif differ
diff --git a/Ch08/estate/images/pictures/house05-104.gif b/Ch08/estate/images/pictures/house05-104.gif
new file mode 100644
index 0000000..265f0fc
Binary files /dev/null and b/Ch08/estate/images/pictures/house05-104.gif differ
diff --git a/Ch08/estate/images/pictures/house05.gif b/Ch08/estate/images/pictures/house05.gif
new file mode 100644
index 0000000..a9cd5a6
Binary files /dev/null and b/Ch08/estate/images/pictures/house05.gif differ
diff --git a/Ch08/estate/images/pictures/house06-126.gif b/Ch08/estate/images/pictures/house06-126.gif
new file mode 100644
index 0000000..bc21e43
Binary files /dev/null and b/Ch08/estate/images/pictures/house06-126.gif differ
diff --git a/Ch08/estate/images/pictures/house06.gif b/Ch08/estate/images/pictures/house06.gif
new file mode 100644
index 0000000..eee0d35
Binary files /dev/null and b/Ch08/estate/images/pictures/house06.gif differ
diff --git a/Ch08/estate/images/pictures/house07-153.gif b/Ch08/estate/images/pictures/house07-153.gif
new file mode 100644
index 0000000..1b9453b
Binary files /dev/null and b/Ch08/estate/images/pictures/house07-153.gif differ
diff --git a/Ch08/estate/images/pictures/house07.gif b/Ch08/estate/images/pictures/house07.gif
new file mode 100644
index 0000000..f6a56a2
Binary files /dev/null and b/Ch08/estate/images/pictures/house07.gif differ
diff --git a/Ch08/estate/images/pictures/house07.tif b/Ch08/estate/images/pictures/house07.tif
new file mode 100644
index 0000000..f01183c
Binary files /dev/null and b/Ch08/estate/images/pictures/house07.tif differ
diff --git a/Ch08/estate/images/pictures/house08.jpg b/Ch08/estate/images/pictures/house08.jpg
new file mode 100644
index 0000000..3ae4faf
Binary files /dev/null and b/Ch08/estate/images/pictures/house08.jpg differ
diff --git a/Ch08/estate/images/pictures/house08.tif b/Ch08/estate/images/pictures/house08.tif
new file mode 100644
index 0000000..cff6af7
Binary files /dev/null and b/Ch08/estate/images/pictures/house08.tif differ
diff --git a/Ch08/estate/images/pictures/house09-semi-110.gif b/Ch08/estate/images/pictures/house09-semi-110.gif
new file mode 100644
index 0000000..03e176b
Binary files /dev/null and b/Ch08/estate/images/pictures/house09-semi-110.gif differ
diff --git a/Ch08/estate/images/pictures/house09-semi.gif b/Ch08/estate/images/pictures/house09-semi.gif
new file mode 100644
index 0000000..d690a0b
Binary files /dev/null and b/Ch08/estate/images/pictures/house09-semi.gif differ
diff --git a/Ch08/estate/images/pictures/house10-151.gif b/Ch08/estate/images/pictures/house10-151.gif
new file mode 100644
index 0000000..a027584
Binary files /dev/null and b/Ch08/estate/images/pictures/house10-151.gif differ
diff --git a/Ch08/estate/images/pictures/house10.gif b/Ch08/estate/images/pictures/house10.gif
new file mode 100644
index 0000000..ff3b51a
Binary files /dev/null and b/Ch08/estate/images/pictures/house10.gif differ
diff --git a/Ch08/estate/images/pictures/house11-127.gif b/Ch08/estate/images/pictures/house11-127.gif
new file mode 100644
index 0000000..5c79e59
Binary files /dev/null and b/Ch08/estate/images/pictures/house11-127.gif differ
diff --git a/Ch08/estate/images/pictures/house11.gif b/Ch08/estate/images/pictures/house11.gif
new file mode 100644
index 0000000..d2e3c65
Binary files /dev/null and b/Ch08/estate/images/pictures/house11.gif differ
diff --git a/Ch08/estate/images/pictures/house12-102.gif b/Ch08/estate/images/pictures/house12-102.gif
new file mode 100644
index 0000000..33e6ebe
Binary files /dev/null and b/Ch08/estate/images/pictures/house12-102.gif differ
diff --git a/Ch08/estate/images/pictures/house12.gif b/Ch08/estate/images/pictures/house12.gif
new file mode 100644
index 0000000..9c24452
Binary files /dev/null and b/Ch08/estate/images/pictures/house12.gif differ
diff --git a/Ch08/estate/images/pictures/house_on_river.gif b/Ch08/estate/images/pictures/house_on_river.gif
new file mode 100644
index 0000000..8858552
Binary files /dev/null and b/Ch08/estate/images/pictures/house_on_river.gif differ
diff --git a/Ch08/estate/images/rosette-128.png b/Ch08/estate/images/rosette-128.png
new file mode 100644
index 0000000..77dd785
Binary files /dev/null and b/Ch08/estate/images/rosette-128.png differ
diff --git a/Ch08/estate/images/thumbs/Thumbs.db b/Ch08/estate/images/thumbs/Thumbs.db
new file mode 100644
index 0000000..c72458a
Binary files /dev/null and b/Ch08/estate/images/thumbs/Thumbs.db differ
diff --git a/Ch08/estate/images/thumbs/bung13-semi-thumb.gif b/Ch08/estate/images/thumbs/bung13-semi-thumb.gif
new file mode 100644
index 0000000..766ba86
Binary files /dev/null and b/Ch08/estate/images/thumbs/bung13-semi-thumb.gif differ
diff --git a/Ch08/estate/images/thumbs/bung13-semi.gif b/Ch08/estate/images/thumbs/bung13-semi.gif
new file mode 100644
index 0000000..7114f1a
Binary files /dev/null and b/Ch08/estate/images/thumbs/bung13-semi.gif differ
diff --git a/Ch08/estate/images/thumbs/bung14-semi-thumb.gif b/Ch08/estate/images/thumbs/bung14-semi-thumb.gif
new file mode 100644
index 0000000..f531727
Binary files /dev/null and b/Ch08/estate/images/thumbs/bung14-semi-thumb.gif differ
diff --git a/Ch08/estate/images/thumbs/bung14-semi.gif b/Ch08/estate/images/thumbs/bung14-semi.gif
new file mode 100644
index 0000000..9b21e35
Binary files /dev/null and b/Ch08/estate/images/thumbs/bung14-semi.gif differ
diff --git a/Ch08/estate/images/thumbs/default.jpg b/Ch08/estate/images/thumbs/default.jpg
new file mode 100644
index 0000000..d04225e
Binary files /dev/null and b/Ch08/estate/images/thumbs/default.jpg differ
diff --git a/Ch08/estate/images/thumbs/house01-191.gif b/Ch08/estate/images/thumbs/house01-191.gif
new file mode 100644
index 0000000..f6c8b77
Binary files /dev/null and b/Ch08/estate/images/thumbs/house01-191.gif differ
diff --git a/Ch08/estate/images/thumbs/house01.gif b/Ch08/estate/images/thumbs/house01.gif
new file mode 100644
index 0000000..5fbda95
Binary files /dev/null and b/Ch08/estate/images/thumbs/house01.gif differ
diff --git a/Ch08/estate/images/thumbs/house02-120.gif b/Ch08/estate/images/thumbs/house02-120.gif
new file mode 100644
index 0000000..61ae675
Binary files /dev/null and b/Ch08/estate/images/thumbs/house02-120.gif differ
diff --git a/Ch08/estate/images/thumbs/house02.gif b/Ch08/estate/images/thumbs/house02.gif
new file mode 100644
index 0000000..2266507
Binary files /dev/null and b/Ch08/estate/images/thumbs/house02.gif differ
diff --git a/Ch08/estate/images/thumbs/house03-137-semi.gif b/Ch08/estate/images/thumbs/house03-137-semi.gif
new file mode 100644
index 0000000..baad192
Binary files /dev/null and b/Ch08/estate/images/thumbs/house03-137-semi.gif differ
diff --git a/Ch08/estate/images/thumbs/house03-semi.gif b/Ch08/estate/images/thumbs/house03-semi.gif
new file mode 100644
index 0000000..e73fcbe
Binary files /dev/null and b/Ch08/estate/images/thumbs/house03-semi.gif differ
diff --git a/Ch08/estate/images/thumbs/house04-137-semi.gif b/Ch08/estate/images/thumbs/house04-137-semi.gif
new file mode 100644
index 0000000..a22cec4
Binary files /dev/null and b/Ch08/estate/images/thumbs/house04-137-semi.gif differ
diff --git a/Ch08/estate/images/thumbs/house04-semi.tif b/Ch08/estate/images/thumbs/house04-semi.tif
new file mode 100644
index 0000000..4bcfaad
Binary files /dev/null and b/Ch08/estate/images/thumbs/house04-semi.tif differ
diff --git a/Ch08/estate/images/thumbs/house05-104.gif b/Ch08/estate/images/thumbs/house05-104.gif
new file mode 100644
index 0000000..265f0fc
Binary files /dev/null and b/Ch08/estate/images/thumbs/house05-104.gif differ
diff --git a/Ch08/estate/images/thumbs/house05.gif b/Ch08/estate/images/thumbs/house05.gif
new file mode 100644
index 0000000..a9cd5a6
Binary files /dev/null and b/Ch08/estate/images/thumbs/house05.gif differ
diff --git a/Ch08/estate/images/thumbs/house06-126.gif b/Ch08/estate/images/thumbs/house06-126.gif
new file mode 100644
index 0000000..bc21e43
Binary files /dev/null and b/Ch08/estate/images/thumbs/house06-126.gif differ
diff --git a/Ch08/estate/images/thumbs/house06.gif b/Ch08/estate/images/thumbs/house06.gif
new file mode 100644
index 0000000..eee0d35
Binary files /dev/null and b/Ch08/estate/images/thumbs/house06.gif differ
diff --git a/Ch08/estate/images/thumbs/house07-153.gif b/Ch08/estate/images/thumbs/house07-153.gif
new file mode 100644
index 0000000..1b9453b
Binary files /dev/null and b/Ch08/estate/images/thumbs/house07-153.gif differ
diff --git a/Ch08/estate/images/thumbs/house07.gif b/Ch08/estate/images/thumbs/house07.gif
new file mode 100644
index 0000000..f6a56a2
Binary files /dev/null and b/Ch08/estate/images/thumbs/house07.gif differ
diff --git a/Ch08/estate/images/thumbs/house07.tif b/Ch08/estate/images/thumbs/house07.tif
new file mode 100644
index 0000000..f01183c
Binary files /dev/null and b/Ch08/estate/images/thumbs/house07.tif differ
diff --git a/Ch08/estate/images/thumbs/house08.jpg b/Ch08/estate/images/thumbs/house08.jpg
new file mode 100644
index 0000000..3ae4faf
Binary files /dev/null and b/Ch08/estate/images/thumbs/house08.jpg differ
diff --git a/Ch08/estate/images/thumbs/house08.tif b/Ch08/estate/images/thumbs/house08.tif
new file mode 100644
index 0000000..cff6af7
Binary files /dev/null and b/Ch08/estate/images/thumbs/house08.tif differ
diff --git a/Ch08/estate/images/thumbs/house09-semi-110.gif b/Ch08/estate/images/thumbs/house09-semi-110.gif
new file mode 100644
index 0000000..03e176b
Binary files /dev/null and b/Ch08/estate/images/thumbs/house09-semi-110.gif differ
diff --git a/Ch08/estate/images/thumbs/house09-semi.gif b/Ch08/estate/images/thumbs/house09-semi.gif
new file mode 100644
index 0000000..d690a0b
Binary files /dev/null and b/Ch08/estate/images/thumbs/house09-semi.gif differ
diff --git a/Ch08/estate/images/thumbs/house10-151.gif b/Ch08/estate/images/thumbs/house10-151.gif
new file mode 100644
index 0000000..a027584
Binary files /dev/null and b/Ch08/estate/images/thumbs/house10-151.gif differ
diff --git a/Ch08/estate/images/thumbs/house10.gif b/Ch08/estate/images/thumbs/house10.gif
new file mode 100644
index 0000000..ff3b51a
Binary files /dev/null and b/Ch08/estate/images/thumbs/house10.gif differ
diff --git a/Ch08/estate/images/thumbs/house11-127.gif b/Ch08/estate/images/thumbs/house11-127.gif
new file mode 100644
index 0000000..5c79e59
Binary files /dev/null and b/Ch08/estate/images/thumbs/house11-127.gif differ
diff --git a/Ch08/estate/images/thumbs/house11.gif b/Ch08/estate/images/thumbs/house11.gif
new file mode 100644
index 0000000..d2e3c65
Binary files /dev/null and b/Ch08/estate/images/thumbs/house11.gif differ
diff --git a/Ch08/estate/images/thumbs/house12-102.gif b/Ch08/estate/images/thumbs/house12-102.gif
new file mode 100644
index 0000000..33e6ebe
Binary files /dev/null and b/Ch08/estate/images/thumbs/house12-102.gif differ
diff --git a/Ch08/estate/images/thumbs/house12.gif b/Ch08/estate/images/thumbs/house12.gif
new file mode 100644
index 0000000..9c24452
Binary files /dev/null and b/Ch08/estate/images/thumbs/house12.gif differ
diff --git a/Ch08/estate/images/thumbs/house_on_river.gif b/Ch08/estate/images/thumbs/house_on_river.gif
new file mode 100644
index 0000000..8858552
Binary files /dev/null and b/Ch08/estate/images/thumbs/house_on_river.gif differ
diff --git a/Ch08/estate/includes/another-button.php b/Ch08/estate/includes/another-button.php
new file mode 100644
index 0000000..ebfe024
--- /dev/null
+++ b/Ch08/estate/includes/another-button.php
@@ -0,0 +1,17 @@
+<div style="padding-top: 10px; padding-bottom: 10px; padding-right: 15px;">
+     <nav class="float-center navbar navbar-expand-md navbar-dark">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu1">
+    <span class="navbar-toggler-icon"></span>
+  </button>
+	 <div class="btn-group btn-group-sm collapse navbar-collapse" id="collapsibleMenu1"  role="group" aria-label="Button Group">
+	 <div class="navbar-nav flex-column" style="width: 140px;">
+      
+	 <a class="btn btn-primary nav-item" style="background:#559a55; border: 5px outset #559a55;" href="advert.php" role="button">Another House?</a>
+	
+	 
+	 <a class="btn btn-primary nav-item" style="background:#559a55; border: 5px outset #559a55;" href="index.php" role="button">Home Page</a>
+	 
+	 </div>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch08/estate/includes/footer.php b/Ch08/estate/includes/footer.php
new file mode 100644
index 0000000..742b705
--- /dev/null
+++ b/Ch08/estate/includes/footer.php
@@ -0,0 +1,5 @@
+<p>Copyright &copy; Adrian West & Steve Prettyman 2017  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch08/estate/includes/header.php b/Ch08/estate/includes/header.php
new file mode 100644
index 0000000..a4adc1e
--- /dev/null
+++ b/Ch08/estate/includes/header.php
@@ -0,0 +1,9 @@
+<div class="jumbotron text-center row mx-auto" id="includeheader"> 
+<div class="col-sm-12">
+<h1 class="text-left"><strong>Devon Real Estate</strong></h1>
+<h2 class="text-center">Try our award winning service</h2>
+</div>
+</div>
+<img id="rosette" alt="Rosette" title="Rosette" height="127" 
+src="images/rosette-128.png" width="128">
+
diff --git a/Ch08/estate/includes/header_3btn.php b/Ch08/estate/includes/header_3btn.php
new file mode 100644
index 0000000..1c84dac
--- /dev/null
+++ b/Ch08/estate/includes/header_3btn.php
@@ -0,0 +1,15 @@
+<div class="jumbotron text-center row mx-auto" id="includeheader"> 
+<div class="col-sm-10">
+<h1 class="text-left"><strong>Devon Real Estate</strong></h1>
+<h2 class="text-center">Try our award winning service</h2>
+</div>
+  <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" style="width: 140px; margin-top:-25px;" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'advert_houses.php'" >View Houses</button>
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'advert_search.php'">Search</button>
+   <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'index.php'">Home Page</button>
+</div>
+    </nav>
+</div>
+<img id="rosette1" alt="Rosette" title="Rosette" height="127" 
+src="images/rosette-128.png" width="128">
\ No newline at end of file
diff --git a/Ch08/estate/includes/header_4btn.php b/Ch08/estate/includes/header_4btn.php
new file mode 100644
index 0000000..68857d2
--- /dev/null
+++ b/Ch08/estate/includes/header_4btn.php
@@ -0,0 +1,17 @@
+<div class="jumbotron text-center row mx-auto" id="includeheader"> 
+<div class="col-sm-10">
+<h1 class="text-left"><strong>Devon Real Estate</strong></h1>
+<h2 class="text-center">Try our award winning service</h2>
+</div>
+  <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" style="width: 140px; margin-top:-30px; margin-bottom: 10px;" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'advert_houses.php'" >View Houses</button>
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'contact.php'">Contact Us</button>
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'advert.php'">Add a House</button>
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'logout.php'">Log Out</button>
+   <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'index.php'">Home Page</button>
+</div>
+    </nav>
+</div>
+<img id="rosette1" alt="Rosette" title="Rosette" height="127" 
+src="images/rosette-128.png" width="128">
\ No newline at end of file
diff --git a/Ch08/estate/includes/header_advert.php b/Ch08/estate/includes/header_advert.php
new file mode 100644
index 0000000..6023e3a
--- /dev/null
+++ b/Ch08/estate/includes/header_advert.php
@@ -0,0 +1,14 @@
+<div class="jumbotron text-center row mx-auto" id="includeheader"> 
+<div class="col-sm-10">
+<h1 class="text-left"><strong>Devon Real Estate</strong></h1>
+<h2 class="text-center">Try our award winning service</h2>
+</div>
+  <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" style="width: 140px;" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'advert_houses.php'" >View Houses</button>
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'advert_search.php'">Search</button>
+</div>
+    </nav>
+</div>
+<img id="rosette1" alt="Rosette" title="Rosette" height="127" 
+src="images/rosette-128.png" width="128">
\ No newline at end of file
diff --git a/Ch08/estate/includes/header_found_houses.php b/Ch08/estate/includes/header_found_houses.php
new file mode 100644
index 0000000..753cf6c
--- /dev/null
+++ b/Ch08/estate/includes/header_found_houses.php
@@ -0,0 +1,18 @@
+
+<div class="jumbotron text-center row mx-auto" id="includeheader"> 
+<div class="col-sm-10">
+<h1 class="text-left"><strong>Devon Real Estate</strong></h1>
+<h2 class="text-center">Try our award winning service</h2>
+</div>
+  <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" role="group" style="width: 140px;" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'contact.php'" >Contact Us</button>
+  <button type="button" class="btn btn-secondary" id="buttons" onclick="location.href = 'index.php'">Home Page</button>
+</div>
+    </nav>
+</div>
+<img id="rosette1" alt="Rosette" title="Rosette" height="127" 
+src="images/rosette-128.png" width="128">
+
+
+ 
\ No newline at end of file
diff --git a/Ch08/estate/includes/menu.php b/Ch08/estate/includes/menu.php
new file mode 100644
index 0000000..ae50f4b
--- /dev/null
+++ b/Ch08/estate/includes/menu.php
@@ -0,0 +1,26 @@
+
+
+
+<div style="padding-top: 10px; padding-bottom: 10px; padding-right: 15px;">
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu1">
+    <span class="navbar-toggler-icon"></span>
+  </button>
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu1"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+      <li class="nav-item">
+	 <a class="btn btn-primary" style="background:#559a55; border: 5px outset #559a55;" href="#" role="button">About Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" style="background:#559a55; border: 5px outset #559a55;" href="#" role="button">FAQs</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" style="background:#559a55; border: 5px outset #559a55;" href="contact.php" role="button">Contact Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" style="background:#559a55; border: 5px outset #559a55;" href="index.php" role="button">Home Page</a>
+	 </li>
+	 </ul>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch08/estate/index.php b/Ch08/estate/index.php
new file mode 100644
index 0000000..0d43002
--- /dev/null
+++ b/Ch08/estate/index.php
@@ -0,0 +1,120 @@
+<!DOCTYPE html>
+<?php
+session_start();
+$_SESSION['previous_url'] = 'index';
+?>
+<html lang="en">
+<head>
+  <title>Estate Home Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<div class="row">
+    <div class="col-sm-4">
+    <h4>Search for your dream house</h4>
+	<h6>IMPORTANT: Select an item in
+	ALL fields otherwise the search will not succeed</h6>
+<form action="found_houses.php" method="post"
+name="searchform" id="searchform">
+
+<div class="form-group row form-control-sm no-gutters" style="padding: 0px;">
+<div class="col-sm-3"></div>
+<div class="col-sm-6" style="padding: 0px;">
+      <label for="location" class="col-form-label text-right">
+	  Location:</label>  
+      <select id="location" name="location" class="form-control" required>
+        <option selected value="">- Select -</option>
+	<option value="South_Devon">South Devon</option>
+	<option value="Mid_Devon">Mid Devon</option>
+	<option value="North_Devon">North Devon</option>
+	</select>
+	</div>
+	</div>  
+<div class="form-group row form-control-sm no-gutters" style="padding: 0px;" >
+<div class="col-sm-3"></div>
+<div class="col-sm-6" style="padding: 0px;">
+      <label for="price" class=" col-form-label text-right">
+	  Maximum Price:</label>
+      <select id="price" name="price" class="form-control" required>
+        <option selected value="">- Select -</option>
+	<option value="200000">&pound;200,000</option>
+	<option value="300000">&pound;300,000</option>
+	<option value="400000">&pound;400,000</option>
+	</select>
+	</div>
+	</div>  
+<div class="form-group row form-control-sm no-gutters" style="padding: 0px;" >
+<div class="col-sm-3"></div>
+<div class="col-sm-6" style="padding: 0px;" >
+      <label for="type" class="col-form-label text-right">
+	  Type:</label>
+      <select id="type" name="type" class="form-control" required>
+        <option selected value="">- Select -</option>
+	<option value="Det-bung">Detached Bungalow</option>
+	<option value="Semi-det-bung">Semi-detached Bungalow</option>
+	<option value="Det-house">Detached House</option>
+	<option value="Semi-det-house">Semi-detached House</option>
+	</select>
+	</div>
+	</div> 	
+<div class="form-group row form-control-sm no-gutters" style="padding: 0px;">
+<div class="col-sm-3"></div>
+<div class="col-sm-6" style="padding: 0px;">
+      <label for="bedrooms" class="col-form-label text-right">
+	  No. of Bedrooms:</label>
+      <select id="bedrooms" name="bedrooms" class="form-control" style="margin: 0px;" required>
+        <option selected value="">- Select -</option>
+	<option value="1">1</option>
+	<option value="2">2</option>
+	<option value="3">3</option>
+	<option value="4">4</option>
+	</select>
+	</div>
+	</div>  		
+<div class="form-group row form-control-sm ">
+	<label for="" class="col-sm-3 col-form-label"></label>
+    <div class="col-sm-6 text-center style="padding: 0px;" >
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Search">
+    </div>
+	</div>
+</form>
+</div>
+<div class="col-sm-4">
+<h6>All houses are situated in the beautiful green rolling countryside of Devon, England, UK</h6>
+	<img alt="SW England" class="img-fluid"  src="images/devon-map-crop.jpg" >
+</div>
+<div class="col-sm-4">
+<?php include ('includes/menu.php'); ?>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch08/estate/login.php b/Ch08/estate/login.php
new file mode 100644
index 0000000..136b2eb
--- /dev/null
+++ b/Ch08/estate/login.php
@@ -0,0 +1,85 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Login page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px">
+<!-- Header Section -->
+<header>
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<div class="row">
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                
+ require('process-login.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-10">
+<h2 class="h2 text-center">Login</h2>
+<form action="login.php" method="post" name="loginform" id="loginform">
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail Address:</label>
+    <div class="col-sm-6">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password" class="col-sm-4 col-form-label text-right">Password:</label>
+    <div class="col-sm-6">
+      <input type="password" class="form-control" id="password" name="password" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password'])) 
+		echo htmlspecialchars($_POST['password'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+    <div class="col-sm-6">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Login">
+    </div>
+	</div>
+	</form>
+</div>
+
+<!-- Right-side Column Content Section -->
+<?php
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/menu.php');
+    echo '</aside>'; }
+?>
+</div></div></div></div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php  include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</body>
+</html>
diff --git a/Ch08/estate/logout.php b/Ch08/estate/logout.php
new file mode 100644
index 0000000..d8abea1
--- /dev/null
+++ b/Ch08/estate/logout.php
@@ -0,0 +1,18 @@
+<?php
+session_start();//access the current session.                  
+// if no session variable exists then redirect the user
+if (!isset($_SESSION['user_id'])) {        
+header("location:index.php");
+exit();
+//cancel the session and redirect the user:
+}else{ //cancel the session
+    $_SESSION = array(); // Destroy the variables
+	$params = session_get_cookie_params();
+	// Destroy the cookie
+	setcookie(session_name(), '', time()-42000,
+	$params["path"], $params["domain"],
+	$params["secure"], $params["httponly"]);
+if (session_status() == PHP_SESSION_ACTIVE) { 
+session_destroy(); } // Destroy the session itself
+header("location:index.php");
+	}
diff --git a/Ch08/estate/mysqli_connect.php b/Ch08/estate/mysqli_connect.php
new file mode 100644
index 0000000..cca0b9a
--- /dev/null
+++ b/Ch08/estate/mysqli_connect.php
@@ -0,0 +1,12 @@
+<?php 
+// Create a connection to the migrate database and to MySQL
+// Set the encoding to utf-8
+// Set the database access details as constants
+DEFINE ('DB_USER', 'smeeton');
+DEFINE ('DB_PASSWORD', 'L1ghth0us3');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'estatedb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
\ No newline at end of file
diff --git a/Ch08/estate/process-login.php b/Ch08/estate/process-login.php
new file mode 100644
index 0000000..5420d07
--- /dev/null
+++ b/Ch08/estate/process-login.php
@@ -0,0 +1,110 @@
+<?php 
+define('ERROR_LOG','errors.log');
+// This section processes submissions from the login form
+// Check if the form has been submitted:
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    //connect to database
+try {
+    require ('mysqli_connect.php');
+// Check that an email address has been entered				
+  $email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($email)) || (!filter_var($email, FILTER_VALIDATE_EMAIL))
+			|| (strlen($email > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password = filter_var( $_POST['password'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password);		
+if (empty($password)){  
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+}
+}	
+   if (empty($errors)) { // If everything's OK.         #1
+// Retrieve the user_id, psword, first_name and user_level for that
+// email/password combination
+ $query = "SELECT userid, password, first_name, user_level FROM users ";
+ $query .= "WHERE email=?";
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) == 1) {
+//if one database row (record) matches the input:-
+// Start the session, fetch the record and insert the 
+// values in an array 
+if (password_verify($password, $row[1])) {          //#2
+session_start();								
+// Ensure that the user level is an integer. 
+$_SESSION['user_id'] = $row[0];
+$_SESSION['user_level'] = (int) $row[3];
+// Use a ternary operation to set the URL             #3
+$url = ($_SESSION['user_level'] === 1) ? 'advert.php' :
+ 'members-page.php'; 
+header('Location: ' . $url); 
+// Make the browser load either the members or the admin page
+} else { // No password match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps your fee has not yet been processed from ';
+$errors[] = ' PayPal or the credit card.';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} else { // No e-mail match was made.
+$errors[] = 'E-mail/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} 
+if (!empty($errors)) {                     
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+		}// End of if (!empty($errors)) IF.
+
+}
+ catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+} // no else to allow user to enter values
+?>
\ No newline at end of file
diff --git a/Ch08/estate/process-register-page.php b/Ch08/estate/process-register-page.php
new file mode 100644
index 0000000..d624618
--- /dev/null
+++ b/Ch08/estate/process-register-page.php
@@ -0,0 +1,128 @@
+<?php
+define('ERROR_LOG','errors.log');
+// Has the form been submitted?
+try {
+require ('mysqli_connect.php'); // Connect to the database
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}							
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password1trim);		
+if (empty($password1trim)){   //                                             #7
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password1trim)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+$password2trim = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);	
+if($password1trim === $password2trim) { //                                 #9
+$password = $password1trim;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+}
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT userid FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $emailtrim);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+
+	$query = "INSERT INTO users (userid, first_name, last_name, email, password) "; 
+    $query .= "VALUES ";
+	$query .= "(' ',?,?,?,?)"; 	
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'ssss', $first_nametrim, $last_nametrim, $emailtrim, $hashed_password);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+    $complete = "Userid Created!";					
+	} else {
+	// echo 'Invalid query:' . $dbcon->error; 
+    $errorstring = "System is busy, please try later";
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+	}
+	}else{//The email address is already registered                         
+    $errorstring = 'The email address is already registered.';
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+$errorstring = 'Error! The following error(s) occurred: ';
+foreach ($errors as $msg) { // Print each error.				
+$errorstring .= " - $msg<br>\n";
+    }
+$errorstring .= 'Please try again.';
+echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+    }// End of if (empty($errors)) IF.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch08/estate/rosette-128.png b/Ch08/estate/rosette-128.png
new file mode 100644
index 0000000..77dd785
Binary files /dev/null and b/Ch08/estate/rosette-128.png differ
diff --git a/Ch08/estate/rosette.jpeg b/Ch08/estate/rosette.jpeg
new file mode 100644
index 0000000..f740b43
Binary files /dev/null and b/Ch08/estate/rosette.jpeg differ
diff --git a/Ch08/estate/safer-register-page.php b/Ch08/estate/safer-register-page.php
new file mode 100644
index 0000000..a836015
--- /dev/null
+++ b/Ch08/estate/safer-register-page.php
@@ -0,0 +1,141 @@
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header>
+  <?php include('includes/header_advert.php'); ?>
+</header>
+
+<!-- Body Section -->
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                             
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="content mx-auto" id="contents" style="padding-top:10px">
+<!-- Body Section -->
+  <div class="row" style="padding-left: 0px;">
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<h3 class="h3 text-center">
+<?php
+if (isset($complete)) 
+{ echo $complete; }
+else if (isset($errorstring))
+	{
+		echo $errorstring;
+	} else {
+echo "Items marked with an asterisk * are required";
+}
+?>
+</h3>
+<form action="safer-register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="float-left g-recaptcha" style="margin-left: 60px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<aside class="col-sm-4">
+<?php	include('includes/menu.php'); ?>
+</aside>
+</div>
+</div>
+
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>	
+  </div>
+</body>
+</html>
diff --git a/Ch08/estate/transparent.css b/Ch08/estate/transparent.css
new file mode 100644
index 0000000..b25f2a8
--- /dev/null
+++ b/Ch08/estate/transparent.css
@@ -0,0 +1,20 @@
+body { background:linear-gradient(green, #9ff781); font-family:arial; font-size: 100%;
+}
+html { min-height: 100% }
+#includeheader {border:10px white solid;}
+}
+#container {
+	margin:auto;
+}
+h2 { margin-top: 20px; }
+label { color: black; }
+#submit {margin: 0px; background:#559a55; border: 5px outset #559a55; width: 140px;}
+#includemenu {padding-top: 10px; padding-bottom: 10px; padding-right: 0px; }
+#includefooter {background:#68CE53; padding-top: 5px; padding-bottom: 5px; margin: 0px;}
+#includeheader {width:90%; background:url(images/header3.jpg); background-repeat:no-repeat; margin-bottom: 0px; padding:40px; padding-bottom: 0px; color: white;}
+#contents {background-color:transparent ;margin-top: -135px; border:10px white solid; color: white; width: 90%; }
+#rosette1 { position:relative; left:750px; top:-95px; }
+#rosette { position:relative; left:850px; top:-95px; }
+#buttons {background:#559a55; border: 5px outset #559a55;}
+
+
diff --git a/Ch09/birds/birds.css b/Ch09/birds/birds.css
new file mode 100644
index 0000000..a6102c9
--- /dev/null
+++ b/Ch09/birds/birds.css
@@ -0,0 +1,15 @@
+
+body {text-align:center; background-color:#CCFF99; color:green; 
+font-family: "times new roman";
+font-size: 120%; margin: auto; }
+#container {margin:auto; border:5px black solid; }
+
+header {color:white; background-color:#CCFF99;}	
+}
+label { color: black; }
+#submit {margin: 0px; background:#559a55; border: 5px outset #559a55; width: 140px;}
+#includemenu {padding-top: 10px; padding-bottom: 10px; padding-right: 0px;}
+#includefooter {background:#68CE53; padding-top: 5px; padding-bottom: 5px; margin: 0px;}
+#includeheader { height:auto; background:#95b522; margin-bottom: 0px; padding:0px; background:url('images/header3.jpg'); background-repeat:no-repeat;}
+#contents {background-color:transparent ;margin-top: -7px; color: black; margin: 0px; padding: 0px;}
+#buttons {background:#559a55; border: 5px outset #559a55;}
diff --git a/Ch09/birds/birds.php b/Ch09/birds/birds.php
new file mode 100644
index 0000000..50b7e03
--- /dev/null
+++ b/Ch09/birds/birds.php
@@ -0,0 +1,118 @@
+<?php
+define('ERROR_LOG','errorlog.log');
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Birds Home Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="birds.css">  
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 3px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8 row" style="padding-left: 30px;">
+<h2>The Birds that can be seen on our Reserves</h2>
+<p>
+<?php 
+try
+{
+// This script retrieves all the records from the birds table
+require ('mysqli_connect.php'); // Connect to the database
+// Make the query:
+$q = "SELECT bird_name, rarity, best_time FROM birds ORDER BY bird_name ASC";		
+$result = mysqli_query ($dbcon, $q); // Run the query
+if ($result) { // If it ran OK, display the records
+// Table header
+?>
+<table class="table table-striped" style="background: white;color:black;">
+<tr>
+<th scope="col">Birds Name</th>
+<th scope="col">Rarity</th>
+<th scope="col">Best Time</th>
+</tr>
+<?php
+// Fetch and print all the records
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	$bird_name = htmlspecialchars($row['bird_name'], ENT_QUOTES);
+	$rarity = htmlspecialchars($row['rarity'], ENT_QUOTES);
+	$best_time = htmlspecialchars($row['best_time'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row">' . $bird_name . '</td>
+	<td scope="row">' . $rarity . '</td>
+	<td scope="row">' . $best_time . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table
+	mysqli_free_result ($result); // Free up the resources	
+} else { // If it did not run OK
+// Message
+	echo '<p class="text-center">The current birds could not be retrieved. ';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br />Query: ' . $q . '</p>';
+} // End of if ($result)
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+  // e-mail support person to alert there is a problem
+ //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?></p>
+</div><!-- End of the view birds page content. -->
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2" style="padding-top: 20px; padding-right: 0px;">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;background-color:#CCFF99;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</body>
+</html>
diff --git a/Ch09/birds/birdsdb.sql b/Ch09/birds/birdsdb.sql
new file mode 100644
index 0000000..781adc6
--- /dev/null
+++ b/Ch09/birds/birdsdb.sql
@@ -0,0 +1,210 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 07:10 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `birdsdb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `birds`
+--
+
+CREATE TABLE `birds` (
+  `bird_id` mediumint(4) UNSIGNED NOT NULL,
+  `bird_name` tinytext NOT NULL,
+  `rarity` tinytext NOT NULL,
+  `best_time` tinytext NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `birds`
+--
+
+INSERT INTO `birds` (`bird_id`, `bird_name`, `rarity`, `best_time`) VALUES
+(1, 'Golden Eye', 'Common', 'Winter'),
+(2, 'Wryneck', 'Rare', 'Summer'),
+(3, 'Avocet', 'Common', 'Winter'),
+(4, 'Moorhen', 'Common', 'Anytime');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `location`
+--
+
+CREATE TABLE `location` (
+  `location_id` mediumint(4) UNSIGNED NOT NULL,
+  `location` tinytext NOT NULL,
+  `location_type` tinytext NOT NULL,
+  `bird_id` mediumint(4) UNSIGNED NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `location`
+--
+
+INSERT INTO `location` (`location_id`, `location`, `location_type`, `bird_id`) VALUES
+(1, 'Southpark', 'Ponds', 4),
+(2, 'Wetlands', 'Estuary', 3),
+(3, 'Lakeland', 'Lakes', 1),
+(4, 'Moorfield', 'Moorland', 2),
+(5, 'Heathville', 'Heath', 2);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `prices`
+--
+
+CREATE TABLE `prices` (
+  `oneyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `oneyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `militarygb` decimal(6,0) UNSIGNED NOT NULL,
+  `militaryus` decimal(6,0) UNSIGNED NOT NULL,
+  `u21gb` decimal(6,0) UNSIGNED NOT NULL,
+  `u21us` decimal(6,0) UNSIGNED NOT NULL,
+  `minpricegb` decimal(6,0) UNSIGNED NOT NULL,
+  `minpriceus` decimal(6,0) UNSIGNED NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `prices`
+--
+
+INSERT INTO `prices` (`oneyeargb`, `oneyearus`, `fiveyeargb`, `fiveyearus`, `militarygb`, `militaryus`, `u21gb`, `u21us`, `minpricegb`, `minpriceus`) VALUES
+('30', '40', '125', '140', '5', '8', '2', '3', '15', '20');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `reserves_info`
+--
+
+CREATE TABLE `reserves_info` (
+  `reserves_id` mediumint(4) UNSIGNED NOT NULL,
+  `bird_hides` enum('yes','no') CHARACTER SET utf8 NOT NULL,
+  `entrance_member` tinytext CHARACTER SET utf8 NOT NULL,
+  `entr_non_member` tinytext CHARACTER SET utf8 NOT NULL,
+  `location_id` mediumint(4) UNSIGNED NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_german2_ci;
+
+--
+-- Dumping data for table `reserves_info`
+--
+
+INSERT INTO `reserves_info` (`reserves_id`, `bird_hides`, `entrance_member`, `entr_non_member`, `location_id`) VALUES
+(1, 'yes', 'free', '1', 1),
+(2, 'yes', '1', '2', 2),
+(3, 'yes', 'free', '1', 3),
+(4, 'no', 'free', 'free', 4),
+(5, 'no', 'free', 'free', 5);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `userid` mediumint(6) UNSIGNED NOT NULL,
+  `title` tinytext,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `class` char(20) NOT NULL,
+  `user_level` tinyint(2) UNSIGNED NOT NULL,
+  `address1` varchar(50) NOT NULL,
+  `address2` varchar(50) DEFAULT NULL,
+  `city` varchar(50) NOT NULL,
+  `state_country` char(25) NOT NULL,
+  `zcode_pcode` char(10) NOT NULL,
+  `phone` char(15) DEFAULT NULL,
+  `secret` varchar(60) DEFAULT NULL,
+  `paid` enum('No','Yes') NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`userid`, `title`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `class`, `user_level`, `address1`, `address2`, `city`, `state_country`, `zcode_pcode`, `phone`, `secret`, `paid`) VALUES
+(1, 'Mr', 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$UiiBhmXca.0/bwopveFq8uInuX.EVrecinUQYQG546WjAWwZLJNoe', '2017-12-06 08:43:41', '30', 0, '4 The Street', 'The Village', 'Townsville', 'USA', 'WA', '0123777888', NULL, 'Yes'),
+(2, 'Mr', 'Jack', 'Smith', 'jsmith@outcook.com', '$2y$10$NjlsajfCITeb.oDXqu9Neuguh3PBKL5EaqZ5ClfW76nVSnW.W.XNO', '2017-12-06 08:47:24', '30', 1, '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', NULL, 'Yes'),
+(4, 'Ms', 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$5KM8jy5MwHIgfVchsdfE8OvuF1cT2VYqU6mte2CWBw1HjmEv3r.ES', '2017-12-06 12:20:33', '2', 0, '6 The Street', '', 'Townsville', 'UK', 'EX9 9PG', '01234777888', NULL, 'Yes'),
+(5, 'Mr', 'Patrick', 'O\'Hara', 'pohara@myisp.org.uk', '$2y$10$0nmGDVmHdWusgFJRmVZADeL43Y7HCPViBrHj/Z2betxiMdMx5Y2sC', '2017-12-06 12:27:32', '30', 0, '5 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', NULL, 'Yes'),
+(6, 'Mr', 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$KCQhEftEJouWPfuOOVoRVOECY/oJTluxHRr85fWlz6nsfN4OHtCie', '2017-12-06 17:02:16', '30', 0, '6 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PS', '', NULL, 'Yes'),
+(7, 'Miss', 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$IrQE3TTkWzNm93FP/VYf.O/yMWDJDpIn/.qjrmvN.I97fvakynuza', '2017-12-06 17:11:44', '30', 0, '7 The Street', 'The Village', 'Townsville', 'UK', 'EXP 6PG', '01234777888', NULL, 'Yes'),
+(8, 'Mrs', 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$R2auBMKMe/Qw2fFr8D.S8eUEENUz8r.YUth5NHAyskNYupUzBen5O', '2017-12-06 17:18:30', '30', 0, '7 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', NULL, 'Yes'),
+(9, 'Mrs', 'Annie', 'Mossity', 'amossity@myisp.org.uk', '$2y$10$amqmyEfaOfiZ0MkIzdO90uZMPw4Mi/4RR70nNd0nxaZSOlxlr.8DC', '2017-12-06 17:24:42', '30', 0, '4 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', NULL, 'Yes'),
+(10, 'Mr', 'Percy', 'Veer', 'pveer@myisp.com', '$2y$10$Wvdx/YO4cCcOQvyMVVtapO3F/eiz2Ow3yU9VcczGMC.dcgwbgIXMS', '2017-12-06 17:28:53', '30', 0, '7 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PG', '01234777888', NULL, 'Yes'),
+(11, 'Mr', 'Darrel', 'Doo', 'ddoo@myisp.co.uk', '$2y$10$cTmJVcuUmTpCOIdQJ8MG3uwLmG7M7V3iE8zPXiNW2PQEdDQZMBftO', '2017-12-06 17:39:30', '30', 0, '5 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '', NULL, 'Yes'),
+(12, 'Mr', 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$YUYnU8UvOF/WUJ5h4VK4Qe.I48ZcAbedjPiDekKHlODduqGdJoI9i', '2017-12-06 18:02:04', '30', 0, '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '01234777888', NULL, 'Yes'),
+(13, 'Mrs', 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$k9sMvE001164jjzJLs.OpOmb9LtluUEbR4GQ4RT5/rvSPNIqbL6gC', '2017-12-07 17:39:34', '30', 0, '6 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', NULL, 'Yes'),
+(14, 'Mr', 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$TOr.IZq/joHIKSk0Oo.jE.yWau48sUSgtC5TzKJ0sl0AoO2Bsk3lW', '2017-12-08 12:16:58', '30', 0, '5 The Street', '', 'Townsville', 'UK', 'EX7 9PG', '01234777888', NULL, 'Yes'),
+(16, 'Miss', 'Lynn', 'Seed', 'lseed@myisp.com', '$2y$10$nEs3Zhh4V5ZznpcPzGs9gOWupjY2NgV87DPpLu2DjqsdyBNRjf4/C', '2017-12-16 20:03:16', '30', 0, '6 The Street', '', 'Townsville', 'UK', 'EX24 6PG', '01234777888', NULL, 'Yes'),
+(17, 'Mr', 'Barry', 'Tone', 'btone@myisp.net', '$2y$10$w4zMq7ij7NmVDeBBKDSmbu963EwchZwAHPZmgZmTQAQ8Gha2jTD5W', '2017-12-16 20:16:40', '30', 0, '2 The Street', '', 'Townsville', 'USA', 'CA12345', '', NULL, 'Yes'),
+(30, 'Mr', 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$lePdxFz7ZKn/bJ41BS0h/ehWyIL2ZgK123iPQJahNCaRjgxVY3Rfq', '2017-12-29 11:28:43', '30', 0, '2 The Street', 'The Village', 'Townsville', 'Germany', 'BL1234', '', NULL, 'Yes'),
+(31, 'Miss', 'Dee', 'Jected', 'djected@myisp.org.uk', '$2y$10$ujpV7w4blsTdQFWOsE1fiOFYtj9zN4w0WcK5V4WJ60Pc5HWodWlGC', '2017-12-29 11:48:04', '30', 0, '3 The Street', 'The Village', 'Townsville', 'UK', 'EX3 1TH', '', NULL, 'Yes'),
+(32, 'Mr', 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$Yu.c/cw/TSFa9vcMBGAfAe5vzyOwp3SZarBVc/9vEksfp.F8BzSiW', '2017-12-29 11:58:51', '30', 0, '2 The Street', '', 'Townsville', 'UK', 'EX24 6PS', '01234777888', NULL, 'Yes'),
+(40, 'Mr', 'James', 'Smith', 'jsmith@outcook.com', '$2y$10$ex0.2VNU/lQv73UvaCXfDOwa/xiH72PpuiRD20KIiufgSlqAT0A2.', '2018-03-02 17:05:00', '5', 0, '123 Main Street', '', 'Key West', 'FL', '33040', '305-555-5555', NULL, 'No');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `reserves_info`
+--
+ALTER TABLE `reserves_info`
+  ADD PRIMARY KEY (`reserves_id`),
+  ADD KEY `location_id` (`location_id`);
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`userid`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `reserves_info`
+--
+ALTER TABLE `reserves_info`
+  MODIFY `reserves_id` mediumint(4) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=6;
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `userid` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=46;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch09/birds/cap.php b/Ch09/birds/cap.php
new file mode 100644
index 0000000..201053b
--- /dev/null
+++ b/Ch09/birds/cap.php
@@ -0,0 +1,17 @@
+<?php
+        if(isset($_POST['g-recaptcha-response'])){
+			$captcha=$_POST['g-recaptcha-response'];
+			$secretKey = "Put your secret key here";
+			$ip_address = $_SERVER['REMOTE_ADDR'];
+			$response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha."&remoteip=".$ip_address);
+			$keys = json_decode($response,true);
+			if(intval($keys["success"]) !== 1) {
+				echo "<h4 class='text-center'>Are you human? Click recaptcha</h4>";
+				header( "refresh:1;" );
+			}
+		}
+		else { echo "<h4 class='text-center'>Are you human? Click recaptcha!</h4>";
+		header( "refresh:1;" );
+		}
+		
+?>	
\ No newline at end of file
diff --git a/Ch09/birds/footer.php b/Ch09/birds/footer.php
new file mode 100644
index 0000000..742b705
--- /dev/null
+++ b/Ch09/birds/footer.php
@@ -0,0 +1,5 @@
+<p>Copyright &copy; Adrian West & Steve Prettyman 2017  Designed by
+<a href="http://www.colycomputerhelp.co.uk/">Adrian West </a> and 
+<a href=http://www.littleoceanwaves.com>Steve Prettyman </a>  Valid
+<a href="http://jigsaw.w3.org/css-validator/">CSS</a> &amp;
+<a href="http://validator.w3.org/">HTML5</a></p>
\ No newline at end of file
diff --git a/Ch09/birds/images/Thumbs.db b/Ch09/birds/images/Thumbs.db
new file mode 100644
index 0000000..1d6d961
Binary files /dev/null and b/Ch09/birds/images/Thumbs.db differ
diff --git a/Ch09/birds/images/header3.jpg b/Ch09/birds/images/header3.jpg
new file mode 100644
index 0000000..8fbd7c3
Binary files /dev/null and b/Ch09/birds/images/header3.jpg differ
diff --git a/Ch09/birds/images/vertical_solution_PP.png b/Ch09/birds/images/vertical_solution_PP.png
new file mode 100644
index 0000000..8693bd4
Binary files /dev/null and b/Ch09/birds/images/vertical_solution_PP.png differ
diff --git a/Ch09/birds/includes/footer.php b/Ch09/birds/includes/footer.php
new file mode 100644
index 0000000..6f56f56
--- /dev/null
+++ b/Ch09/birds/includes/footer.php
@@ -0,0 +1 @@
+<p class="h6 col-sm-12" style="color:black;">Footer goes here</p>
\ No newline at end of file
diff --git a/Ch09/birds/includes/header.php b/Ch09/birds/includes/header.php
new file mode 100644
index 0000000..5c91ba7
--- /dev/null
+++ b/Ch09/birds/includes/header.php
@@ -0,0 +1,24 @@
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js"></script>
+  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js"></script>
+<div class="col-sm-8" style="color :white; padding-top: 5%;">
+ <div class="h1 display-4 text-left" >The Devon Bird Reserves</div>
+</div>
+<div class="col-sm-4" style="padding-top: 10px; padding-bottom: 10px;">
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu">
+    <span class="navbar-toggler-icon"></span>
+  </button>
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+		 <li class="nav-item">
+         <a class="btn btn-primary" id="buttons" href="#" role="button">Login</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="member_reg.php" role="button">Register</a>
+		 </li> 	 
+	</ul>
+	 </div>
+    </nav>
+	</div>
diff --git a/Ch09/birds/includes/info-col-cards.php b/Ch09/birds/includes/info-col-cards.php
new file mode 100644
index 0000000..1184ff5
--- /dev/null
+++ b/Ch09/birds/includes/info-col-cards.php
@@ -0,0 +1,6 @@
+<div id="info-col">
+<h3>This is the information column</h3>
+	<p>Web design by <br>A W West and
+	<br>Steve Prettyman</p>
+	<img alt="Pay by PayPal or Credit card" title="Pay by PayPal or Credit card"src="images/vertical_solution_PP.png">
+</div>
diff --git a/Ch09/birds/includes/info-col.php b/Ch09/birds/includes/info-col.php
new file mode 100644
index 0000000..1c1ae88
--- /dev/null
+++ b/Ch09/birds/includes/info-col.php
@@ -0,0 +1,3 @@
+<h3>This is the information column</h3>
+<p>Information area</p>
+
diff --git a/Ch09/birds/includes/nav.php b/Ch09/birds/includes/nav.php
new file mode 100644
index 0000000..b7fca5e
--- /dev/null
+++ b/Ch09/birds/includes/nav.php
@@ -0,0 +1,29 @@
+
+<div style="padding-top: 10px; padding-bottom: 10px; padding-right: 15px;">
+     <nav class="float-left navbar navbar-expand-md navbar-dark">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu1">
+    <span class="navbar-toggler-icon"></span>
+    </button> 
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu1"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+      <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" title="Page Two" href="#" role="button">About Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" title="The Birds" href="birds.php" role="button">The Birds</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" title="The Reserves" href="reserves.php" role="button">The Reserves</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" title="Page Five" href="join-2.php" role="button">Join 2 Tables</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" title="Page Five" href="join-3.php" role="button">Join 3 Tables</a>
+	 </li>
+	  <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" title="Return to Home Page" href="index.php" role="button">Home Page</a>
+	 </li>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch09/birds/index.php b/Ch09/birds/index.php
new file mode 100644
index 0000000..d4e37bc
--- /dev/null
+++ b/Ch09/birds/index.php
@@ -0,0 +1,60 @@
+
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Birds Home Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="birds.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 3px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8 row" style="padding-left: 30px;">
+<h2 style="padding-left: 50px; padding-top: 20px;">Help Save Our Devon Birds From Extinction</h2>
+<div class="col-sm-8 text-left">
+<p>The Devon bird reserves were established in an effort to combat the massive decline 
+in the bird population. Farmers (the self proclaimed Guardians of the Countryside!) spray 
+insecticides, weed killers and pesticides that kill the birds' main source of food. They 
+also rip out the hedges that provide the birds with nesting sites and their means of 
+travelling safely from field to field. Any birds that survive will probably be shot to 
+satisfy a blood lust for living targets</p>
+</div>
+<div class="col-sm-4">
+<h4 class="text-center"><strong>Become a member and support our cause</strong></h4>
+<p class="text-left">The annual membership fee includes free or reduced entrance fees to the reserves, 
+a free quarterly magazine, news updates and more.</p>
+</div>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2" style="padding-top: 20px; padding-right: 0px;">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;background-color:#CCFF99;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</body>
+</html>
diff --git a/Ch09/birds/join-2.php b/Ch09/birds/join-2.php
new file mode 100644
index 0000000..762a1d4
--- /dev/null
+++ b/Ch09/birds/join-2.php
@@ -0,0 +1,121 @@
+<?php
+define('ERROR_LOG','errorlog.log');
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Two Tables Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="birds.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 3px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8 row" style="padding-left: 30px;">
+<h2>The location and habitat of the Devon Bird Reserves</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the birds table
+require ('mysqli_connect.php'); // Connect to the database
+// Make the query:
+$q = "SELECT location.location, birds.bird_name, birds.rarity, birds.best_time 
+FROM location INNER JOIN birds ON location.bird_id=birds.bird_id";		
+$result = mysqli_query ($dbcon, $q); // Run the query
+if ($result) { // If it ran OK, display the records
+// Table header
+?>
+<table class="table table-striped" style="background: white;color:black;">
+<tr>
+<th scope="col">Location</th>
+<th scope="col">Bird Name</th>
+<th scope="col">Rarity</th>
+<th scope="col">Best Time</th>
+</tr>
+<?php
+// Fetch and print all the records
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	$location = htmlspecialchars($row['location'], ENT_QUOTES);
+	$bird_name = htmlspecialchars($row['bird_name'], ENT_QUOTES);
+	$rarity = htmlspecialchars($row['rarity'], ENT_QUOTES);
+	$best_time = htmlspecialchars($row['best_time'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row">' . $location . '</td>
+	<td scope="row">' . $bird_name . '</td>
+	<td scope="row">' . $rarity . '</td>
+	<td scope="row">' . $best_time . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table
+	mysqli_free_result ($result); // Free up the resources	
+} else { // If it did not run OK
+// Message
+	echo '<p class="text-center">The current birds or locations could not be retrieved. ';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br />Query: ' . $q . '</p>';
+} // End of if ($result)
+mysqli_close($dbcon); // Close the database connection
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+  // e-mail support person to alert there is a problem
+ //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?></p>
+</div><!-- End of the view birds page content. -->
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2" style="padding-top: 20px; padding-right: 0px;">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;background-color:#CCFF99;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</body>
+</html>
diff --git a/Ch09/birds/join-3.php b/Ch09/birds/join-3.php
new file mode 100644
index 0000000..35f741d
--- /dev/null
+++ b/Ch09/birds/join-3.php
@@ -0,0 +1,115 @@
+<?php
+define('ERROR_LOG','errorlog.log');
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Three Tables Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="birds.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 3px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8 row" style="padding-left: 30px;">
+<h2>The location and habitat of the Devon Bird Reserves</h2>
+<p>
+<?php 
+try {
+require ('mysqli_connect.php'); // Connect to the database
+// Make the query:
+$q = "SELECT bird_name, best_time, location, bird_hides, entrance_member, 
+entr_non_member FROM birds 
+INNER JOIN location USING (bird_id) 
+INNER JOIN reserves_info USING (location_id)";		
+$result = mysqli_query ($dbcon, $q); // Run the query
+if ($result) { // If it ran OK, display the records
+// Table header
+?>
+<table class="table table-responsive table-striped" style="background: white;color:black;">
+<tr>
+<th scope="col">Birds Name</th>
+<th scope="col">Best Time</th>
+<th scope="col">Location</th>
+<th scope="col">Bird Hides</th>
+<th scope="col">Entrance Member</th>
+<th scope="col">Entrance Non-Member</th>
+</tr>
+<?php
+// Fetch and print all the records
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	$bird_name = htmlspecialchars($row['bird_name'], ENT_QUOTES);
+	$best_time = htmlspecialchars($row['best_time'], ENT_QUOTES);
+	$location = htmlspecialchars($row['location'], ENT_QUOTES);
+	$bird_hides = htmlspecialchars($row['bird_hides'], ENT_QUOTES);
+	$entrance_member = htmlspecialchars($row['entrance_member'], ENT_QUOTES);
+	$entrance_non_member = htmlspecialchars($row['entr_non_member'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row">' . $bird_name . '</td>
+	<td scope="row">' . $best_time . '</td>
+	<td scope="row">' . $location . '</td>
+	<td scope="row">' . $bird_hides . '</td>
+	<td scope="row">' . $entrance_member . '</td>
+	<td scope="row">' . $entrance_non_member . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table
+	mysqli_free_result ($result); // Free up the resources	
+} else { // If it did not run OK
+// Message
+	echo '<p class="error">The current data could not be retrieved. ';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message
+	echo '<p>' . mysqli_error($dbcon) . '<br><br />Query: ' . $q . '</p>';
+} // End of if ($result)
+mysqli_close($dbcon); // Close the database connection
+}
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?></p>
+</div><!-- End of the view birds page content. -->
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2" style="padding-top: 20px; padding-right: 0px;">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;background-color:#CCFF99;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</body>
+</html>
diff --git a/Ch09/birds/location.php b/Ch09/birds/location.php
new file mode 100644
index 0000000..cf6d198
--- /dev/null
+++ b/Ch09/birds/location.php
@@ -0,0 +1,75 @@
+<!doctype html>
+<html lang=en>
+<head>
+<title>View the location page</title>
+<meta charset=utf-8>
+<link rel="stylesheet" type="text/css" href="birds.css">
+<style type="text/css">
+table { width:500px; background:white; color:black; border:1px black solid; border-collapse:collapse; margin:auto; }
+th,td  { border:1px black solid; padding:1px 0 1px 4px; text-align:left; }
+</style>
+</head>
+<body>
+<br>
+<div id="container">
+<header>
+<?php include("includes/header.php"); ?>
+</header>
+
+<aside>
+<?php include("includes/info-col.php"); ?>
+</aside>
+<div id="content"><!-- Start of the home page content-->
+<nav>
+<?php include("includes/nav.php"); ?>
+</nav>
+<div id="content"><!-- Start of the view location page content. -->
+<div id="midcol">
+<h2>The Locations and Habitats of the Devon Bird Reserves</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the location table
+require ('mysqli_connect.php'); // Connect to the database
+// Make the query:
+$q = "SELECT location, location_type FROM location ORDER BY location_id ASC";		
+$result = mysqli_query ($dbcon, $q); // Run the query
+if ($result) { // If it ran OK, display the records
+// Table header
+echo '<table>
+<td align="left"><b>Location</b></td>
+<td align="left"><b>Location type</b></td>
+</tr>';
+// Fetch and print all the records
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	echo '<tr>
+	<td align="left">' . $row['location'] . '</td>
+	<td align="left">' . $row['location_type'] . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table
+	mysqli_free_result ($result); // Free up the resources	
+} else { // If it did not run OK
+// Message
+	echo '<p class="error">The current location could not be retrieved. We apologize for any inconvenience.</p>';
+	// Debugging message
+	echo '<p>' . mysqli_error($dbcon) . '<br><br />Query: ' . $q . '</p>';
+} // End of if ($result)
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+print  "An Exception occurred. Message: " . $e->getMessage();
+}
+catch(Error $e)
+{
+print  "An Error occurred. Message: " . $e->getMessage();
+}	
+?></p>
+</div></div><!-- End of the view location page content. -->
+<footer>
+<?php include("includes/footer.inc"); ?>
+</footer>
+</div>
+</div>
+</html>
diff --git a/Ch09/birds/member_reg.php b/Ch09/birds/member_reg.php
new file mode 100644
index 0000000..0a9adfe
--- /dev/null
+++ b/Ch09/birds/member_reg.php
@@ -0,0 +1,329 @@
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script>
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+  <link rel="stylesheet" type="text/css" href="birds.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 3px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+  <!-- Validate Input -->
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-8">
+<h2 class="h2 text-center">Register</h2>
+<h3 class="text-center">Items marked with an asterisk * are required</h3>
+<?php
+try {
+require_once("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<form action="member_reg.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+ <div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	   value=
+		"<?php if (isset($_POST['title'])) 
+		echo htmlspecialchars($_POST['title'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label text-right">Membership Class*</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($_POST['level'])) && ( $_POST['level'] == $row[$i])) 
+		{ 
+	?>
+			selected
+	<?php } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['adress1'])) 
+		echo htmlspecialchars($_POST['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, numbers, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['address2'])) 
+		echo htmlspecialchars($_POST['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['city'])) 
+		echo htmlspecialchars($_POST['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['state_country'])) 
+		echo htmlspecialchars($_POST['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>	
+ <div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['zcode_pcode'])) 
+		echo htmlspecialchars($_POST['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	   value=
+		"<?php if (isset($_POST['phone'])) 
+		echo htmlspecialchars($_POST['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+      <label for="question" class="col-sm-4 col-form-label text-right">
+	  Secret Question*:</label>
+	  <div class="col-sm-8">
+      <select id="question" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Maiden">Mother's Maiden Name</option>
+	<option value="Pet">Pet's Name</option>
+	<option value="School">High School</option>
+	<option value="Vacation">Favorite Vacation Spot</option>
+	</select>
+	</div>
+	</div>  
+	<div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Answer*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Secret Answer" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['secret'])) 
+		echo htmlspecialchars($_POST['secret'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="float-left g-recaptcha" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+<!-- Right-side Column Content Section -->
+<?php
+
+ if(!isset($errorstring)) {
+	echo '<aside class="col-sm-2">';
+	include('includes/info-col-cards.php');
+	echo '</aside>';
+	echo '</div>';
+	echo '<footer class="jumbotron text-center row col-sm-14"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;">';
+ }
+ else
+ {
+	echo '<footer class="jumbotron text-center col-sm-12"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;">';
+ }
+  include('includes/footer.php');
+  echo "</footer>";
+  echo "</div>";
+  }
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+  // e-mail support person to alert there is a problem
+ //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+   }
+ ?>
+</body>
+</html>
diff --git a/Ch09/birds/mysqli_connect.php b/Ch09/birds/mysqli_connect.php
new file mode 100644
index 0000000..d6ba870
--- /dev/null
+++ b/Ch09/birds/mysqli_connect.php
@@ -0,0 +1,11 @@
+<?php 
+// This creates a connection to the birdsdb database, it also sets the encoding to utf-8.
+// Set the access details as constants:
+DEFINE ('DB_USER', 'faraday');
+DEFINE ('DB_PASSWORD', 'Dynam01831');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'birdsdb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
\ No newline at end of file
diff --git a/Ch09/birds/pay-with-check.php b/Ch09/birds/pay-with-check.php
new file mode 100644
index 0000000..9459dc3
--- /dev/null
+++ b/Ch09/birds/pay-with-check.php
@@ -0,0 +1,83 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Pay With Check Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script>
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+  <link rel="stylesheet" type="text/css" href="birds.css" media="screen">
+<link rel="stylesheet" type="text/css" href="print.css" media="print">
+<style type="text/css">
+label { margin-bottom:5px; }
+label { width:570px; float:left; text-align:right; }
+.sign { font-weight:bold;}
+</style>
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 3px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h4>Complete your Registration by Paying with a Check</h4>
+<p>Thank you for registering online, now please fill out this 
+form. Asterisks indicate essential fields. When you 
+have filled out the form please print two copies by clicking the "Print This 
+Form" button. Sign one copy and keep one for reference, sign a check payable 
+to &quot;The Devon Bird 
+Reserves&quot;. </p><p>Mail the signed form and check to: <br>The Treasurer, 
+The Devon Bird Reserves, 
+99 The Street, The Village, EX99 99ZZ </p>
+<form>
+<div id="fields"> 
+<label class="label" for="title">Title<span class="large-red">*</span>
+<input id="title" name="title" size="35" type="text" required></label>
+<br><br><label class="label" for="firstname">First Name<span class="large-red">*</span>
+<input id="firstname" name="firstname" size="35" type="text" required></label><br>
+<br><label class="label" for="lastname">Last Name<span class="large-red">*</span>
+<input id="lastname" name="lastname" size="35" type="text" required></label><br>
+<br><label class="label" for="useremail">Your Email Address<span class="large-red">*</span>
+<input id="useremail" name="useremail" type="email" size="35" required></label><br>
+</div>
+</form><br><br>
+<p class="sign">
+ Signed___________________________________________&nbsp;Date_________________</p>
+ <br>
+<div id="button">
+	<input type="button" value="Click to automatically print the form in black and white"
+	onclick="window.print()" title="Print this Form"><br>
+</div>
+<!--End of content.-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col-cards.php'); ?> 
+	</aside>
+</div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;background-color:#CCFF99;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</body>
+</html>
diff --git a/Ch09/birds/print.css b/Ch09/birds/print.css
new file mode 100644
index 0000000..fc221f9
--- /dev/null
+++ b/Ch09/birds/print.css
@@ -0,0 +1,10 @@
+/*PRINT.CSS: style amendments for printing only*/
+/*SELECT ITEMS THAT YOU DO NOT WANT TO PRINT, e.g., 
+header, menu, print-this-page button, and footer*/
+#header, #nav, #leftcol, #button, #rightcol, #footer, 
+#info-col, ul { display:none; }
+input { border:1px black solid; }
+h2 { font-size:16pt; color:black; text-align:center; }
+h3 { text-align:center; font-size:11pt;}
+/*REVEAL OUTGOING URL links on printed page*/
+a[href^="http://":after {content: "(" attr(href)")"; }
\ No newline at end of file
diff --git a/Ch09/birds/process-register-page.php b/Ch09/birds/process-register-page.php
new file mode 100644
index 0000000..2161795
--- /dev/null
+++ b/Ch09/birds/process-register-page.php
@@ -0,0 +1,213 @@
+<?php
+define("ERROR_LOG","errors.log");
+// Has the form been submitted?
+try {
+require ('mysqli_connect.php'); // Connect to the database
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+//Is the title present? If it is, sanitize it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}							
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password1trim);		
+if (empty($password1trim)){   //                                             #7
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password1trim)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+$password2trim = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);	
+if($password1trim === $password2trim) { //                                 #9
+$password = $password1trim;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+}
+//Is the 1st address present? If it is, sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only numeric, alphabetic, period, comma, dash and space. Max 30.';
+	}
+//If the 2nd address is present? If it is, sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_countrytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+$string_length = strlen($zcode_pcode);
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode))  &&
+   ($string_length <= 30) && ($string_length >= 5)) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the secret present? If it is, sanitize it
+$secret = filter_var( $_POST['secret'], FILTER_SANITIZE_STRING);		
+if ((!empty($secret)) && (preg_match('/[a-z\.\s\,\-]/i', $secret)) &&
+  (strlen($secret) <= 30)) {					
+	//Sanitize the trimmed city	
+	$secrettrim = $secret;					
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+//Is the phone number present? If it is, sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+//Is the class present? If it is, sanitize it
+$class = filter_var( $_POST['level'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($class)) && (strlen($class) <= 3)) {					
+	//Sanitize the trimmed phone number	
+	$classtrim = (filter_var($class, FILTER_SANITIZE_NUMBER_INT));	
+	}else{	
+	$errors[] = 'Missing Level Selection.';
+	}	
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT userid FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $emailtrim);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+
+	$query = "INSERT INTO users (userid, title, first_name, last_name, email, password, class, "; 
+    $query .= "address1, address2, city, state_country, zcode_pcode, phone, secret, registration_date) ";
+    $query .= "VALUES ";
+	$query .= "(' ',?,?,?,?,?,?,?,?,?,?,?,?,?,NOW())"; 	
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'sssssssssssss', 
+	$titletrim, $first_nametrim, $last_nametrim, $emailtrim, $hashed_password, $classtrim, $address1trim, 
+	$address2trim, $citytrim, $state_countrytrim, $zcode_pcodetrim, $phonetrim, $secrettrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+	header ("location: register-thanks.php?class=" . $classtrim); 					
+	} else {
+	// echo 'Invalid query:' . $dbcon->error; 
+    $errorstring = "System is busy, please try later";
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+	}
+	}else{//The email address is already registered                         
+    $errorstring = 'The email address is already registered.';
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+$errorstring = 'Error! The following error(s) occurred: ';
+foreach ($errors as $msg) { // Print each error.				
+$errorstring .= " - $msg<br>\n";
+    }
+$errorstring .= 'Please try again.';
+echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+    }// End of if (empty($errors)) IF.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   // $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch09/birds/register-thanks.php b/Ch09/birds/register-thanks.php
new file mode 100644
index 0000000..0631f66
--- /dev/null
+++ b/Ch09/birds/register-thanks.php
@@ -0,0 +1,165 @@
+<?php
+define("ERROR_LOG","errorlog.log");
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script>
+<script src='https://www.google.com/recaptcha/api.js'></script>   
+  <link rel="stylesheet" type="text/css" href="birds.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 3px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8">
+<h3 class="h2 text-center" >Thank you for registering</h2>
+<h6 class="text-center">To confirm your registration please verify membership class and pay the membership fee now.</h6>
+<h6 class="text-center">You can use PayPal, a check or a credit/debit card.</h6>
+<p class="text-center" >When you have completed your registration you will be able to login 
+to the member's only pages.</p>
+<?php
+try {
+require ("mysqli_connect.php");
+$query = "SELECT * FROM prices";		
+$result = mysqli_query ($dbcon, $query); // Run the query.
+if ($result) { // If it ran OK, display the records.
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+$yearsarray = array(
+"Standard one year:", "Standard five year:", "Military one year:", "Under 21 one year:",
+ "Other - Give what you can. Maybe:" );
+echo '<h6 class="text-center text-danger">Membership classes:</h6>' ;
+echo '<h6 class="text-center text-danger small"> ';
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo $yearsarray[$j] . " &pound; " . 
+		htmlspecialchars($row[$i], ENT_QUOTES)  . 
+		" GB, &dollar; " . 
+		htmlspecialchars($row[$i + 1], ENT_QUOTES) . 
+		" US";
+	
+	if ($j != 4) {
+	if ($j % 2 == 0) { echo "</h6><h6 class='text-center text-danger small'>"; }
+	else { echo " , "; }
+	}
+}
+echo "</h6>";
+}
+?>
+<p></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="XXXXXXXXXXXXX">
+<div class="form-group row">
+    <label for="level" class="col-sm-4 col-form-label text-right">*Membership Class</label>
+    <div class="col-sm-8">
+		<select id="level" name="level" class="form-control" required>
+		<option value="0" >-Select-</option>
+<?php 
+$class = htmlspecialchars($_GET['class'], ENT_QUOTES);
+for ($j = 0, $i = 0; $j < 5; $j++, $i = $i + 2) {
+
+	echo '<option value="' .
+		 htmlspecialchars($row[$i], ENT_QUOTES) . '" ';	
+	if ((isset($class)) && ( $class == $row[$i])) 
+		{ 
+	
+			echo ' selected ';
+	 } 
+	echo ">" . $yearsarray[$j] . " " .
+	    htmlspecialchars($row[$i], ENT_QUOTES) .
+		" &pound; GB, " .
+		 htmlspecialchars($row[$i + 1], ENT_QUOTES) .
+		 "&dollar; US</option>";
+}
+?>
+</select>
+</div>
+</div>
+<div class="form-group row">
+    <div class="col-sm-6 col-form-label">	
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu">
+    <span class="navbar-toggler-icon"></span>
+  </button>
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="pay-with-check.php" role="button">Pay By Check</a>
+		 </li> 	 
+	</ul>
+	 </div>
+    </nav>	
+	</div>
+    <div class="col-sm-6">
+<!-- Replace the code below with code provided by PayPal once you obtain a Merchant ID -->
+<input type="hidden" name="currency_code" value="GBP">
+<input style="margin:10px 0 0 40px" type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_buynowCC_LG.gif" name="submit" alt="PayPal  The safer, easier way to pay online.">
+<img alt="" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="1" height="1">
+<!-- Replace code above with PayPal provided code -->
+</div>
+</div>
+</form>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/info-col-cards.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;background-color:#CCFF99;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+<?php 
+} // end try
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
+</body>
+</html>
diff --git a/Ch09/birds/reserves.php b/Ch09/birds/reserves.php
new file mode 100644
index 0000000..5393922
--- /dev/null
+++ b/Ch09/birds/reserves.php
@@ -0,0 +1,115 @@
+<?php
+define('ERROR_LOG','errorlog.log');
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Reserves Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="birds.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 3px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; padding:20px;background-color:#CCFF99;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Left-side Column Menu Section -->
+  <nav class="col-sm-2">
+      <ul class="nav nav-pills flex-column">
+		<?php include('includes/nav.php'); ?> 
+      </ul>
+  </nav>
+<!-- Center Column Content Section -->
+<div class="col-sm-8 row" style="padding-left: 30px;">
+<h2>The location and habitat of the Devon Bird Reserves</h2>
+<p>
+<?php 
+try {
+// This script retrieves all the records from the users table
+require ('mysqli_connect.php'); // Connect to the database
+// Make the query:
+$q = "SELECT location, location_type FROM location ORDER BY ";
+$q .= "location_id ASC";		
+$result = mysqli_query ($dbcon, $q); // Run the query
+if ($result) { // If it ran OK, display the records
+// Table header
+?>
+<table class="table table-striped" style="background: white;color:black;">
+<tr>
+<th scope="col">Location</th>
+<th scope="col">Location Type</th>
+</tr>
+<?php
+// Fetch and print all the records
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	$location = htmlspecialchars($row['location'], ENT_QUOTES);
+	$location_type = htmlspecialchars($row['location_type'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row">' . $location . '</td>
+	<td scope="row">' . $location_type . '</td>
+	</tr>';
+	}
+	echo '</table>'; // Close the table
+	mysqli_free_result ($result); // Free up the resources	
+} else { // If it did not run OK
+// Message
+	echo '<p class="text-center">The current locations could not be retrieved. ';
+	echo 'We apologize for any inconvenience.</p>';
+	// Debugging message
+	//echo '<p>' . mysqli_error($dbcon) . '<br><br />Query: ' . $q . '</p>';
+} // End of if ($result)
+mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+  // e-mail support person to alert there is a problem
+ //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?></p>
+</div><!-- End of the view birds page content. -->
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2" style="padding-top: 20px; padding-right: 0px;">
+      <?php include('includes/info-col.php'); ?> 
+	</aside>
+  </div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="padding-bottom:1px; padding-top:8px;background-color:#CCFF99;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</body>
+</html>
diff --git a/Ch09/birds/verify.js b/Ch09/birds/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch09/birds/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch10/msgboarddb/cap.php b/Ch10/msgboarddb/cap.php
new file mode 100644
index 0000000..201053b
--- /dev/null
+++ b/Ch10/msgboarddb/cap.php
@@ -0,0 +1,17 @@
+<?php
+        if(isset($_POST['g-recaptcha-response'])){
+			$captcha=$_POST['g-recaptcha-response'];
+			$secretKey = "Put your secret key here";
+			$ip_address = $_SERVER['REMOTE_ADDR'];
+			$response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha."&remoteip=".$ip_address);
+			$keys = json_decode($response,true);
+			if(intval($keys["success"]) !== 1) {
+				echo "<h4 class='text-center'>Are you human? Click recaptcha</h4>";
+				header( "refresh:1;" );
+			}
+		}
+		else { echo "<h4 class='text-center'>Are you human? Click recaptcha!</h4>";
+		header( "refresh:1;" );
+		}
+		
+?>	
\ No newline at end of file
diff --git a/Ch10/msgboarddb/forum.php b/Ch10/msgboarddb/forum.php
new file mode 100644
index 0000000..e2365ec
--- /dev/null
+++ b/Ch10/msgboarddb/forum.php
@@ -0,0 +1,46 @@
+<?php
+// Start the session.
+session_start() ;
+ //Redirect if not logged in.
+if ( !isset( $_SESSION[ 'member_id' ] ) )
+{ header("Location: login.php");
+exit(); }
+$menu = 4;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Thank You Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<h4 class="text-center">Thanks for logging in. Choose a forum from the menu above.</h4>
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/forum_c.php b/Ch10/msgboarddb/forum_c.php
new file mode 100644
index 0000000..74895a7
--- /dev/null
+++ b/Ch10/msgboarddb/forum_c.php
@@ -0,0 +1,78 @@
+<?php // Start the session.
+session_start() ;
+// Redirect if not logged in.
+if ( !isset( $_SESSION[ 'member_id' ] ) )
+{ header("Location: login.php");
+exit(); }
+$menu = 9;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Message Board Home Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<h4 class="text-center">Comic Quotes</h4>
+<?php
+// Connect to the database
+require ( 'mysqli_connect.php' ) ;
+// Make the query
+$query = "SELECT user_name,post_date,subject,message FROM forum WHERE subject = 'Comical Quotes' ORDER BY 'post_date' ASC";
+$result = mysqli_query( $dbcon, $query ) ;
+if ( mysqli_num_rows( $result ) > 0 )
+{
+?>
+<table class="table table-responsive table-striped col-sm-12" 
+style="background: white;color:black; padding-left: 20px;">
+<tr>
+<th scope="col">Posted By</th>
+<th scope="col">Forum</th>
+<th scope="col">Quotation</th>
+</tr>	
+<?php
+  while ( $row = mysqli_fetch_array( $result, MYSQLI_ASSOC ))
+  {
+	$user_name = htmlspecialchars($row['user_name'], ENT_QUOTES);
+	$post_date = htmlspecialchars($row['post_date'], ENT_QUOTES);
+	$message = htmlspecialchars($row['message'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row">' . $user_name . '</td>
+	<td scope="row">' . $post_date . '</td>
+	<td scope="row">' . $message . '</td>
+	</tr>';  
+  }
+  echo '</table>' ;
+}
+else { echo 'There are currently no messages.' ; }
+mysqli_close( $dbcon ) ;
+?>
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/forum_w.php b/Ch10/msgboarddb/forum_w.php
new file mode 100644
index 0000000..8788b1c
--- /dev/null
+++ b/Ch10/msgboarddb/forum_w.php
@@ -0,0 +1,78 @@
+<?php // Start the session.
+session_start() ;
+// Redirect if not logged in.
+if ( !isset( $_SESSION[ 'member_id' ] ) )
+{ header("Location: login.php");
+exit(); }
+$menu = 10;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Message Board Home Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<h4 class="text-center">Wise Quotes</h4>
+<?php
+// Connect to the database
+require ( 'mysqli_connect.php' ) ;
+// Make the query
+$query = "SELECT user_name,post_date,subject,message FROM forum WHERE subject = 'Wise Quotes' ORDER BY 'post_date' ASC";
+$result = mysqli_query( $dbcon, $query ) ;
+if ( mysqli_num_rows( $result ) > 0 )
+{
+?>
+<table class="table table-responsive table-striped col-sm-12" 
+style="background: white;color:black; padding-left: 50px;">
+<tr>
+<th scope="col">Posted By</th>
+<th scope="col">Forum</th>
+<th scope="col">Quotation</th>
+</tr>	
+<?php
+  while ( $row = mysqli_fetch_array( $result, MYSQLI_ASSOC ))
+  {
+	$user_name = htmlspecialchars($row['user_name'], ENT_QUOTES);
+	$post_date = htmlspecialchars($row['post_date'], ENT_QUOTES);
+	$message = htmlspecialchars($row['message'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row">' . $user_name . '</td>
+	<td scope="row">' . $post_date . '</td>
+	<td scope="row">' . $message . '</td>
+	</tr>';  
+  }
+  echo '</table>' ;
+}
+else { echo 'There are currently no messages.' ; }
+mysqli_close( $dbcon ) ;
+?>
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/images/Thumbs.db b/Ch10/msgboarddb/images/Thumbs.db
new file mode 100644
index 0000000..685af6f
Binary files /dev/null and b/Ch10/msgboarddb/images/Thumbs.db differ
diff --git a/Ch10/msgboarddb/includes/footer.php b/Ch10/msgboarddb/includes/footer.php
new file mode 100644
index 0000000..6048dd8
--- /dev/null
+++ b/Ch10/msgboarddb/includes/footer.php
@@ -0,0 +1 @@
+<p>Footer goes here</p>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/includes/header.php b/Ch10/msgboarddb/includes/header.php
new file mode 100644
index 0000000..19eec49
--- /dev/null
+++ b/Ch10/msgboarddb/includes/header.php
@@ -0,0 +1,157 @@
+
+<meta name="viewport" content="width=device-width, initial-scale=1">
+  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js"></script>
+  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js"></script>
+<div class="col-sm-8">
+ <h1 class="mb-4 font-bold float-left" style="color:white">
+ <?php 
+ if (!empty($_GET['name'])) {
+  $name = filter_var( $_GET['name'], FILTER_SANITIZE_STRING);
+  echo $name;
+ }
+ else { echo "Quick Quotes"; }
+ ?>
+ </h1>
+ </div>
+	<nav class="float-left navbar navbar-expand-xl navbar-trans navbar-light">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu">
+    <span class="navbar-toggler-icon"></span>
+  </button>
+	 <div class="btn-group btn-group-md collapse navbar-collapse navbar" id="collapsibleMenu"  role="group" aria-label="Button Group">
+	 <?php
+	 switch ($menu) {
+	case 1: //index.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'logout.php?name=Logout'">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'view_posts.php?name=Your Quotes'" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'post.php?name=Add A Quote'">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_c.php?name=Comic Quotes'" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_w.php?name=Wise Quotes'">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'search.php?name=Search Quotes'" >Search Quotes</button>
+	<?php
+        break;	 	 
+    case 2: // safer-register-page.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'index.php?name=Quick Quote'">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Search Quotes</button>
+	<?php
+        break;
+	case 3: // login.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'index.php?name=Quick Quote'">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'safer-register-page.php?name=Register'" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Search Quotes</button>
+	<?php
+		break;
+	case 4: //forum.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'index.php?name=Quick Quotes'">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'logout.php?name=Logout'">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'view_posts.php?name=Your Quotes'" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'post.php?name=Add A Quote'">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_c.php?name=Comic Quotes'" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_w.php?name=Wise Quotes'">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'search.php?name=Search Quotes'" >Search Quotes</button>
+	<?php
+        break;	
+	case 5: // login.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'login.php?name=Login'" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'safer-register-page.php?name=Register'" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Search Quotes</button>
+	<?php
+		break;
+	case 6: //search.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'index.php?name=Quick Quotes'">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'logout.php?name=Logout'">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'view_posts.php?name=Your Quotes'" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'post.php?name=Add A Quote'">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_c.php?name=Comic Quotes'" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_w.php?name=Wise Quotes'">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Search Quotes</button>
+	<?php
+        break;
+    case 7: //viewposts.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'index.php?name=Quick Quotes'">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'logout.php?name=Logout'">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'post.php?name=Add A Quote'">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_c.php?name=Comic Quotes'" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_w.php?name=Wise Quotes'">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'search.php?name=Search Quotes'" >Search Quotes</button>
+	<?php
+        break;
+    case 8: //post.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'index.php?name=Quick Quotes'">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'logout.php?name=Logout'">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'view_posts.php?name=Your Quotes'" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_c.php?name=Comic Quotes'" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_w.php?name=Wise Quotes'">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'search.php?name=Search Quotes'" >Search Quotes</button>
+	<?php
+        break;	
+    case 9: //forum_c.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'index.php?name=Quick Quotes'">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'logout.php?name=Logout'">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'view_posts.php?name=Your Quotes'" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'post.php?name=Add A Quote'">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_w.php?name=Wise Quotes'">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'search.php?name=Search Quotes'" >Search Quotes</button>
+	<?php
+        break;
+    case 10: //forum_w.php
+	    ?>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'index.php?name=Quick Quotes'">Home Page</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Login</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 110px;" onclick="location.href = 'logout.php?name=Logout'">Logout</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 110px;" onclick="location.href = ''" >Register</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'view_posts.php?name=Your Quotes'" >Your Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'post.php?name=Add A Quotes'">Add A Quote</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'forum_c.php?name=Comic Quotes'" >Comic Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary disabled" style="width: 120px;" onclick="location.href = ''">Wise Quotes</button>
+	<button type="button" class="btn btn-secondary bg-primary" style="width: 120px;" onclick="location.href = 'search.php?name=Search Quotes'" >Search Quotes</button>
+	<?php
+        break;			
+	}
+	?>
+</div>
+    </nav>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/index.php b/Ch10/msgboarddb/index.php
new file mode 100644
index 0000000..c427c6a
--- /dev/null
+++ b/Ch10/msgboarddb/index.php
@@ -0,0 +1,78 @@
+<?php // Start the session.
+session_start() ;
+if ( isset( $_SESSION[ 'member_id' ] ) )
+{ $menu = 1;}
+else { $menu = 5; }
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Message Board Home Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<h4 class="text-center">This home page shows a selection from our large collection of quotations.</h4>
+<h4 class="text-center">To view the whole collection, please register. </h4>
+<h5 class="text-center">You will then be able to contribute to this message board by adding quotations.</h5>
+<?php
+// Connect to the database
+require ( 'mysqli_connect.php' ) ;
+// Make the query
+$query = "SELECT user_name,post_date, subject, message FROM forum LIMIT 4" ;
+$result = mysqli_query( $dbcon, $query ) ;
+if ( mysqli_num_rows( $result ) > 0 )
+{
+?>
+<table class="table table-responsive table-striped col-sm-12" 
+style="background: white;color:black; padding-left: 80px;">
+<tr>
+<th scope="col">Posted By</th>
+<th scope="col">Subject</th>
+<th scope="col">Message</th>
+</tr>
+<?php
+  while ( $row = mysqli_fetch_array( $result, MYSQLI_ASSOC ))
+  {
+	$user_name = htmlspecialchars($row['user_name'], ENT_QUOTES);
+	$post_date = htmlspecialchars($row['post_date'], ENT_QUOTES);
+	$message = htmlspecialchars($row['message'], ENT_QUOTES);
+	echo '<tr>
+	<td scope="row">' . $user_name . '</td>
+	<td scope="row">' . $post_date . '</td>
+	<td scope="row">' . $message . '</td>
+	</tr>';
+  }
+  echo '</table>' ;
+}
+else { echo '<p class="text-center">There are currently no messages.</p>' ; }
+mysqli_close( $dbcon ) ;
+?>
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/login.php b/Ch10/msgboarddb/login.php
new file mode 100644
index 0000000..085411d
--- /dev/null
+++ b/Ch10/msgboarddb/login.php
@@ -0,0 +1,93 @@
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+$menu = 3;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Login Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src='https://www.google.com/recaptcha/api.js'></script>   
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                              
+ require('process-login.php');
+} 
+?>
+<!-- Display the login form fields -->
+<div class="col-sm-10">
+<h3 class="h3 text-center">
+<?php if(empty($errorstring)) { echo "Login"; }
+else { echo $errorstring; }
+?>
+</h3>
+<form action="login.php" method="post" name="loginform" id="loginform">
+<div class="form-group row">
+    <label for="user_name" class="col-sm-4 col-form-label text-right">User ID:</label>
+    <div class="col-sm-6">
+      <input type="user_name" class="form-control" id="user_name" name="user_name" 
+	  placeholder="User ID" maxlength="30" size="30" required
+	   value=
+		"<?php if (isset($_POST['user_name'])) 
+		echo htmlspecialchars($_POST['user_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="passcode" class="col-sm-4 col-form-label text-right">Password:</label>
+    <div class="col-sm-6">
+      <input type="password" class="form-control" id="passcode" name="passcode" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['passcode'])) 
+		echo htmlspecialchars($_POST['passcode'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8" style="padding-left: 80px;">
+  <div class="float-left g-recaptcha" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>  
+<div class="form-group row">
+	<label for="" class="col-sm-3 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Login">
+    </div>
+	</div>
+	</form>
+</div>
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-left: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/logout.php b/Ch10/msgboarddb/logout.php
new file mode 100644
index 0000000..b114a8e
--- /dev/null
+++ b/Ch10/msgboarddb/logout.php
@@ -0,0 +1,18 @@
+<?php
+session_start();//access the current session.                  
+// if no session variable exists then redirect the user
+if (!isset($_SESSION['member_id'])) {        
+header("location:index.php");
+exit();
+//cancel the session and redirect the user:
+}else{ //cancel the session
+    $_SESSION = array(); // Destroy the variables
+	$params = session_get_cookie_params();
+	// Destroy the cookie
+	setcookie(session_name(), '', time()-42000,
+	$params["path"], $params["domain"],
+	$params["secure"], $params["httponly"]);
+if (session_status() == PHP_SESSION_ACTIVE) { 
+session_destroy(); } // Destroy the session itself
+header("location:index.php");
+	}
diff --git a/Ch10/msgboarddb/msgboard.css b/Ch10/msgboarddb/msgboard.css
new file mode 100644
index 0000000..cd0339f
--- /dev/null
+++ b/Ch10/msgboarddb/msgboard.css
@@ -0,0 +1,4 @@
+body {
+font-size: 100%; margin: 10px;}
+
+
diff --git a/Ch10/msgboarddb/msgboarddb.sql b/Ch10/msgboarddb/msgboarddb.sql
new file mode 100644
index 0000000..ef0b0ac
--- /dev/null
+++ b/Ch10/msgboarddb/msgboarddb.sql
@@ -0,0 +1,124 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Jul 27, 2018 at 07:14 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `msgboarddb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `forum`
+--
+
+CREATE TABLE `forum` (
+  `post_id` int(8) UNSIGNED NOT NULL,
+  `user_name` varchar(12) NOT NULL,
+  `subject` varchar(60) NOT NULL,
+  `message` varchar(200) NOT NULL,
+  `post_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `forum`
+--
+
+INSERT INTO `forum` (`post_id`, `user_name`, `subject`, `message`, `post_date`) VALUES
+(1, 'lilythepink', 'Wise Quotes', '\"Adversity causes some men to break: others to break records\" William Arthur Ward', '2018-07-02 21:21:54'),
+(2, 'mechanic7', 'Comical Quotes', '\"I love deadlines. I like the whooshing sound they make as they fly by\" Douglas Adams', '2018-06-26 19:52:48'),
+(3, 'lilythepink', 'Comical Quotes', '\"Golf is a good walk spoiled\" Mark Twain', '2018-06-26 16:02:56'),
+(4, 'lilythepink', 'Comical Quotes', '\"Life is one darned thing after another\" Mark Twain', '2018-06-26 16:37:23'),
+(5, 'giantstep12', 'Comical Quotes', 'Jack Benny once said \"Give me golf clubs, fresh air and a beautiful partner and you can keep the golf clubs and fresh air\"', '2018-06-26 18:17:54'),
+(6, 'mythking', 'Wise Quotes', '\"Nothing great was ever achieved without great enthusiasm\" Ralph Waldo Emerson', '2018-07-03 12:29:31'),
+(7, 'mythking', 'Wise Quotes', '\"Wise sayings often fall on barren ground, but a kind word is never thrown away\" Arthur Helps', '2018-07-03 12:31:48'),
+(8, 'mythking', 'Comical Quotes', '\"Many a small thing has been made large by the right kind of advertising\" Mark Twain', '2018-07-03 17:46:04'),
+(9, 'mythking', 'Wise Quotes', '\"To do two things at once is to do neither\" Publilius Syrus', '2018-07-03 17:52:20'),
+(11, 'giantstep12', 'Wise Quotes', '\"Anyone who has never made a mistake has never tried anything new\" Albert Einstein', '2018-07-03 20:33:01'),
+(13, 'giantstep12', 'Comical Quotes', '\"Experience is simply the name we give our mistakes\" Oscar Wilde', '2018-07-04 11:04:22'),
+(14, 'giantstep12', 'Comical Quotes', '\"If you want to recapture your youth, just cut off his allowance\" Al Bernstein', '2018-07-04 11:30:52'),
+(17, 'mechanic7', 'Comical Quotes', '\"Technological progress has merely provided us with a more efficient means for going backwards\" Aldous Huxley', '2018-07-04 15:01:34'),
+(28, 'lilythepink', 'Wise Quotes', '\"Real knowledge is to know the extent of one\'s ignorance\" Confucius', '2018-07-06 11:51:21'),
+(29, 'mechanic7', 'Wise Quotes', '\"It is amazing what you can accomplish if you do not care who gets the credit\" Harry. S. Truman', '2018-07-06 12:03:55');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `members`
+--
+
+CREATE TABLE `members` (
+  `member_id` int(8) UNSIGNED NOT NULL,
+  `user_name` varchar(12) NOT NULL,
+  `email` varchar(60) NOT NULL,
+  `passcode` char(60) NOT NULL,
+  `reg_date` datetime NOT NULL,
+  `member_level` tinyint(2) NOT NULL,
+  `secret` varchar(60) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `members`
+--
+
+INSERT INTO `members` (`member_id`, `user_name`, `email`, `passcode`, `reg_date`, `member_level`, `secret`) VALUES
+(12, 'lilythepink', 'jsmith@myisp.co.uk', '$2y$10$y7YdhjpOmI/WM.5sRWpl/eIwWgQ2rt/LgYtuwvOEvUYSQ3325RBGu', '2018-07-15 18:13:34', 0, 'Pink'),
+(13, 'giantstep12', 'ndean@myisp.co.uk', '$2y$10$cSE3uN9aLvzveWrWkarPYuYUxWmO43/OKN2awxuw2FEnN03c/mmSi', '2018-07-15 18:15:16', 0, 'Giant'),
+(14, 'mechanic7', 'jdoe@myisp.co.uk', '$2y$10$6AoLBfB0h.1ZSGDHZM8arudM8v2gk5WrfJOMVfP8rZlQbbwGCASrW', '2018-07-15 18:16:59', 0, 'Mec'),
+(15, 'skivvy', 'jsmith@outcook.com', '$2y$10$5pZlgtkITlxjH/f4M4.Mtu4hmT8xCbLGcbJtYjLYygERoD0Bp/XNe', '2018-07-15 18:18:05', 0, 'Ski'),
+(16, 'mythking', 'arthur@myisp.net', '$2y$10$CYZRmHngilpb7RLohommce7qk7VDs5ezfogjztGkhN0Ai7hH.D4lO', '2018-07-15 18:19:13', 0, 'King');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `forum`
+--
+ALTER TABLE `forum`
+  ADD PRIMARY KEY (`post_id`);
+ALTER TABLE `forum` ADD FULLTEXT KEY `message` (`message`);
+
+--
+-- Indexes for table `members`
+--
+ALTER TABLE `members`
+  ADD PRIMARY KEY (`member_id`),
+  ADD UNIQUE KEY `uname` (`user_name`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `forum`
+--
+ALTER TABLE `forum`
+  MODIFY `post_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=35;
+
+--
+-- AUTO_INCREMENT for table `members`
+--
+ALTER TABLE `members`
+  MODIFY `member_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=19;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch10/msgboarddb/mysqli_connect.php b/Ch10/msgboarddb/mysqli_connect.php
new file mode 100644
index 0000000..8910142
--- /dev/null
+++ b/Ch10/msgboarddb/mysqli_connect.php
@@ -0,0 +1,12 @@
+<?php
+// Create a connection to the msgboarddb database and to MySQL
+// Set the encoding to utf-8
+// Set the database access details as constants
+DEFINE ('DB_USER', 'brunel');
+DEFINE ('DB_PASSWORD', 'tra1lblaz3r');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'msgboarddb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
\ No newline at end of file
diff --git a/Ch10/msgboarddb/post.php b/Ch10/msgboarddb/post.php
new file mode 100644
index 0000000..634dfa3
--- /dev/null
+++ b/Ch10/msgboarddb/post.php
@@ -0,0 +1,95 @@
+<?php
+// Start the session.
+session_start() ;
+// Redirect if not logged in.
+if ( !isset( $_SESSION[ 'member_id' ] ) )
+{ header("Location: login.php");
+exit(); }
+$menu = 8;
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Post A Quote Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <script src='https://www.google.com/recaptcha/api.js'></script>   
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-10" style="padding-top: 20px;">
+<h4 class="text-center">Post a Quotation</h4>
+<!-- Display the form fields-->
+<form id="post_form" action="process_post.php" method="post" accept-charset="utf-8"  >
+<div class="form-group row">
+      <label for="question" class="col-sm-4 col-form-label text-right">
+	  Choose the Subject*:</label>
+	  <div class="col-sm-8">
+      <select id="subject" name="subject" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Comic Quotes">Comic Quotes</option>
+	<option value="Wise Quotes">Wise Quotes</option>
+	</select>
+	</div>
+	</div>
+<div class="form-group row">
+    <label for="" class="col-sm-4 col-form-label text-right"></label>
+<div class="col-sm-8 text-center">
+    <label for="message">Please enter your quote below</label>
+    <textarea class="form-control" id="message" name="message" rows="5" cols="50"
+	value=
+		"<?php if (isset($_POST['message'])) 
+		echo htmlspecialchars($_POST['message'], ENT_QUOTES); ?>" >
+	</textarea>
+  </div>
+ </div>	
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="g-recaptcha" style="margin-left: 90px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-3 col-form-label"></label>
+    <div class="col-sm-8 text-center" style="padding-left: 40px;">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Submit">
+    </div>
+	</div>
+</form>
+</div>
+<!--posting an entry into the database table automaticlally sends a message to the forum moderator 
+// Assign the subject-->
+<!--<?php
+$subject = "Posting added to message board";
+$member = isset($_SESSION['user_name']) ? $_SESSION['user_name'] : "";
+$body = "Posting added by " . $member;
+mail("admin@myisp.co.uk", $subject, $body, "From:admin@myisp.co.uk\r\n");
+?>-->
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/post_thanks.php b/Ch10/msgboarddb/post_thanks.php
new file mode 100644
index 0000000..ce093fd
--- /dev/null
+++ b/Ch10/msgboarddb/post_thanks.php
@@ -0,0 +1,41 @@
+<?php
+$menu = 2;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Thank You Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<h4 class="text-center">Thank you for Adding A Post.</h4>
+<h5 class="text-center">Click on the Home Page to add or view more posts.</h5>
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/process-login.php b/Ch10/msgboarddb/process-login.php
new file mode 100644
index 0000000..5e355b0
--- /dev/null
+++ b/Ch10/msgboarddb/process-login.php
@@ -0,0 +1,103 @@
+<?php 
+define('ERROR_LOG',"errors.log");
+// This section processes submissions from the login form
+// Check if the form has been submitted:
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    //connect to database
+try {
+    require ('mysqli_connect.php');
+// Check that user name has been entered				
+  $user_name = filter_var( $_POST['user_name'], FILTER_SANITIZE_STRING);	
+	if  ((empty($user_name))
+			|| (strlen($user_name > 30))) {
+		$errors[] = 'You forgot to enter your User ID';
+		$errors[] = ' or the User ID format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password = filter_var( $_POST['passcode'], FILTER_SANITIZE_STRING);
+//$string_length = strlen($password);		
+if (empty($password)){  
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+}
+}	
+   if (empty($errors)) { // If everything's OK.       
+// Retrieve the user_id, psword, first_name and user_level for that
+// email/password combination
+ $query = "SELECT member_id, passcode, user_name FROM members ";
+ $query .= "WHERE user_name=?";
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $user_name); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) == 1) {
+//if one database row (record) matches the input:-
+// Start the session, fetch the record and insert the 
+// values in an array 
+if (password_verify($password, $row[1])) {       
+session_start();								
+// Ensure that the user level is an integer. 
+ $_SESSION[ 'member_id' ] = $row[0];
+ $_SESSION[ 'user_name' ] = $row[2] ;
+    header ( 'Location: forum.php' ) ;
+} else { // No password match was made.
+$errors[] = 'User ID/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} else { // No e-mail match was made.
+$errors[] = 'User ID/Password entered does not match our records. ';
+$errors[] = 'Perhaps you need to register, just click the Register ';
+$errors[] = 'button on the header menu';
+}
+} 
+if (!empty($errors)) {                     
+		$errorstring = "Error! <br /> The following error(s) occurred:<br>";
+		foreach ($errors as $msg) { // Print each error.
+			$errorstring .= " $msg<br>\n";
+		}
+		$errorstring .= "Please try again.<br>";
+		}// End of if (!empty($errors)) IF.
+
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+} // no else to allow user to enter values
+?>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/process-register-page.php b/Ch10/msgboarddb/process-register-page.php
new file mode 100644
index 0000000..3ee75b5
--- /dev/null
+++ b/Ch10/msgboarddb/process-register-page.php
@@ -0,0 +1,129 @@
+<?php
+define("ERROR_LOG","errors.log");
+// Has the form been submitted?
+try {
+require ('mysqli_connect.php'); // Connect to the database
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+// Trim the first name
+   $user_name = filter_var( $_POST['user_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($user_name)) && (preg_match('/[a-z0-9\s]/i',$user_name)) &&
+		(strlen($user_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $user_nametrim = $user_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}						
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);
+$string_length = strlen($password1trim);		
+if (empty($password1trim)){   //                                            
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password1trim)) {  //                        #8
+$errors[] = 'Invalid password, 8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+$password2trim = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);	
+if($password1trim === $password2trim) { //                                 
+$password = $password1trim;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+}
+//Is the secret present? If it is, sanitize it
+$secret = filter_var( $_POST['secret'], FILTER_SANITIZE_STRING);		
+if ((!empty($secret)) && (preg_match('/[a-z\.\s\,\-]/i', $secret)) &&
+  (strlen($secret) <= 30)) {					
+	//Sanitize the trimmed city	
+	$secrettrim = $secret;					
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT user_name FROM members WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $emailtrim);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+	
+	// Register the user in the database...
+	$query = "INSERT INTO members (member_id, user_name, email, passcode, secret, reg_date) "; 
+    $query .= "VALUES(' ', ?, ?, ?, ?, NOW() )"; 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'ssss', $user_nametrim, $emailtrim, $hashed_password, $secrettrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+	header ("location: register-thanks.php"); 					
+	} else {
+	// echo 'Invalid query:' . $dbcon->error; 
+    $errorstring = "System is busy, please try later";
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+	}
+	}else{//The email address is already registered                         
+    $errorstring = 'The email address is already registered.';
+	echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+$errorstring = 'Error! The following error(s) occurred: ';
+foreach ($errors as $msg) { // Print each error.				
+$errorstring .= " - $msg<br>\n";
+    }
+$errorstring .= 'Please try again.';
+echo "<p class=' text-center col-sm-2' style='color:red'>$errorstring</p>";
+    }// End of if (empty($errors)) IF.
+}
+catch(Exception $e) // We finally handle any problems here                
+   {
+	      // print "An Exception occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+   //  $date = date(‘m.d.y h:i:s’);
+   //  $errormessage = $e->getMessage();
+   //  $eMessage = $date . “ | Exception Error | “ , $errormessage . |\n”;
+  //   error_log($eMessage,3,ERROR_LOG);
+     // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Exception Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Exception Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+   catch(Error $e)
+   {
+           // print "An Error occurred. Message: " . $e->getMessage();
+     print "The system is busy please try later";
+    // $date = date(‘m.d.y h:i:s’);
+    // $errormessage = $e->getMessage();
+    // $eMessage = $date . “ | Error | “ , $errormessage . |\n”;
+    // error_log($eMessage,3,ERROR_LOG);
+    // // e-mail support person to alert there is a problem
+   //  error_log(“Date/Time: $date – Error, Check error log for
+//details”, 1, noone@helpme.com, “Subject: Error \nFrom: Error Log <errorlog@helpme.com>” . “\r\n”);
+
+   }
+?>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/process_post.php b/Ch10/msgboarddb/process_post.php
new file mode 100644
index 0000000..9707222
--- /dev/null
+++ b/Ch10/msgboarddb/process_post.php
@@ -0,0 +1,51 @@
+<?php 
+// Start the session.
+session_start() ;
+// Redirect if not logged in.
+if ( !isset( $_SESSION[ 'member_id' ] ) )
+{ header("Location: login.php");
+exit(); }
+//Connect to the database
+require ( 'mysqli_connect.php' ) ;
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST')
+{
+// Check that the user has entered a subject and a message
+$subject = filter_var( $_POST['subject'], FILTER_SANITIZE_STRING);
+  if ( empty($subject ) ) { echo 'You forgot to select a subject.'; }
+  
+$comment = filter_var( $_POST['message'], FILTER_SANITIZE_STRING);
+if ((!empty($comment)) && (strlen($comment) <= 480)) {
+	// remove ability to create link in email
+	$patterns = array("/http/", "/https/", "/\:/","/\/\//","/www./");
+	$commenttrim = preg_replace($patterns," ", $comment);	
+	}else{	// if comment not valid display error page
+		echo "You forgot to enter a message";
+}
+// If successful insert the post into the database table
+  if( !empty($commenttrim) && !empty($subject) )
+  {
+ //Make the insert query
+ 
+$query = "INSERT INTO forum (post_id, user_name, subject, message, post_date) "; 
+$query .= "VALUES( ' ', ?, ?, ?, NOW() )"; 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+$user_name = filter_var( $_SESSION['user_name'], FILTER_SANITIZE_STRING);
+mysqli_stmt_bind_param($q, 'sss', $user_name, $subject, $commenttrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {	
+  header ("Location: post_thanks.php");		
+}
+else
+{
+	echo "An Error has occured in loading your posting";
+}
+// Close the database connection
+mysqli_close( $dbcon ) ; 
+    }
+ } 
+?>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/quotes_found.php b/Ch10/msgboarddb/quotes_found.php
new file mode 100644
index 0000000..3f30896
--- /dev/null
+++ b/Ch10/msgboarddb/quotes_found.php
@@ -0,0 +1,84 @@
+<?php
+// Start the session.
+session_start() ;
+// Redirect if not logged in.
+if ( !isset( $_SESSION[ 'member_id' ] ) )
+{ header("Location: login.php");
+exit(); }
+$menu = 4;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Search Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<div id='content'><!--Start of the quotes found page content-->
+<?php
+// Connect to the database
+require ( 'mysqli_connect.php' ) ;
+//if POST is set
+if($_SERVER['REQUEST_METHOD'] == 'POST' ) {
+	$target = filter_var( $_POST['target'], FILTER_SANITIZE_STRING);
+	// Make the full text query                                                              
+	$query = "SELECT user_name,post_date,subject,message FROM forum WHERE ";
+	$query .= "MATCH (message) AGAINST ( ? ) ORDER BY post_date ASC";
+    $q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, $query);
+    // bind $id to SQL Statement
+	mysqli_stmt_bind_param($q, "s", $target); 
+    // execute query 
+    mysqli_stmt_execute($q);
+    $result = mysqli_stmt_get_result($q);
+	if (mysqli_num_rows($result) > 0) {
+		echo '<h4 class="text-center">Full Text Search Results</h2>';
+		?>
+		<table class="table table-responsive table-striped col-sm-12" 
+			style="background: white;color:black; padding-left: 50px;">
+			<tr>
+				<th scope="col">Posted By</th>
+				<th scope="col">Forum</th>
+				<th scope="col">Quotation</th>
+			</tr>	
+		<?php
+		while ( $row = mysqli_fetch_array( $result, MYSQLI_ASSOC ))
+		{
+			$user_name = htmlspecialchars($row['user_name'], ENT_QUOTES);
+			$subject = htmlspecialchars($row['subject'], ENT_QUOTES);
+			$message = htmlspecialchars($row['message'], ENT_QUOTES);
+			echo '<tr>
+				<td scope="row">' . $user_name . '</td>
+				<td scope="row">' . $subject . '</td>
+				<td scope="row">' . $message . '</td>
+				</tr>';  
+		}
+		echo '</table>' ;
+	}
+else { echo '<p class="text-center">There are currently no messages.</p>' ; }
+mysqli_close( $dbcon ) ;
+	}
+?>
+</div><!--End of the quotes found page content.-->
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/register-thanks.php b/Ch10/msgboarddb/register-thanks.php
new file mode 100644
index 0000000..2bdf7df
--- /dev/null
+++ b/Ch10/msgboarddb/register-thanks.php
@@ -0,0 +1,42 @@
+<?php
+$menu = 2;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Thank You Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<h4 class="text-center">Thank you for registering</h4>
+<h5 class="text-center">On the Home Page, you will now be able to login</h5>
+<h5 class="text-center">and add new quotes to the message board.</h5>
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/safer-register-page.php b/Ch10/msgboarddb/safer-register-page.php
new file mode 100644
index 0000000..26d7b83
--- /dev/null
+++ b/Ch10/msgboarddb/safer-register-page.php
@@ -0,0 +1,175 @@
+<?php
+$menu = 2; 
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Register Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+     <script src="verify.js"></script>
+     <script src='https://www.google.com/recaptcha/api.js'></script>   
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"
+padding-right: 5px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<h4 class="text-center">Registration</h4>
+<h4 class="text-center">Items marked with an asterisk * are required</h4>
+<h6 class="text-center"><strong>IMPORTANT:</strong> Do NOT use your real name for the username.</h6>
+<h6 class="text-center"><strong>Terms and conditions:</strong> Your registration and all your messages
+will be immediately deleted </h6>
+<h6 class="text-center">if you post unpleasant, obscene or defamatory messages to the message board.</h6>
+
+<?php
+try {
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                
+ require('process-register-page.php');
+} // End of the main Submit conditional.
+?>
+<div class="col-sm-10">
+<form action="safer-register-page.php" method="post" onsubmit="return checked();"
+name="regform" id="regform">
+<div class="form-group row">
+    <label for="user_name" class="col-sm-4 col-form-label text-right">User Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="user_name" name="user_name" 
+	  pattern="[a-zA-Z0-9][a-zA-Z\s]*" title="Alphabetic, numeric and space only max of 30 characters"
+	  placeholder="User Name" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['user_name'])) 
+		echo htmlspecialchars($_POST['user_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	   value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	   value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+      <label for="question" class="col-sm-4 col-form-label text-right">
+	  Secret Question*:</label>
+	  <div class="col-sm-8">
+      <select id="question" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Maiden">Mother's Maiden Name</option>
+	<option value="Pet">Pet's Name</option>
+	<option value="School">High School</option>
+	<option value="Vacation">Favorite Vacation Spot</option>
+	</select>
+	</div>
+	</div>  
+	<div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Answer*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Secret Answer" maxlength="30" required
+	   value=
+		"<?php if (isset($_POST['secret'])) 
+		echo htmlspecialchars($_POST['secret'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8" style="padding-left: 80px;">
+  <div class="float-left g-recaptcha" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-3 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Register">
+    </div>
+	</div>
+	</form>
+</div>
+</div>
+</div>
+<!-- Footer Section -->
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; padding-left: 0px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+<?php
+  }
+catch(Exception $e) // We finally handle any problems here                
+   {
+// print "An Exception occurred. Message: " . $e->getMessage();
+   	print "The system is busy please try later";
+   	//  $date = date('m.d.y h:i:s');
+   	//  $errormessage = $e->getMessage();
+   	//  $eMessage = $date . " | Exception Error | " , $errormessage . |\n";
+  	//   error_log($eMessage,3,ERROR_LOG);
+// e-mail support person to alert there is a problem
+   	//  error_log("Date/Time: $date – Exception Error, Check error log for
+//details", 1, noone@helpme.com, "Subject: Exception Error \nFrom:
+// Error Log <errorlog@helpme.com>" . "\r\n");
+   }
+   catch(Error $e)
+   {
+    	// print "An Error occurred. Message: " . $e->getMessage();
+     	print "The system is busy please try later";
+    	// $date = date('m.d.y h:i:s');
+    	// $errormessage = $e->getMessage();
+    	// $eMessage = $date . " | Error | " , $errormessage . |\n";
+    	// error_log($eMessage,3,ERROR_LOG);
+    	// e-mail support person to alert there is a problem
+   	//  error_log("Date/Time: $date – Error, Check error log for
+//details", 1, noone@helpme.com, "Subject: Error \nFrom: Error Log
+// <errorlog@helpme.com>" . "\r\n");
+   }
+ ?>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/search.php b/Ch10/msgboarddb/search.php
new file mode 100644
index 0000000..d0b3f1f
--- /dev/null
+++ b/Ch10/msgboarddb/search.php
@@ -0,0 +1,64 @@
+<?php
+// Start the session.
+session_start() ;
+// Redirect if not logged in.
+if ( !isset( $_SESSION[ 'member_id' ] ) )
+{ header("Location: login.php");
+exit(); }
+$menu = 6;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Search Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="msgboard.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12">
+<h3 class="text-center">Search for a word or phrase in the quotes</h3>
+<form id="search" action="quotes_found.php" method="post">
+<div class="form-group row">
+    <label for="target" class="col-sm-4 col-form-label text-right">Enter a word or phrase:</label>
+    <div class="col-sm-4">
+      <input type="text" class="form-control" id="target" name="target" 
+	  placeholder="Word or Phrase" maxlength="60" size="40" required
+	   value=
+		"<?php if (isset($_POST['target'])) 
+		echo htmlspecialchars($_POST['target'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+	<label for="" class="col-sm-2 col-form-label"></label>
+    <div class="col-sm-8 text-center">
+	<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Search">
+    </div>
+	</div>
+</form>
+</div>
+</div>
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch10/msgboarddb/verify.js b/Ch10/msgboarddb/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch10/msgboarddb/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch10/msgboarddb/view_posts.php b/Ch10/msgboarddb/view_posts.php
new file mode 100644
index 0000000..810a257
--- /dev/null
+++ b/Ch10/msgboarddb/view_posts.php
@@ -0,0 +1,82 @@
+<?php
+// Start the session.
+session_start() ;
+// Redirect if not logged in.
+if ( !isset( $_SESSION[ 'member_id' ] ) )
+{ header("Location: login.php");
+exit(); }
+$menu = 7;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Postings Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+  <link rel="stylesheet" type="text/css" href="birds.css">
+</head>
+<body>
+<div class="container" style="margin-top:30px;border: 2px black solid;">
+<!-- Header Section -->
+<header class="jumbotron text-center row" id="includeheader"
+style="margin-bottom:2px; background:linear-gradient(#0073e6, white); padding:10px;"> 
+  <?php include('includes/header.php'); ?>
+</header>
+<div id='content'><!--Start of the quotes found page content-->
+<?php
+// Connect to the database
+require ( 'mysqli_connect.php' ) ;
+	$user_name = filter_var( $_SESSION['user_name'], FILTER_SANITIZE_STRING);
+	// Make the full text query                                                              
+	$query = "SELECT user_name,post_date,subject,message FROM forum WHERE user_name = ? ";
+	$query .= "ORDER BY post_date ASC";
+    $q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, $query);
+    // bind $id to SQL Statement
+	mysqli_stmt_bind_param($q, "s", $user_name); 
+    // execute query 
+    mysqli_stmt_execute($q);
+    $result = mysqli_stmt_get_result($q);
+	if (mysqli_num_rows($result) > 0) {
+		echo '<h4 class="text-center">Your Postings</h4>';
+		?>
+		<table class="table table-responsive table-striped col-sm-12" 
+			style="background: white;color:black; padding-left: 40px;">
+			<tr>
+				<th scope="col">Posted By</th>
+				<th scope="col">Forum</th>
+				<th scope="col">Quotation</th>
+			</tr>	
+		<?php
+		while ( $row = mysqli_fetch_array( $result, MYSQLI_ASSOC ))
+		{
+			$user_name = htmlspecialchars($row['user_name'], ENT_QUOTES);
+			$post_date = htmlspecialchars($row['post_date'], ENT_QUOTES);
+			$subject = htmlspecialchars($row['subject'], ENT_QUOTES);
+			$message = htmlspecialchars($row['message'], ENT_QUOTES);
+			echo '<tr>
+				<td scope="row">' . $user_name . " " . $post_date . '</td>
+				<td scope="row">' . $subject . '</td>
+				<td scope="row">' . $message . '</td>
+				</tr>';  
+		}
+		echo '</table>' ;
+	}
+else { echo '<p class="text-center">There are currently no messages.</p>' ; }
+mysqli_close( $dbcon ) ;
+?>
+</div><!--End of the quotes found page content.-->
+<footer class="jumbotron row mx-auto" id="includefooter"
+style="padding-bottom:1px; margin: 0px; padding-top:8px; background-color:white;">
+<div class="col-sm-12 text-center">
+  <?php include('includes/footer.php'); ?>
+  </div>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/added.php b/Ch11/Customcart/added.php
new file mode 100644
index 0000000..467cbe8
--- /dev/null
+++ b/Ch11/Customcart/added.php
@@ -0,0 +1,77 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>The confirmation page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+p, h3 { text-align:center;}
+</style> 
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_found_pics_cart.inc'); ?>
+</header>
+<div id="content"><!--Start of confirmation page-->
+<p>
+<?php
+if ( isset( $_GET['id'] ) ) { $id = $_GET['id'] ; }
+// Connect to the database
+try {
+require ( 'mysqli_connect.php' ) ;
+// Get selected painting data from the  'art' table 
+        $query = "SELECT * FROM art ";
+		$query .= "WHERE art_id = ? ";		
+		$q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "s", $id); 
+       // execute query 
+        mysqli_stmt_execute($q);
+       $result = mysqli_stmt_get_result($q);
+       $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+       if (mysqli_num_rows($result) == 1) {
+ // If the cart already contains one of those products
+  if ( isset( $_SESSION['cart'][$id] ) )
+  { 
+    // Add another one of those paintings
+    $_SESSION['cart'][$id]['quantity']++; 
+    echo '<h3>Another one of those paintings has been added to your cart</h3>';
+  } 
+  else
+  {
+    // Add a different painting
+    $_SESSION['cart'][$id]= array ( 'quantity' => 1, 'price' => $row['price'] ) ;
+    echo '<h3>A painting has been added to your cart</h3>' ;
+  }
+}
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+// Close the database connection
+mysqli_close($dbcon);
+// Insert three lnks
+echo '<p><a href="found_pics_cart.php">Continue Shopping</a> | <a href="checkout.php">Checkout</a></p>' ;
+?>
+<footer>
+<?php include("includes/footer.inc"); ?>
+</footer>
+</div><!--End of confirmation page content-->
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/added1.php b/Ch11/Customcart/added1.php
new file mode 100644
index 0000000..1624440
--- /dev/null
+++ b/Ch11/Customcart/added1.php
@@ -0,0 +1,89 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+?>
+
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto"
+style="width:90%; height:auto; background:#95b522; margin-bottom: 0px; padding:0px;"> 
+<?php include('includes/header_found_pics_cart1.php'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row mx-auto" style="padding-left: 0px;margin-top: -17px; width: 90%; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<div id="content"><!--Start of confirmation page-->
+<p>
+<?php
+if ( isset( $_GET['id'] ) ) { $id = $_GET['id'] ; }
+// Connect to the database
+try {
+require ( 'mysqli_connect.php' ) ;
+// Get selected painting data from the  'art' table 
+        $query = "SELECT * FROM art ";
+		$query .= "WHERE art_id = ? ";		
+		$q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "s", $id); 
+       // execute query 
+        mysqli_stmt_execute($q);
+       $result = mysqli_stmt_get_result($q);
+       $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+       if (mysqli_num_rows($result) == 1) {
+ // If the cart already contains one of those products
+  if ( isset( $_SESSION['cart'][$id] ) )
+  { 
+    // Add another one of those paintings
+    $_SESSION['cart'][$id]['quantity']++; 
+    echo '<h3>Another one of those paintings has been added to your cart</h3>';
+  } 
+  else
+  {
+    // Add a different painting
+    $_SESSION['cart'][$id]= array ( 'quantity' => 1, 'price' => $row['price'] ) ;
+    echo '<h3>A painting has been added to your cart</h3>' ;
+  }
+}
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+// Close the database connection
+mysqli_close($dbcon);
+// Insert three lnks
+echo '<p><a href="found_pics_cart.php">Continue Shopping</a> | <a href="checkout.php">Checkout</a></p>' ;
+?>
+<footer>
+<?php include("includes/footer.inc"); ?>
+</footer>
+</div>
+</div><!--End of confirmation page content-->
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/admin_add_painting.php b/Ch11/Customcart/admin_add_painting.php
new file mode 100644
index 0000000..ad43dfa
--- /dev/null
+++ b/Ch11/Customcart/admin_add_painting.php
@@ -0,0 +1,193 @@
+<?php                                                                                     
+session_start();
+// Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto"
+style="width:90%; height:auto; background:#95b522; margin-bottom: 0px; padding:0px;"> 
+<?php include('includes/header_add_painting.inc'); ?>
+</header>
+<!-- Body Section -->
+  <div class="row mx-auto" style="padding-left: 0px;margin-top: -17px; width: 90%; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+	<div id="content"><!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array(); // Start an array to contain the error messages 
+// Check if a thumbnail url has been entered
+	if (empty($_POST['thumb'])) {
+				$errors[] = 'You forgot to enter the thumbnail url';
+	} else {
+		$thumb = ($_POST['thumb']);
+	}
+// Check for a type
+	if (empty($_POST['type'])) {
+		$errors[] = 'You forgot to enter the type of painting';
+	} else {
+		$type = trim($_POST['type']);
+	}
+// Has a price been entered?	
+if (empty($_POST['price'])){
+$errors[] ='You forgot to enter the price.' ;
+}
+elseif (!empty($_POST['price'])) {			
+//Remove unwanted characters and use regex to ensure that the remaining characters are digits
+$price = preg_replace('/\D+/', '', ($_POST['price']));
+}
+// Has the medium been entered?
+	if (empty($_POST['medium'])) {
+				$errors[] = 'You forgot to enter the medium';
+	} else {
+		$medium = ($_POST['medium']);
+	}
+
+	// Has the artist been entered?
+	if (empty($_POST['artist'])) {
+				$errors[] = 'You forgot to enter the artist';
+	} else {
+		$artist = ($_POST['artist']);
+	}
+// Has a brief description been entered?
+	if (empty($_POST['mini_descr'])) {
+			 $errors[] = 'You forgot to enter the brief description';
+	} else{
+	 $mini_descr = strip_tags($_POST['mini_descr']);
+	 }
+	 // Has the PPcode been entered?
+	if (empty($_POST['ppcode'])) {
+			 $errors[] = 'You forgot to enter the PayPal code';
+	} else{
+	 $ppcode = ($_POST['ppcode']);
+	 }
+if (empty($errors)) { // If no errors were encountered
+	// Register the painting in the database
+try {
+		require ('mysqli_connect.php'); // Connect to the database
+		// Make the query:'
+		
+	$query = "INSERT INTO art (art_id, thumb, type, medium, artist, mini_descr, price)"; 
+    $query .= "VALUES ";
+	$query .= "(' ', ?,?,?,?,?,?)"; 
+    $q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 'sssssss', $thumb, $type, $medium, $artist, $mini_descr, $price );
+    // execute query
+    mysqli_stmt_execute($q);
+    if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2>The painting was successfully registered</h2><br>';
+		} else { // If it was not registered
+		// Error message:
+			echo '<h2>System Error</h2>
+			<p class="error">The painting could not be added due to a system error. We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+	} else { // Display the errors.
+		echo '<h2>Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Print each error.
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h3>Please try again.</h3><p><br></p>';
+		}// End of if (empty($errors))
+} // End of the main Submit conditionals
+?>
+<div id="rightcol">
+<nav>
+<?php include('includes/menu.inc'); ?>
+</nav>
+</div>
+<h2>Add a Painting</h2>
+<form  action="admin_add_painting.php" method="post">
+<p><label class="label" for="thumb"><b>Thumbnail:</b></label>
+<input id="thumb" type="text" name="thumb" size="45" maxlength="45" 
+value="<?php if (isset($_POST['thumb'])) echo $_POST['thumb']; ?>">
+</p>
+<p><label class="label"><b>Type:</b></label>	
+<select name="type" >
+	<option value="">- Select -</option>
+	<option value="Still-life">Still Life</option>
+	<option value="Nature">Nature</option>
+	<option value="Abstract">Abstract</option>
+	</select><br>
+<p><label class="label"><b>Medium:</b></label>
+<select name="medium" >
+	<option value="">- Select -</option>
+	<option value="Oil-painting">Oil Painting</option>
+	<option value="Colored-etching">Colored Etching</option>
+</select><br>
+		<p><label class="label"><b>Artist:</b></label>
+        <select name="artist" >
+	    <option value="">- Select -</option>
+		<?php
+require ('mysqli_connect.php'); // Connect to the database
+		$q = "SELECT first_name, middle_name, last_name FROM artists";		
+		$result = mysqli_query ($dbcon, $q); // Run the query.
+        while ($row = mysqli_fetch_assoc($result)) {
+			$value = $row['first_name'] . "-" . $row['middle_name'] . "-" . $row['last_name'];
+		    $display = $row['first_name'] . " " . $row['middle_name'] . " " . $row['last_name'];
+            echo "<option value='$value'>$display</option>";
+        }	
+		?>
+</select><br>
+<p><label class="label"><b>Brief Description:</b></label>
+<textarea name="mini_descr" rows="3" cols="40"></textarea></p>
+<p><label class="label" for="ppcode"><b>PayPal Code:</b></label>
+<input id="ppcode" type="text" name="ppcode" size="45" maxlength="45" 
+value="<?php if (isset($_POST['ppcode'])) echo $_POST['ppcode']; ?>">
+</p>
+<p><label class="label" for="price"><b>Price:</b></label>
+<input id="price" type="text" name="price" size="15" maxlength="15" 
+value="<?php if (isset($_POST['price'])) echo $_POST['price']; ?>">Figures only, no &pound;s, $s or commas
+	<p><input id="submit" type="submit" name="submit" value="Add"></p>
+</form><!--End of the add a painting content-->
+<div>
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/admin_add_painting1.php b/Ch11/Customcart/admin_add_painting1.php
new file mode 100644
index 0000000..db9e07d
--- /dev/null
+++ b/Ch11/Customcart/admin_add_painting1.php
@@ -0,0 +1,131 @@
+<?php                                                                                     
+//session_start();
+// Data from valid source?
+//if (!isset($_SESSION['user_id']))
+//{ header("Location: index.php");
+//exit();
+//} else {
+//if (($_SESSION['user_level'] != 1))
+//{ header("Location: index.php");
+//exit();
+//}}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto"
+style="width:90%; height:auto; background:#95b522; margin-bottom: 0px; padding:0px;"> 
+<?php include('includes/header_add_painting1.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" style="background-color:transparent; border:10px white solid; color: white; width: 90%; ">
+  <div class="row mx-auto" style="padding-left: 0px; width: 90%; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-10 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require('process_add_painting.php'); }
+?>
+<h2>Add a Painting</h2>
+<form  action="admin_add_painting1.php" method="post">
+<div class="form-group row">
+    <label for="thumb" class="col-sm-4 col-form-label">Thumbnail:</label>
+    <div class="col-sm-6">
+      <input type="text" class="form-control" id="thumb" name="thumb" 
+	  placeholder="Thumbnail Address" maxlength="45" required
+	  value="<?php if (isset($_POST['thumb'])) echo $_POST['thumb']; ?>" >
+    </div>
+  </div>
+     <div class="form-group row">
+      <label for="type" class="col-sm-4 col-form-label">Type:</label>
+	  <div class="col-sm-6">
+      <select id="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Still Life</option>
+	<option value="Nature">Nature</option>
+	<option value="Abstract">Abstract</option>
+	</select>
+	</div>
+	</div>
+	  <div class="form-group row">
+      <label for="medium" class="col-sm-4 col-form-label">Medium:</label>
+	  <div class="col-sm-6">
+      <select id="medium" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Oil-painting">Oil Painting</option>
+	<option value="Colored-etching">Colored Etching</option>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+      <label for="artist" class="col-sm-4 col-form-label">Artist:</label>
+	  <div class="col-sm-6">
+      <select id="srtist" class="form-control">
+        <option selected value="">- Select -</option>
+		<?php
+require ('mysqli_connect.php'); // Connect to the database
+		$q = "SELECT first_name, middle_name, last_name FROM artists";		
+		$result = mysqli_query ($dbcon, $q); // Run the query.
+        while ($row = mysqli_fetch_assoc($result)) {
+			$value = $row['first_name'] . "-" . $row['middle_name'] . "-" . $row['last_name'];
+		    $display = $row['first_name'] . " " . $row['middle_name'] . " " . $row['last_name'];
+            echo "<option value='$value'>$display</option>";
+        }	
+		?>
+</select></div></div>
+<div class="form-group row">
+    <label for="mini_descr" class="col-sm-4 col-form-label">Brief Description:</label>
+	<div class="col-sm-6">
+    <textarea class="form-control" id="mini_descr" rows="3"></textarea>
+  </div>
+  </div>
+<div class="form-group row">
+    <label for="ppcode" class="col-sm-4 col-form-label">PayPal Code:</label>
+    <div class="col-sm-6">
+      <input type="text" class="form-control" id="ppcode" name="ppcode" 
+	  placeholder="PayPal Code" maxlength="45"
+	  value="<?php if (isset($_POST['ppcode'])) echo $_POST['ppcode']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="price" class="col-sm-4 col-form-label">Price:</label>
+    <div class="col-sm-6">
+      <input type="text" class="form-control" id="price" name="price" 
+	  placeholder="Price" maxlength="15" required
+	  value="<?php if (isset($_POST['price'])) echo $_POST['price']; ?>" >
+	  Figures only, no &pound;s, $s or commas
+    </div>
+  </div>
+<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Submit">
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-2">
+      <?php include('includes/menu1.php'); ?> 
+	</aside>
+	</div>
+<!-- Footer Content Section -->
+<footer class="jumbotron text-center row"
+style="background:#68CE53; padding: 0px; margin: 0px;">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/admin_form.css b/Ch11/Customcart/admin_form.css
new file mode 100644
index 0000000..b48a509
--- /dev/null
+++ b/Ch11/Customcart/admin_form.css
@@ -0,0 +1,9 @@
+label { width:330px; float:left; text-align:right; }
+select { width:200px; float:left; text-align:right; }
+#submit { width:65px; margin-left:330px; margin-top:-10px; }
+#content h2 { margin-left:-80px; top: 0px; width: 300px; }
+input { margin-bottom:5px; }
+#content h3 { text-align:center; width: 350px; margin-left:240px; }
+html { height:100%; }
+body { background:linear-gradient(green, #9ff781); height:100%;
+}
diff --git a/Ch11/Customcart/admin_page.css b/Ch11/Customcart/admin_page.css
new file mode 100644
index 0000000..8439fde
--- /dev/null
+++ b/Ch11/Customcart/admin_page.css
@@ -0,0 +1,13 @@
+#header-button {
+	position:absolute; top:10px;
+}
+#content h2 { margin-left:-220px; width:550px; }
+#content h2.main_title { margin-left:-20px; width:250px; }
+ul { margin-top:0; }
+ul li { height:30px; }
+p { margin-bottom:-5px; width:600px; }
+form { 	margin-left:180px; }
+#submit {margin-top:0; margin-left:215px; }
+.cntr {	text-align:center;}
+p.error { color:red; font-size:105%; font-weight:bold; text-align:center;}
+footer { margin-left:150px; }
\ No newline at end of file
diff --git a/Ch11/Customcart/admin_page.php b/Ch11/Customcart/admin_page.php
new file mode 100644
index 0000000..5673a59
--- /dev/null
+++ b/Ch11/Customcart/admin_page.php
@@ -0,0 +1,124 @@
+<?php                                                                                     
+session_start();
+// Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>Admin and add artist page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+#content h2 { margin-left:-220px; width:550px; }
+#content h2.main_title { margin-left:-20px; width:250px; }
+ul { margin-top:0; }
+ul li { height:30px; }
+p { margin-bottom:-5px; width:600px; }
+form { 	margin-left:180px; }
+#submit {margin-top:0; margin-left:215px; }
+.cntr {	text-align:center;}
+p.error { color:red; font-size:105%; font-weight:bold; text-align:center;}
+footer { margin-left:150px; }
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_admin.inc'); ?>
+</header>
+<div id="content"><!-- Start of admin page content. -->
+<?php
+// Has the form has been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$errors = array(); // Set an error array.
+// Has an artist's first name been entered?
+    $first_name = trim($_POST['first_name']);
+	if (empty($first_name)) {
+		$errors[] = 'You forgot to enter the artist\'s first name';
+	}
+// Has an artist's middle name been entered?
+    $middle_name = trim($_POST['middle_name']);
+	if (empty($middle_name)) {
+		$errors[] = 'You forgot to enter the artist\'s middle name';
+	} 
+// Has the artist's last name been entered?
+    $last_name = trim($_POST['last_name']);
+	if (empty($last_name)) {
+		$errors[] = 'You forgot to enter the artist\'s last name';
+	} 
+if (empty($errors)) { // If the wuery ran OK
+	// Register the artist in the database
+	
+	try {
+		require ('mysqli_connect.php'); // Connect to the db.
+		// Make the query:
+		$query = "INSERT INTO artists (artist_id, first_name, middle_name, last_name) ";
+        $query .= "VALUES ";
+	    $query .= "(' ',?,?,?)"; 
+        $q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'sss', $first_name, $middle_name, $last_name);
+        // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2>The artist was successfully added. Add another one?</h2><br>';
+		} else { // If the query failed to run
+		// Message:
+			echo '<h2>System Error</h2>
+			<p class="error">The artist could not be added due to a system error. We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}
+catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+	} else { // Display any errors
+		echo '<h2>Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Dispaly any errors
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h3>Please try again.</h3><p><br></p>';
+		}// End of if error checks
+} // End of the conditionals
+?>
+<div id="rightcol">
+<nav>
+<?php include('includes/menu.inc'); ?>
+</nav>
+</div>
+<h2 class="main_title">Add an Artist</h2>
+<h3 class="cntr">If the artist uses only one name (e.g., Picasso) enter it as the last name</h3> 
+<form  action="admin_page.php" method="post">
+<p><label class="label" for="first_name"><b>Artist's First Name:</b></label><input id="first_name" type="text" name="first_name" size="30" maxlength="30" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>">
+<p><label class="label" for="middle_name"><b>Artist's Middle Name:</b></label><input id="middle_name" type="text" name="middle_name" size="30" maxlength="30" value="<?php if (isset($_POST['middle_name'])) echo $_POST['middle_name']; ?>">
+<p><label class="label" for="last_name"><b>Artist's Last Name:</b></label><input id="last_name" type="text" name="last_name" size="30" maxlength="30"required value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>">
+<br>
+<p><input id="submit" type="submit" name="submit" value="Add"></p>
+</form><!-- End of the admin page content -->
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer><br></div></div>
+<div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/admin_search.css b/Ch11/Customcart/admin_search.css
new file mode 100644
index 0000000..0120a62
--- /dev/null
+++ b/Ch11/Customcart/admin_search.css
@@ -0,0 +1,7 @@
+h2.center { width:280px; margin-left:-70px; }
+h3 { text-align:center; }
+label { margin-left:150px; width:250px; float:left; text-align:right; }
+#submit { margin-left:398px; }
+html { height:100%; }
+body { background:linear-gradient(green, #9ff781); height:100%;
+}
diff --git a/Ch11/Customcart/cart.php b/Ch11/Customcart/cart.php
new file mode 100644
index 0000000..43218c1
--- /dev/null
+++ b/Ch11/Customcart/cart.php
@@ -0,0 +1,104 @@
+<?php                                                                                     
+session_start();
+// Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>The view cart page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+body { 	margin:auto; }
+p{ text-align:center; }
+table { width:700px; border-collapse:collapse; border:1px black solid; background:white; margin-left:135px;}
+td, th { padding-left:5px; padding-right:5px; text-align:center; }
+#content h3 { text-align:center; font-size:130%; font-weight:bold;}
+#header-button { margin-top:-5px;}
+#submit { margin-left: 425px;
+}
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_found_pics_cart.inc'); ?>
+</header>
+<div id="content"><!--Start of table of cart contents page-->
+<h3>Items currently in your cart</h3>
+<p>
+<?php
+if ( $_SERVER['REQUEST_METHOD'] == 'POST' )
+{
+// If the user changes the quantity then Update the cart
+  foreach ( $_POST['qty'] as $art_id => $item_qty )
+  {
+// Ensure that the id and the quantity are integers
+    $id = (int) $art_id;
+    $qty = (int) $item_qty;
+// If the quantity is set to zero clear the session or else store the changed quantity
+    if ( $qty == 0 ) { unset ($_SESSION['cart'][$id]); } 
+    elseif ( $qty > 0 ) { $_SESSION['cart'][$id]['quantity'] = $qty; }
+  }
+}
+// Set an initial variable for the total cost
+$total = 0; 
+// Display the cart contents
+if (!empty($_SESSION['cart']))
+{
+	try {
+// Connect to the database.
+  require ('mysqli_connect.php');
+// Get the items from the art table and insert them into the cart
+  $q = "SELECT * FROM art WHERE art_id IN (";
+  foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
+  $q = substr( $q, 0, -1 ) . ') ORDER BY art_id ASC';
+  $result = mysqli_query ($dbcon, $q);
+// Create a form and a table
+  echo '<form action="cart.php" method="post">
+  <table><tr>';
+  while ($row = mysqli_fetch_array ($result, MYSQLI_ASSOC))
+  {
+// Calculate the subtotals and the grand total
+    $subtotal = $_SESSION['cart'][$row['art_id']]['quantity'] * $_SESSION['cart'][$row['art_id']]['price'];
+    $total += $subtotal;
+// Display the table
+    echo "<tr> <td>{$row['type']}</td><td>Painting(s)</td> 
+    <td><input type=\"text\" size=\"3\" name=\"qty[{$row['art_id']}]\" value=\"{$_SESSION['cart'][$row['art_id']]['quantity']}\"></td>
+    <td>at {$row['price']} each </td> <td style=\"text-align:right\">".number_format ($subtotal, 2)."</td></tr>";
+  }
+// Close the database connection
+  mysqli_close($dbcon); 
+// Display the total
+  echo ' <tr><td colspan="5" style="text-align:right">Total = '.number_format($total,2).'</td></tr>
+  </table>
+  <input id="submit" type="submit" name="submit" value="Update My Cart"></form>';
+	}
+	catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}
+catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+}
+else
+// Or display a message
+{ echo '<p>Your cart is currently empty.</p>' ; }
+// Create some links
+echo '<p><a href="found_pics_cart.php">Continue Shopping</a> | <a href="checkout.php">Checkout</a>' ;
+?>
+<footer>
+<?php include("includes/footer.inc"); ?>
+</footer>
+</div><!--End of the view cart content-->
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/checkout.php b/Ch11/Customcart/checkout.php
new file mode 100644
index 0000000..23fe671
--- /dev/null
+++ b/Ch11/Customcart/checkout.php
@@ -0,0 +1,93 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>Checkout page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_checkout.inc'); ?>
+</header><div id="content"><!-- Start of the login page content. -->
+<div id="rightcol">
+	<nav>
+	<?php include('includes/menu.inc'); ?>
+	</nav>
+</div>
+<?php
+// Redirect the user if he is not logged in
+if ( !isset( $_SESSION[ 'user_id' ] ) ) { require ( 'login_tools.php' ) ; load() ; }
+// Confirm that the total and cart have been passed to this page
+if ( isset( $_GET['total'] ) && ( $_GET['total'] > 0 ) && (!empty($_SESSION['cart']) ) )
+{
+	try {
+ // Connect to the database
+require ( 'mysqli_connect.php' ) ;
+  // Insert the user's id, the total, and the order date into the orders table
+  
+  $query = "INSERT INTO orders ( user_id, total, order_date ) VALUES ";
+  $query .= "( ?, ?, NOW())";
+ 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'is', $_SESSION['user_id'],$_GET['total']);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {	 
+  $order_id = mysqli_insert_id($dbcon);
+  // Get the selected paintings from the art table
+  $q = "SELECT * FROM art WHERE 'art_id' IN (";
+  foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
+  $q = substr( $q, 0, -1 ) . ') ORDER BY price ASC';
+  $result = mysqli_query ($dbcon, $q);
+// Insert the order contents into the order_contents table
+  while ($row = mysqli_fetch_array ($result, MYSQLI_ASSOC))
+  {
+    $query = "INSERT INTO order_contents ( order_id, art_id, quantity, price )
+    VALUES ( $order_id, ".$row['art_id'].",".$_SESSION['cart'][$row['art_id']]['quantity'].",".$_SESSION['cart'][$row['art_id']]['price'].")" ;
+    $result = mysqli_query($dbcon,$query);
+  }
+  // Close the database connection
+  mysqli_close($dbcon);
+  // Display a thank you message and state the order number
+  echo "<p>Thanks for your order. Your Order Number Is #".$order_id."</p>";
+  // Empty the cart ready for the next customer 
+  $_SESSION['cart'] = NULL;
+}
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+}
+// Display a message
+//else { echo '<h3 class="checkout">The shopping cart has been emptied ready for the next customer.</h3>' ; }
+?>
+<br>
+<div id="thanks">
+<h2>Thank you for your order. Your order number is 1906.</h2>
+</div>
+<h3 class="checkout">The shopping cart has been emptied ready for your next 
+transaction.</h3>
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer>
+</div>
+</div>	
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/added.php b/Ch11/Customcart/customcart/added.php
new file mode 100644
index 0000000..bbec459
--- /dev/null
+++ b/Ch11/Customcart/customcart/added.php
@@ -0,0 +1,100 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+$menu = 2;
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Added to Cart</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px;margin-top: -17px; width: 90%; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<div id="content"><!--Start of added page-->
+<p>
+<?php
+if ( isset( $_GET['id'] ) ) { $id = $_GET['id'] ; }
+// Connect to the database
+try {
+require ( 'mysqli_connect.php' ) ;
+// Get selected painting data from the  'art' table 
+        $query = "SELECT * FROM art ";
+		$query .= "WHERE art_id = ? ";		
+		$q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "i", $id); 
+       // execute query 
+        mysqli_stmt_execute($q);
+       $result = mysqli_stmt_get_result($q);
+       $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+       if (mysqli_num_rows($result) == 1) {
+ // If the cart already contains one of those products
+  if ( isset( $_SESSION['cart'][$id] ) )
+  { 
+    // Add another one of those paintings
+    $_SESSION['cart'][$id]['quantity']++; 
+    echo '<h3>Another one of those paintings has been added to your cart</h3>';
+  } 
+  else
+  {
+    // Add a different painting
+    $_SESSION['cart'][$id]= array ( 'quantity' => 1, 'price' => $row['price'] ) ;
+    echo '<h3>A painting has been added to your cart</h3>' ;
+  }
+}
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Added  | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Added Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Added Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Added | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Added Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Added Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+// Close the database connection
+mysqli_close($dbcon);
+// Insert three lnks
+echo '<p><a href="users_search_page.php">Continue Shopping</a> | <a href="checkout.php">Checkout</a></p>' ;
+?>
+<footer>
+<?php include("includes/footer.php"); ?>
+</footer>
+</div>
+</div><!--End of confirmation page content-->
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/admin_add_artist.php b/Ch11/Customcart/customcart/admin_add_artist.php
new file mode 100644
index 0000000..53f70bd
--- /dev/null
+++ b/Ch11/Customcart/customcart/admin_add_artist.php
@@ -0,0 +1,106 @@
+<?php                                                                                     
+session_start();
+// Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 3;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section --> 
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// Confirm that form has been submitted
+// Has the form has been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require("process_admin_artist.php");
+}
+?>
+<form  action="admin_page.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add an Artist</h2>
+<h5>If the artist uses only one name (e.g., Picasso) enter it as the last name</h5> 
+</div>
+</div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">Artist's First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="Artist's First Name" maxlength="30"
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="middle_name" class="col-sm-4 col-form-label text-right">Artist's Middle Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="middle_name" name="middle_name" 
+	  placeholder="Artist's Middle Name" maxlength="30"
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" title="Alphabetic, period and space only max of 30 characters"
+	  value="<?php if (isset($_POST['middle_name'])) echo $_POST['middle_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Artist's Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Artist's Last Name" maxlength="30" required
+	   pattern="[a-zA-Z][a-zA-Z\s\']*" title="Alphabetic, quote and space only max of 30 characters"
+	  value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+ type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/admin_add_painting.php b/Ch11/Customcart/customcart/admin_add_painting.php
new file mode 100644
index 0000000..2c9a020
--- /dev/null
+++ b/Ch11/Customcart/customcart/admin_add_painting.php
@@ -0,0 +1,139 @@
+<?php                                                                                     
+session_start();
+ //Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 1;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Add a Painting</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require('process_add_painting.php'); }
+?>
+<form  action="admin_add_painting.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add a Painting</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="thumb" class="col-sm-4 col-form-label text-right">Thumbnail:</label>
+    <div class="col-sm-8">
+      <input type="url" class="form-control" id="thumb" name="thumb" 
+	  placeholder="Thumbnail Address" maxlength="50" required
+	  value="<?php if (isset($_POST['thumb'])) echo $_POST['thumb']; ?>" >
+    </div>
+  </div>
+     <div class="form-group row">
+      <label for="type" class="col-sm-4 col-form-label text-right">Type:</label>
+	  <div class="col-sm-8">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Still Life</option>
+	<option value="Nature">Nature</option>
+	<option value="Abstract">Abstract</option>
+	</select>
+	</div>
+	</div>
+	  <div class="form-group row">
+      <label for="medium" class="col-sm-4 col-form-label text-right">Medium:</label>
+	  <div class="col-sm-8">
+      <select id="medium" name="medium" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Oil-painting">Oil Painting</option>
+	<option value="Colored-etching">Colored Etching</option>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+      <label for="artist" class="col-sm-4 col-form-label text-right">Artist:</label>
+	  <div class="col-sm-8">
+      <select id="artist" name="artist" class="form-control">
+        <option selected value="">- Select -</option>
+		<?php
+require ('mysqli_connect.php'); // Connect to the database
+		$q = "SELECT first_name, middle_name, last_name FROM artists";		
+		$result = mysqli_query ($dbcon, $q); // Run the query.
+        while ($row = mysqli_fetch_assoc($result)) {
+			$value = $row['first_name'] . "-" . $row['middle_name'] . "-" . $row['last_name'];
+		    $display = $row['first_name'] . " " . $row['middle_name'] . " " . $row['last_name'];
+            echo "<option value='$value'>$display</option>";
+        }	
+		?>
+</select></div></div>
+<div class="form-group row">
+    <label for="mini_descr" class="col-sm-4 col-form-label text-right">Brief Description:</label>
+	<div class="col-sm-8">
+    <textarea class="form-control" id="mini_descr" name="mini_descr" rows="3" 
+	maxlength="150" required></textarea>
+  </div>
+  </div>
+  <div class="form-group row">
+    <label for="price" class="col-sm-4 col-form-label text-right">Price:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="price" name="price" 
+	  placeholder="Price" maxlength="10" required
+	  value="<?php if (isset($_POST['price'])) echo $_POST['price']; ?>" >
+	  Figures only, no &pound;s, $s or commas
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" 
+	id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/admin_page.php b/Ch11/Customcart/customcart/admin_page.php
new file mode 100644
index 0000000..2c9a020
--- /dev/null
+++ b/Ch11/Customcart/customcart/admin_page.php
@@ -0,0 +1,139 @@
+<?php                                                                                     
+session_start();
+ //Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 1;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Add a Painting</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require('process_add_painting.php'); }
+?>
+<form  action="admin_add_painting.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add a Painting</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="thumb" class="col-sm-4 col-form-label text-right">Thumbnail:</label>
+    <div class="col-sm-8">
+      <input type="url" class="form-control" id="thumb" name="thumb" 
+	  placeholder="Thumbnail Address" maxlength="50" required
+	  value="<?php if (isset($_POST['thumb'])) echo $_POST['thumb']; ?>" >
+    </div>
+  </div>
+     <div class="form-group row">
+      <label for="type" class="col-sm-4 col-form-label text-right">Type:</label>
+	  <div class="col-sm-8">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Still Life</option>
+	<option value="Nature">Nature</option>
+	<option value="Abstract">Abstract</option>
+	</select>
+	</div>
+	</div>
+	  <div class="form-group row">
+      <label for="medium" class="col-sm-4 col-form-label text-right">Medium:</label>
+	  <div class="col-sm-8">
+      <select id="medium" name="medium" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Oil-painting">Oil Painting</option>
+	<option value="Colored-etching">Colored Etching</option>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+      <label for="artist" class="col-sm-4 col-form-label text-right">Artist:</label>
+	  <div class="col-sm-8">
+      <select id="artist" name="artist" class="form-control">
+        <option selected value="">- Select -</option>
+		<?php
+require ('mysqli_connect.php'); // Connect to the database
+		$q = "SELECT first_name, middle_name, last_name FROM artists";		
+		$result = mysqli_query ($dbcon, $q); // Run the query.
+        while ($row = mysqli_fetch_assoc($result)) {
+			$value = $row['first_name'] . "-" . $row['middle_name'] . "-" . $row['last_name'];
+		    $display = $row['first_name'] . " " . $row['middle_name'] . " " . $row['last_name'];
+            echo "<option value='$value'>$display</option>";
+        }	
+		?>
+</select></div></div>
+<div class="form-group row">
+    <label for="mini_descr" class="col-sm-4 col-form-label text-right">Brief Description:</label>
+	<div class="col-sm-8">
+    <textarea class="form-control" id="mini_descr" name="mini_descr" rows="3" 
+	maxlength="150" required></textarea>
+  </div>
+  </div>
+  <div class="form-group row">
+    <label for="price" class="col-sm-4 col-form-label text-right">Price:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="price" name="price" 
+	  placeholder="Price" maxlength="10" required
+	  value="<?php if (isset($_POST['price'])) echo $_POST['price']; ?>" >
+	  Figures only, no &pound;s, $s or commas
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" 
+	id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/cart.php b/Ch11/Customcart/customcart/cart.php
new file mode 100644
index 0000000..dd03ed0
--- /dev/null
+++ b/Ch11/Customcart/customcart/cart.php
@@ -0,0 +1,59 @@
+<?php                                                                                     
+session_start();
+//Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+}
+$menu = 2;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Cart</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of view cart content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+//if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
+	require("process_cart.php");
+//}
+?>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/checkout.php b/Ch11/Customcart/customcart/checkout.php
new file mode 100644
index 0000000..d85c6c9
--- /dev/null
+++ b/Ch11/Customcart/customcart/checkout.php
@@ -0,0 +1,63 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+$menu=10;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<?php
+require("process_checkout.php");
+?>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+
+	<div class="row">
+    <div class="col-sm-2"></div>
+    <div class="col-sm-6">
+<h2>Thank you for your order. Your order number is 
+<?php echo date('YmdHis') . $_SESSION['user_id']; ?>.</h2>
+<h6>The shopping cart has been emptied ready for your next 
+transaction.</h6>
+</div>
+<div class="col-sm-4">
+	<nav>
+	<?php include('includes/menu.php'); ?>
+	</nav>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/customdb.sql b/Ch11/Customcart/customcart/customdb.sql
new file mode 100644
index 0000000..f464c3d
--- /dev/null
+++ b/Ch11/Customcart/customcart/customdb.sql
@@ -0,0 +1,273 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: May 28, 2018 at 08:36 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `customdb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `art`
+--
+
+CREATE TABLE `art` (
+  `art_id` int(8) UNSIGNED NOT NULL,
+  `thumb` varchar(50) NOT NULL,
+  `type` varchar(50) NOT NULL,
+  `price` decimal(6,2) UNSIGNED NOT NULL,
+  `medium` varchar(50) NOT NULL,
+  `artist` varchar(50) NOT NULL,
+  `mini_descr` varchar(150) NOT NULL,
+  `ppcode` text NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `art`
+--
+
+INSERT INTO `art` (`art_id`, `thumb`, `type`, `price`, `medium`, `artist`, `mini_descr`, `ppcode`) VALUES
+(1, '\"images/aw-brown-vessel-thumb.jpg\"', 'Still-life', '60.00', 'Oil-painting', 'Adrian-W-West', 'First exhibited in Coventry City Art Gallery 1968. Painted on durable tempered hardboard.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(2, '\"images/k-copper-kettle-thumb.jpg\"', 'Still-life', '750.00', 'Oil-painting', 'James-Kessell', 'James Kessell (RA and RABA) painted this on tempered hard board for an appreciative audience. It was exhibited at the Birmingham Art Gallery in 1967.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(3, '\"images/aw-white-jug-thumb.jpg\"', 'Still-life', '70.00', 'Oil-painting', 'Adrian-W-West', 'Painted on tempered hardboard in 1968 and exhibited first at Coventry City Art Gallery in the same year.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(4, '\"images/rsb-beer-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Looking back at Beer beach, South East Devon. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(5, '\"images/rsb-blue-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Roger produces excellent etchings of Devon\'s native butterflies. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(6, '\"images/rsb-fritillary-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'The silver washed fritillary is a less common Devon butterfly.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(7, '\"images/rsb-lyme-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Lyme Regis is a popular Devon seaside resort with a spectacular sea wall called the Cobb.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(22, '\"images/rsb-lyme-thumb.jpg\"', 'Landscape', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Lyme Regis is a popular Devon seaside resort with a spectacular sea wall called the Cobb.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(23, '\"images/k-abstract-squares-thumb.jpg\"', 'Abstract', '800.00', 'Oil-painting', 'James-Kessell', 'Composition of squares and circles in tasteful pastel colors. Painted on high quality tempered board.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(21, '\"images/rsb-beer-thumb.jpg\"', 'Landscape', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Looking back at Beer beach, South East Devon. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `artists`
+--
+
+CREATE TABLE `artists` (
+  `artist_id` int(8) UNSIGNED NOT NULL,
+  `first_name` varchar(30) DEFAULT NULL,
+  `middle_name` varchar(30) DEFAULT NULL,
+  `last_name` varchar(30) NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `artists`
+--
+
+INSERT INTO `artists` (`artist_id`, `first_name`, `middle_name`, `last_name`) VALUES
+(1, 'Adrian', 'W', 'West'),
+(2, 'Roger', 'St.', 'Barbe'),
+(3, 'James', '', 'Kessell'),
+(4, 'Charlie', 'S', 'Farnsbarns');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `orders`
+--
+
+CREATE TABLE `orders` (
+  `order_id` int(8) UNSIGNED NOT NULL,
+  `buyer_id` int(8) UNSIGNED NOT NULL,
+  `total_price` decimal(7,2) NOT NULL,
+  `order_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_contents`
+--
+
+CREATE TABLE `order_contents` (
+  `content_id` int(10) UNSIGNED NOT NULL,
+  `order_id` int(10) UNSIGNED NOT NULL,
+  `art_id` int(10) UNSIGNED NOT NULL,
+  `quantity` int(10) UNSIGNED NOT NULL DEFAULT '1',
+  `price` decimal(4,2) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Dumping data for table `order_contents`
+--
+
+INSERT INTO `order_contents` (`content_id`, `order_id`, `art_id`, `quantity`, `price`) VALUES
+(1, 2, 4, 1, '17.99'),
+(2, 3, 4, 1, '17.99'),
+(3, 4, 2, 1, '14.99'),
+(4, 5, 3, 1, '16.99'),
+(5, 6, 1, 1, '19.99'),
+(6, 7, 1, 1, '60.00'),
+(7, 8, 2, 1, '99.99'),
+(8, 15, 1, 1, '60.00'),
+(9, 16, 1, 1, '60.00');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_details`
+--
+
+CREATE TABLE `order_details` (
+  `ord_details_id` int(8) UNSIGNED NOT NULL,
+  `order_id` int(8) UNSIGNED NOT NULL,
+  `art_id` int(8) UNSIGNED NOT NULL,
+  `dispatch_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `user_id` mediumint(6) UNSIGNED NOT NULL,
+  `title` tinytext,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `address1` varchar(50) NOT NULL,
+  `address2` varchar(50) DEFAULT NULL,
+  `city` varchar(50) NOT NULL,
+  `state_country` char(25) NOT NULL,
+  `zcode_pcode` char(10) NOT NULL,
+  `phone` char(15) DEFAULT NULL,
+  `secret` varchar(30) NOT NULL,
+  `user_level` int(1) NOT NULL DEFAULT '0'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`user_id`, `title`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `address1`, `address2`, `city`, `state_country`, `zcode_pcode`, `phone`, `secret`, `user_level`) VALUES
+(1, 'Mr', 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$UiiBhmXca.0/bwopveFq8uInuX.EVrecinUQYQG546WjAWwZLJNoe', '2017-12-06 08:43:41', '4 The Street', 'The Village', 'Townsville', 'USA', 'WA', '0123777888', '', 0),
+(2, 'Mr', 'Jack', 'Smith', 'jsmith@outcook.com', '44fc2837cca3d8994cba9d02d94a15c1fe7b1d66', '2017-12-06 08:47:24', '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(4, 'Ms', 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$5KM8jy5MwHIgfVchsdfE8OvuF1cT2VYqU6mte2CWBw1HjmEv3r.ES', '2017-12-06 12:20:33', '6 The Street', '', 'Townsville', 'UK', 'EX9 9PG', '01234777888', '', 0),
+(5, 'Mr', 'Patrick', 'O\'Hara', 'pohara@myisp.org.uk', '$2y$10$0nmGDVmHdWusgFJRmVZADeL43Y7HCPViBrHj/Z2betxiMdMx5Y2sC', '2017-12-06 12:27:32', '5 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(6, 'Mr', 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$KCQhEftEJouWPfuOOVoRVOECY/oJTluxHRr85fWlz6nsfN4OHtCie', '2017-12-06 17:02:16', '6 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PS', '', '', 0),
+(7, 'Miss', 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$IrQE3TTkWzNm93FP/VYf.O/yMWDJDpIn/.qjrmvN.I97fvakynuza', '2017-12-06 17:11:44', '7 The Street', 'The Village', 'Townsville', 'UK', 'EXP 6PG', '01234777888', '', 0),
+(8, 'Mrs', 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$R2auBMKMe/Qw2fFr8D.S8eUEENUz8r.YUth5NHAyskNYupUzBen5O', '2017-12-06 17:18:30', '7 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(9, 'Mrs', 'Annie', 'Mossity', 'amossity@myisp.org.uk', '$2y$10$amqmyEfaOfiZ0MkIzdO90uZMPw4Mi/4RR70nNd0nxaZSOlxlr.8DC', '2017-12-06 17:24:42', '4 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', '', 0),
+(10, 'Mr', 'Percy', 'Veer', 'pveer@myisp.com', '$2y$10$Wvdx/YO4cCcOQvyMVVtapO3F/eiz2Ow3yU9VcczGMC.dcgwbgIXMS', '2017-12-06 17:28:53', '7 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PG', '01234777888', '', 0),
+(11, 'Mr', 'Darrel', 'Doo', 'ddoo@myisp.co.uk', '$2y$10$cTmJVcuUmTpCOIdQJ8MG3uwLmG7M7V3iE8zPXiNW2PQEdDQZMBftO', '2017-12-06 17:39:30', '5 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(12, 'Mr', 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$YUYnU8UvOF/WUJ5h4VK4Qe.I48ZcAbedjPiDekKHlODduqGdJoI9i', '2017-12-06 18:02:04', '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '01234777888', '', 0),
+(13, 'Mrs', 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$k9sMvE001164jjzJLs.OpOmb9LtluUEbR4GQ4RT5/rvSPNIqbL6gC', '2017-12-07 17:39:34', '6 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(14, 'Mr', 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$TOr.IZq/joHIKSk0Oo.jE.yWau48sUSgtC5TzKJ0sl0AoO2Bsk3lW', '2017-12-08 12:16:58', '5 The Street', '', 'Townsville', 'UK', 'EX7 9PG', '01234777888', '', 0),
+(16, 'Miss', 'Lynn', 'Seed', 'lseed@myisp.com', '$2y$10$nEs3Zhh4V5ZznpcPzGs9gOWupjY2NgV87DPpLu2DjqsdyBNRjf4/C', '2017-12-16 20:03:16', '6 The Street', '', 'Townsville', 'UK', 'EX24 6PG', '01234777888', '', 0),
+(17, 'Mr', 'Barry', 'Tone', 'btone@myisp.net', '$2y$10$w4zMq7ij7NmVDeBBKDSmbu963EwchZwAHPZmgZmTQAQ8Gha2jTD5W', '2017-12-16 20:16:40', '2 The Street', '', 'Townsville', 'USA', 'CA12345', '', '', 0),
+(30, 'Mr', 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$lePdxFz7ZKn/bJ41BS0h/ehWyIL2ZgK123iPQJahNCaRjgxVY3Rfq', '2017-12-29 11:28:43', '2 The Street', 'The Village', 'Townsville', 'Germany', 'BL1234', '', '', 0),
+(31, 'Miss', 'Dee', 'Jected', 'djected@myisp.org.uk', '$2y$10$ujpV7w4blsTdQFWOsE1fiOFYtj9zN4w0WcK5V4WJ60Pc5HWodWlGC', '2017-12-29 11:48:04', '3 The Street', 'The Village', 'Townsville', 'UK', 'EX3 1TH', '', '', 0),
+(32, 'Mr', 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$Yu.c/cw/TSFa9vcMBGAfAe5vzyOwp3SZarBVc/9vEksfp.F8BzSiW', '2017-12-29 11:58:51', '2 The Street', '', 'Townsville', 'UK', 'EX24 6PS', '01234777888', '', 0),
+(40, NULL, 'Stuff', 'Stuff', 'stuff@stuff.com', '$2y$10$5D9RsKOqA/hr/Z.7ko/.M.ngQSqWDzOfnu7OhUnBLzxXwKVxHk6YW', '2018-05-25 16:52:54', '121 sd', NULL, 'fh', 'dj', '33333', '1233333333', 'dfd', 1),
+(41, NULL, 'xx', 'xx', 'ccc@ccc.com', '$2y$10$dxTlEJ82C3g99CUmSuUWbOFyg8CT42jFhz.cgHqrkMhqxyIajbgKi', '2018-05-27 10:00:33', '44 as', NULL, 'kl', 'kl', '33333', NULL, 'fred', 0),
+(42, NULL, 'Mx', 'asaa', 'mmm@mmm.com', '$2y$10$7iVu8Thd3ZEBTu0.aRtud.6qNtplrJ/jembAUcfEFwczEN42PkFii', '2018-05-27 10:02:28', '123 as', NULL, 'kw', 'fl', '33333', NULL, 'fred', 0);
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `art`
+--
+ALTER TABLE `art`
+  ADD PRIMARY KEY (`art_id`),
+  ADD KEY `art_name` (`thumb`,`price`);
+
+--
+-- Indexes for table `artists`
+--
+ALTER TABLE `artists`
+  ADD PRIMARY KEY (`artist_id`);
+
+--
+-- Indexes for table `orders`
+--
+ALTER TABLE `orders`
+  ADD PRIMARY KEY (`order_id`),
+  ADD KEY `buyer_id` (`buyer_id`,`order_date`);
+
+--
+-- Indexes for table `order_contents`
+--
+ALTER TABLE `order_contents`
+  ADD PRIMARY KEY (`content_id`);
+
+--
+-- Indexes for table `order_details`
+--
+ALTER TABLE `order_details`
+  ADD PRIMARY KEY (`ord_details_id`),
+  ADD KEY `order_id` (`order_id`,`art_id`,`dispatch_date`);
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`user_id`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `art`
+--
+ALTER TABLE `art`
+  MODIFY `art_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=31;
+
+--
+-- AUTO_INCREMENT for table `artists`
+--
+ALTER TABLE `artists`
+  MODIFY `artist_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=50;
+
+--
+-- AUTO_INCREMENT for table `orders`
+--
+ALTER TABLE `orders`
+  MODIFY `order_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT for table `order_contents`
+--
+ALTER TABLE `order_contents`
+  MODIFY `content_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=10;
+
+--
+-- AUTO_INCREMENT for table `order_details`
+--
+ALTER TABLE `order_details`
+  MODIFY `ord_details_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `user_id` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=43;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch11/Customcart/customcart/forgot.php b/Ch11/Customcart/customcart/forgot.php
new file mode 100644
index 0000000..24bff3c
--- /dev/null
+++ b/Ch11/Customcart/customcart/forgot.php
@@ -0,0 +1,89 @@
+<?php
+$menu = 5;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Forgot Password</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query for forgot password
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	require("process_forgot.php");
+}
+?>
+<form  action="forgot.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Forgot Your Password?</h2>
+<h6>When you apply, you will receive your new password in an email. Read that 
+email as soon as possible. Don't delay! For 
+maximum security, immediately login with your new password. Then change the 
+password as quickly as possible.</h6>  
+</div>
+</div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">Your email address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="Email" maxlength="30" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Secret Answer:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  placeholder="Secret Question Answer" maxlength="30" required
+	  value="<?php if (isset($_POST['secret'])) echo $_POST['secret']; ?>" >
+	  If you don't know your secret answer, contact our service department.
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/found_pics_cart.php b/Ch11/Customcart/customcart/found_pics_cart.php
new file mode 100644
index 0000000..f8ee5f7
--- /dev/null
+++ b/Ch11/Customcart/customcart/found_pics_cart.php
@@ -0,0 +1,60 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+$menu = 2;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Paintings Found</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-10 text-center mx-auto" 
+  style="color: black; padding:20px; margin-top: 5px;">
+	<!--Start of found paintings content-->
+<h3 style="color: white;">To buy a painting please click its Add to Cart link</h3>
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+$_SESSION['type'] = $_POST['type'];
+$_SESSION['price'] = $_POST['price'];
+require("process_found_pics.php");
+}
+?>
+<p style="color:white">No paintings displayed? Either we have nothing that matches 
+your requirements at the moment OR you may have forgotten to select 
+BOTH the search fields. Please click the Find Pictures button and try again.</p>
+</div>
+	</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div><!--End of content-->
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/images/L-looking-back-a-beer.jpg b/Ch11/Customcart/customcart/images/L-looking-back-a-beer.jpg
new file mode 100644
index 0000000..bf6152f
Binary files /dev/null and b/Ch11/Customcart/customcart/images/L-looking-back-a-beer.jpg differ
diff --git a/Ch11/Customcart/customcart/images/L-silver-studded-blue.jpg b/Ch11/Customcart/customcart/images/L-silver-studded-blue.jpg
new file mode 100644
index 0000000..c45da2f
Binary files /dev/null and b/Ch11/Customcart/customcart/images/L-silver-studded-blue.jpg differ
diff --git a/Ch11/Customcart/customcart/images/Thumbs.db b/Ch11/Customcart/customcart/images/Thumbs.db
new file mode 100644
index 0000000..faaaabf
Binary files /dev/null and b/Ch11/Customcart/customcart/images/Thumbs.db differ
diff --git a/Ch11/Customcart/customcart/images/aw-brown-vessel-200.jpg b/Ch11/Customcart/customcart/images/aw-brown-vessel-200.jpg
new file mode 100644
index 0000000..df6dde2
Binary files /dev/null and b/Ch11/Customcart/customcart/images/aw-brown-vessel-200.jpg differ
diff --git a/Ch11/Customcart/customcart/images/aw-brown-vessel-thumb.jpg b/Ch11/Customcart/customcart/images/aw-brown-vessel-thumb.jpg
new file mode 100644
index 0000000..26dcaa5
Binary files /dev/null and b/Ch11/Customcart/customcart/images/aw-brown-vessel-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/aw-brown-vessel.jpg b/Ch11/Customcart/customcart/images/aw-brown-vessel.jpg
new file mode 100644
index 0000000..8f62c17
Binary files /dev/null and b/Ch11/Customcart/customcart/images/aw-brown-vessel.jpg differ
diff --git a/Ch11/Customcart/customcart/images/aw-white-jug-home.jpg b/Ch11/Customcart/customcart/images/aw-white-jug-home.jpg
new file mode 100644
index 0000000..8f92b65
Binary files /dev/null and b/Ch11/Customcart/customcart/images/aw-white-jug-home.jpg differ
diff --git a/Ch11/Customcart/customcart/images/aw-white-jug-thumb.jpg b/Ch11/Customcart/customcart/images/aw-white-jug-thumb.jpg
new file mode 100644
index 0000000..426d3df
Binary files /dev/null and b/Ch11/Customcart/customcart/images/aw-white-jug-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/aw-white-jug.jpg b/Ch11/Customcart/customcart/images/aw-white-jug.jpg
new file mode 100644
index 0000000..d0d8f25
Binary files /dev/null and b/Ch11/Customcart/customcart/images/aw-white-jug.jpg differ
diff --git a/Ch11/Customcart/customcart/images/cart.jpg b/Ch11/Customcart/customcart/images/cart.jpg
new file mode 100644
index 0000000..27213e0
Binary files /dev/null and b/Ch11/Customcart/customcart/images/cart.jpg differ
diff --git a/Ch11/Customcart/customcart/images/dove-1.png b/Ch11/Customcart/customcart/images/dove-1.png
new file mode 100644
index 0000000..69a4410
Binary files /dev/null and b/Ch11/Customcart/customcart/images/dove-1.png differ
diff --git a/Ch11/Customcart/customcart/images/green-grad-800.jpg b/Ch11/Customcart/customcart/images/green-grad-800.jpg
new file mode 100644
index 0000000..696ad2b
Binary files /dev/null and b/Ch11/Customcart/customcart/images/green-grad-800.jpg differ
diff --git a/Ch11/Customcart/customcart/images/home.jpg b/Ch11/Customcart/customcart/images/home.jpg
new file mode 100644
index 0000000..002c2c4
Binary files /dev/null and b/Ch11/Customcart/customcart/images/home.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-abstract-squares-thumb.jpg b/Ch11/Customcart/customcart/images/k-abstract-squares-thumb.jpg
new file mode 100644
index 0000000..80362b7
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-abstract-squares-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-abstract-thumb.jpg b/Ch11/Customcart/customcart/images/k-abstract-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-abstract-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-copper-kettle-300.jpg b/Ch11/Customcart/customcart/images/k-copper-kettle-300.jpg
new file mode 100644
index 0000000..7bbaf16
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-copper-kettle-300.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-copper-kettle-home.jpg b/Ch11/Customcart/customcart/images/k-copper-kettle-home.jpg
new file mode 100644
index 0000000..957e09d
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-copper-kettle-home.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-copper-kettle-thumb.jpg b/Ch11/Customcart/customcart/images/k-copper-kettle-thumb.jpg
new file mode 100644
index 0000000..27ca9f7
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-copper-kettle-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-stil-life-2.jpg b/Ch11/Customcart/customcart/images/k-stil-life-2.jpg
new file mode 100644
index 0000000..f22b330
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-stil-life-2.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-stil-life-3.jpg b/Ch11/Customcart/customcart/images/k-stil-life-3.jpg
new file mode 100644
index 0000000..7e92b77
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-stil-life-3.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-stil-life-thumb.jpg b/Ch11/Customcart/customcart/images/k-stil-life-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-stil-life-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/k-still-life-thumb.jpg b/Ch11/Customcart/customcart/images/k-still-life-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/Customcart/customcart/images/k-still-life-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/L-looking-back-a-beer.jpg b/Ch11/Customcart/customcart/images/large files/L-looking-back-a-beer.jpg
new file mode 100644
index 0000000..bf6152f
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/L-looking-back-a-beer.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/L-silver-studded-blue.jpg b/Ch11/Customcart/customcart/images/large files/L-silver-studded-blue.jpg
new file mode 100644
index 0000000..c45da2f
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/L-silver-studded-blue.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/L-silver-washed=fritillary.jpg b/Ch11/Customcart/customcart/images/large files/L-silver-washed=fritillary.jpg
new file mode 100644
index 0000000..9067c77
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/L-silver-washed=fritillary.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/Thumbs.db b/Ch11/Customcart/customcart/images/large files/Thumbs.db
new file mode 100644
index 0000000..b80fb46
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/Thumbs.db differ
diff --git a/Ch11/Customcart/customcart/images/large files/aw-brown-vessel-200.jpg b/Ch11/Customcart/customcart/images/large files/aw-brown-vessel-200.jpg
new file mode 100644
index 0000000..df6dde2
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/aw-brown-vessel-200.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/aw-brown-vessel.jpg b/Ch11/Customcart/customcart/images/large files/aw-brown-vessel.jpg
new file mode 100644
index 0000000..8f62c17
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/aw-brown-vessel.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/aw-white-jug-200.jpg b/Ch11/Customcart/customcart/images/large files/aw-white-jug-200.jpg
new file mode 100644
index 0000000..87f6c8a
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/aw-white-jug-200.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/aw-white-jug-home.jpg b/Ch11/Customcart/customcart/images/large files/aw-white-jug-home.jpg
new file mode 100644
index 0000000..35425ca
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/aw-white-jug-home.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/aw-white-jug.jpg b/Ch11/Customcart/customcart/images/large files/aw-white-jug.jpg
new file mode 100644
index 0000000..d0d8f25
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/aw-white-jug.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/k-copper-kettle-380.jpg b/Ch11/Customcart/customcart/images/large files/k-copper-kettle-380.jpg
new file mode 100644
index 0000000..e1c21f0
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/k-copper-kettle-380.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/k-stil-life-2.jpg b/Ch11/Customcart/customcart/images/large files/k-stil-life-2.jpg
new file mode 100644
index 0000000..f22b330
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/k-stil-life-2.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/k-stil-life-3.jpg b/Ch11/Customcart/customcart/images/large files/k-stil-life-3.jpg
new file mode 100644
index 0000000..7e92b77
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/k-stil-life-3.jpg differ
diff --git a/Ch11/Customcart/customcart/images/large files/k-stil-life-300.jpg b/Ch11/Customcart/customcart/images/large files/k-stil-life-300.jpg
new file mode 100644
index 0000000..01bbc4f
Binary files /dev/null and b/Ch11/Customcart/customcart/images/large files/k-stil-life-300.jpg differ
diff --git a/Ch11/Customcart/customcart/images/prints.jpg b/Ch11/Customcart/customcart/images/prints.jpg
new file mode 100644
index 0000000..01a7209
Binary files /dev/null and b/Ch11/Customcart/customcart/images/prints.jpg differ
diff --git a/Ch11/Customcart/customcart/images/rsb-beer-thumb.jpg b/Ch11/Customcart/customcart/images/rsb-beer-thumb.jpg
new file mode 100644
index 0000000..196ca9c
Binary files /dev/null and b/Ch11/Customcart/customcart/images/rsb-beer-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/rsb-blue-thumb.jpg b/Ch11/Customcart/customcart/images/rsb-blue-thumb.jpg
new file mode 100644
index 0000000..fe2b0c9
Binary files /dev/null and b/Ch11/Customcart/customcart/images/rsb-blue-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/rsb-fritillary-thumb.jpg b/Ch11/Customcart/customcart/images/rsb-fritillary-thumb.jpg
new file mode 100644
index 0000000..1ea329f
Binary files /dev/null and b/Ch11/Customcart/customcart/images/rsb-fritillary-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/rsb-lyme-thumb.jpg b/Ch11/Customcart/customcart/images/rsb-lyme-thumb.jpg
new file mode 100644
index 0000000..ddb1800
Binary files /dev/null and b/Ch11/Customcart/customcart/images/rsb-lyme-thumb.jpg differ
diff --git a/Ch11/Customcart/customcart/images/title.jpg b/Ch11/Customcart/customcart/images/title.jpg
new file mode 100644
index 0000000..5e38df9
Binary files /dev/null and b/Ch11/Customcart/customcart/images/title.jpg differ
diff --git a/Ch11/Customcart/customcart/images/unavailable.png b/Ch11/Customcart/customcart/images/unavailable.png
new file mode 100644
index 0000000..41374c4
Binary files /dev/null and b/Ch11/Customcart/customcart/images/unavailable.png differ
diff --git a/Ch11/Customcart/customcart/includes/footer.php b/Ch11/Customcart/customcart/includes/footer.php
new file mode 100644
index 0000000..6f56f56
--- /dev/null
+++ b/Ch11/Customcart/customcart/includes/footer.php
@@ -0,0 +1 @@
+<p class="h6 col-sm-12" style="color:black;">Footer goes here</p>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/includes/header.php b/Ch11/Customcart/customcart/includes/header.php
new file mode 100644
index 0000000..cc291fb
--- /dev/null
+++ b/Ch11/Customcart/customcart/includes/header.php
@@ -0,0 +1,117 @@
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js"></script>
+  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js"></script>
+<div class="col-sm-2" >
+<img class="img-fluid" style="padding-top: 5px; height=200" src="images/dove-1.png" alt="dove"> 
+</div>
+<div class="col-sm-6" style="color :white; padding-top: 5%;">
+ <div class="h1 mb-2 font-bold text-left" >The Dove Gallery</div>
+ <p class='lead text-center'>Affordable Original Paintings</p>
+</div>
+
+<div class="col-sm-4" style="padding-top: 10px; padding-bottom: 10px;">
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu">
+    <span class="navbar-toggler-icon"></span>
+  </button>
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+     
+	<?php
+	 switch ($menu) {
+	case 1: //admin_add_painting.php
+	    ?>
+		 <li class="nav-item">
+         <a class="btn btn-primary" id="buttons" href="admin_page.php" role="button">Add Another</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="admin_add_artist.php" role="button">Add Artist</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="#" role="button">View Orders</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="#" role="button">New Password</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="Logout.php" role="button">Logout</a>
+		 </li>
+		<?php
+        break;	 	 
+    case 2: // added.php, cart.php, found_pics_cart.php
+	    ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="cart.php" role="button">View Cart</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="users_search_page.php" role="button">Find Paintings</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="Logout.php" role="button">Logout</a>
+		</li>
+		<?php
+        break;
+    case 3: //admin_page.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="admin_add_artist.php" role="button">Add Another</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="admin_page.php" role="button">Add Painting</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="#" role="button">View Orders</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="#" role="button">New Password</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="Logout.php" role="button">Logout</a>
+		</li>
+		<?php
+        break;
+    case 4: // index.php  case 5 - forgot.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="register.php" role="button">Register</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="Login.php" role="button">Login</a>
+		</li>
+		<?php
+        break;
+	case 7: // login.php user_search_page.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="register.php" role="button">Register</a>
+		</li>
+		<?php
+        break;
+	case 8: //; register.php
+        ?> 
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="register.php" role="button">Erase</a>
+		</li>
+		<?php
+        break;
+	case 9: //register_thanks.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="Login.php" role="button">Login</a>
+        </li>	
+		<?php
+        break;
+	case 10: //checkout.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="logout.php" role="button">Logout</a>
+        </li>	
+		<?php
+        break;
+}
+	?>
+	</ul>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/includes/menu.php b/Ch11/Customcart/customcart/includes/menu.php
new file mode 100644
index 0000000..5f44ec0
--- /dev/null
+++ b/Ch11/Customcart/customcart/includes/menu.php
@@ -0,0 +1,27 @@
+
+
+
+<div style="padding-top: 10px; padding-bottom: 10px; padding-right: 15px;">
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<!--<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu1">
+    <span class="navbar-toggler-icon"></span>
+    </button> 
+    Not activating above code makes menu invisible for small devices
+    -->
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu1"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+      <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">About Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">FAQs</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">Contact Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="index.php" role="button">Home Page</a>
+	 </li>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/index.php b/Ch11/Customcart/customcart/index.php
new file mode 100644
index 0000000..dd8e55e
--- /dev/null
+++ b/Ch11/Customcart/customcart/index.php
@@ -0,0 +1,64 @@
+<?php
+$menu = 4;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+
+	<div class="row">
+    <div class="col-sm-2"></div>
+    <div class="col-sm-6">
+    <h2>Welcome to the Dove Gallery</h2>
+	<h5 style="color: black">To search the gallery, please register and log in</h5>
+	<p class="col-sm-12">
+<img alt="Brown Jug by Adrian West" class="img-fluid col-sm-3" src="images/aw-brown-vessel-200.jpg"> 
+<img alt="L-Silver washed blue" class="img-fluid col-sm-3" src="images/L-silver-studded-blue.jpg"> 
+<img alt="White Jug" class="img-fluid col-sm-3" src="images/aw-white-jug-home.jpg"> 
+</p>
+</div>
+<aside class="col-sm-4" id="includemenu" style="padding-right: 16px;">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+</div>
+<div class="row mx-auto">
+<div class="col-sm-2"></div>
+<div class="col-sm-6">
+<img alt="Copper kettle" class="img-fluid com-sm-3" src="images/k-copper-kettle-home.jpg"> 
+<img alt="Looking Back at Beer" class="img-fluid col-sm-3" src="images/L-looking-back-a-beer.jpg"> 
+</div>
+</div>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/login-files/login.php b/Ch11/Customcart/customcart/login-files/login.php
new file mode 100644
index 0000000..640deaf
--- /dev/null
+++ b/Ch11/Customcart/customcart/login-files/login.php
@@ -0,0 +1,47 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Login page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="msgboard.css">
+<style type="text/css">
+h2 { color:navy; }
+/*#tab-navigation ul { margin-left:140px; }*/
+form { padding-left:260px; width:200px;}
+.label { width:120px; float:left; text-align:right;}
+form p { width:280px; }
+p.submit {margin-left:125px; }
+</style>
+</head>
+<body>
+<br>
+<div id='container'>
+<header>
+<?php include ( 'includes/header_login.php' ) ;?>
+</header>
+<?php
+// Display any error messages if present.
+if ( isset( $errors ) AND !empty( $errors ) )
+{
+ echo '<p id="err_msg">A problem occurred:<br>' ;
+ foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
+ echo 'Please try again or <a href="register-page.php">Register</a></p>' ;
+}
+?>
+<!-- Display the login form fields -->
+<h2>Login</h2>
+<form action="process_login.php" method="post">
+<p><label class="label" for="user_name">User Name:</label><input id="user_name" type="text" 
+name="user_name" size="16" maxlength="16" value="<?php if (isset($_POST['user_name']))
+echo $_POST['user_name']; ?>"></p>
+<p><label class="label" for="passcode">Password:</label><input id="passcode" 
+type="password" name="passcode" size="16" maxlength="16" value="<?php if
+(isset($_POST['passcode'])) echo $_POST['passcode']; ?>" ></p>
+<p class="submit"><input type="submit" value="Login" ></p>
+</form>
+<footer>
+<?php include ( 'includes/footer.php' ) ; ?>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/login-files/login_functions.php b/Ch11/Customcart/customcart/login-files/login_functions.php
new file mode 100644
index 0000000..7bc1283
--- /dev/null
+++ b/Ch11/Customcart/customcart/login-files/login_functions.php
@@ -0,0 +1,48 @@
+<?php 
+// Function for loading the URL of pages
+function load( $page = 'login.php' )
+{
+  // The code for setting the page URL
+  $url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[ 'PHP_SELF' ] ) ;
+  // Trim the URL
+  $url = rtrim( $url, '/\\' ) ;
+  $url .= '/' . $page ;
+ //Redirect to the page and exit the script. 
+  header( "Location: $url" ) ; 
+  exit() ;
+}
+// Create a function to check user name and password 
+function validate( $dbcon, $user_name = '', $passcode = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the user name been entered?
+  if ( empty( $user_name ) ) 
+  { $errors[] = 'You forgot to enter your user name' ; 
+  } 
+  else  { $user_name = mysqli_real_escape_string( $dbcon, trim( $user_name ) ) ; 
+  }
+  // Has the password been entered
+  if ( empty( $passcode ) ) 
+  { $errors[] = 'Enter your password.' ; 
+  } 
+  else { $passcode = mysqli_real_escape_string( $dbcon, trim( $passcode ) ) ; 
+  }
+  $hp=password_hash($p, PASSWORD_BCRYPT);
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+    $q = "SELECT member_id, user_name FROM members WHERE user_name='$user_name' AND passcode='$hp')" ;  
+    $result = mysqli_query ( $dbcon, $q ) ;
+    if ( mysqli_num_rows( $result ) == 1 ) 
+    {
+      $row = mysqli_fetch_array ( $result, MYSQLI_ASSOC ) ;
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/login-files/process_login.php b/Ch11/Customcart/customcart/login-files/process_login.php
new file mode 100644
index 0000000..0b895d0
--- /dev/null
+++ b/Ch11/Customcart/customcart/login-files/process_login.php
@@ -0,0 +1,27 @@
+<?php
+// Was the form submitted?
+if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
+{
+// Connect to the database .
+  require ( 'mysqli_connect.php' ) ;
+// Load the validation functions.
+  require ( 'login_functions.php' ) ;
+// Check the login data
+  list ( $check, $data ) = validate ( $dbcon, $_POST[ 'user_name' ], $_POST[ 'passcode' ] ) ;
+// If successful, set session data and display the forum.php page
+  if ( $check )  
+  {
+// Access the session details
+    session_start();
+    $_SESSION[ 'member_id' ] = $data[ 'member_id' ] ;
+    $_SESSION[ 'user_name' ] = $data[ 'user_name' ] ;
+    load ( 'forum.php' ) ;
+  }
+// If it fails, set the error messages
+  else { $errors = $data; } 
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// If it unsuccessful continue to display the login page
+include ( 'login.php' ) ;
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/login.php b/Ch11/Customcart/customcart/login.php
new file mode 100644
index 0000000..0c00087
--- /dev/null
+++ b/Ch11/Customcart/customcart/login.php
@@ -0,0 +1,93 @@
+<?php
+$menu = 7;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Login Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of login content-->
+<?php
+// Display any error messages if present.
+if ( isset( $errors ) && !empty( $errors ) )
+{
+ echo '<p id="err_msg">A problem occurred:<br>' ;
+ foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
+ echo 'Please try again or <a href="register-page.php">Register</a></p>' ;
+}
+?>
+<!-- Display the login form fields -->
+<form  action="process_login.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Login</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="30" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" >
+    </div>
+	</div>
+<div class="form-group row">
+    <label for="passcode" class="col-sm-4 col-form-label text-right">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="passcode" name="passcode" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['passcode'])) echo $_POST['passcode']; ?>" >
+    </div>
+	</div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <a href="forgot.php">Forgot Password?</a>
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a login content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/login_functions.php b/Ch11/Customcart/customcart/login_functions.php
new file mode 100644
index 0000000..88ee47e
--- /dev/null
+++ b/Ch11/Customcart/customcart/login_functions.php
@@ -0,0 +1,76 @@
+<?php 
+// Create a function to check user name and password 
+function validate( $dbcon, $email = '', $passcode = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the user name been entered?
+  if ( !empty( $email ) ) 
+  {  $user_name = trim( $email); 
+  }
+  if ( empty( $email ) ) 
+  { $errors[] = 'You forgot to enter your email' ; 
+  } 
+   
+  // Has the password been entered
+  if ( !empty( $passcode ) ) 
+  {  
+  $passcode = trim( $passcode ); 
+  }
+  if ( empty( $passcode ) ) 
+  { $errors[] = 'You forgot to enter your password.' ; 
+  } 
+  
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+	  
+	  try {
+ $query = "SELECT user_id, password, user_level FROM users WHERE email=?" ;  
+ 
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+if ((mysqli_num_rows($result) == 1) && 
+(password_verify($passcode, $row['password']))) {
+
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+	  }
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Login | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Login Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Login Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Login | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Login Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Login Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/login_toolss.php b/Ch11/Customcart/customcart/login_toolss.php
new file mode 100644
index 0000000..b634d7f
--- /dev/null
+++ b/Ch11/Customcart/customcart/login_toolss.php
@@ -0,0 +1,47 @@
+<?php 
+// Function for loading the URL of pages
+function load( $page = 'login.php' )
+{
+  // The code for setting the page URL
+  $url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[ 'PHP_SELF' ] ) ;
+  // Trim the URL
+  $url = rtrim( $url, '/\\' ) ;
+  $url .= '/' . $page ;
+ //Redirect to the page and exit the script. 
+  header( "Location: $url" ) ; 
+  exit() ;
+}
+// Create a function to check email and password 
+function validate( $dbcon, $email = '', $p = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the email been entered?
+  if ( empty( $email ) ) 
+  { $errors[] = 'You forgot to enter your email' ; 
+  } 
+  else  { $email = mysqli_real_escape_string( $dbcon, trim( $email ) ) ; 
+  }
+  // Has the password been entered
+  if ( empty( $p ) ) 
+  { $errors[] = 'Enter your password.' ; 
+  } 
+  else { $p = mysqli_real_escape_string( $dbcon, trim( $p ) ) ; 
+  }
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+    $q = "SELECT user_id, email FROM users WHERE emai='$email' AND psword=SHA1('$p')" ;  
+    $result = mysqli_query ( $dbcon, $q ) ;
+    if ( @mysqli_num_rows( $result ) == 1 ) 
+    {
+      $row = mysqli_fetch_array ( $result, MYSQLI_ASSOC ) ;
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/logout.php b/Ch11/Customcart/customcart/logout.php
new file mode 100644
index 0000000..07c13b0
--- /dev/null
+++ b/Ch11/Customcart/customcart/logout.php
@@ -0,0 +1,12 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+	$_SESSION = array(); // Destroy the variables
+	session_destroy(); // Destroy the session
+	setcookie('PHPSESSID', time()-3600,'/', 0, 0);//Destroy the cookie
+	header("location:index.php");
+	exit();
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/mysqli_connect.php b/Ch11/Customcart/customcart/mysqli_connect.php
new file mode 100644
index 0000000..26eb5ed
--- /dev/null
+++ b/Ch11/Customcart/customcart/mysqli_connect.php
@@ -0,0 +1,12 @@
+<?php 
+// Create a connection to the migrate database and to MySQL
+// Set the encoding to utf-8
+// Set the database access details as constants
+DEFINE ('DB_USER', 'turing');
+DEFINE ('DB_PASSWORD', 'En1gm3');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'customdb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
diff --git a/Ch11/Customcart/customcart/process_add_painting.php b/Ch11/Customcart/customcart/process_add_painting.php
new file mode 100644
index 0000000..3759c03
--- /dev/null
+++ b/Ch11/Customcart/customcart/process_add_painting.php
@@ -0,0 +1,124 @@
+<?php
+	$errors = array(); // Start an array to contain the error messages 
+// Check if a thumbnail url has been entered
+    $thumbtrim = trim($_POST['thumb']);
+	if ((!empty($thumbtrim)) && (filter_var($thumbtrim, FILTER_VALIDATE_URL))
+		&& (strlen($thumbtrim) <= 50)) {
+		// $thumb = $thumbtrim;
+	}
+	  else
+	  {
+        $errors[] = 'Missing thumbnail url or wrong format. Max 50.';
+	} 
+// Check for a type
+   $typetrim = trim($_POST['type']);
+   if ((!empty($typetrim)) && (preg_match('/[a-z\-\s\.]/i',$typetrim)) &&
+		(strlen($typetrim) <= 50)) {					
+	//Sanitize the trimmed type						
+	$typetrim = (filter_var($typetrim, FILTER_SANITIZE_STRING));	
+	$typetrim = (filter_var($typetrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Type missing or not alphabetic, dash, period or space. Max 50.';
+	}
+// Has a price been entered?
+$pricetrim = trim($_POST['price']);		
+if ((!empty($pricetrim)) && (strlen($pricetrim) <= 10)) {					
+	//Sanitize the trimmed price					
+	$pricetrim = (filter_var($pricetrim, FILTER_SANITIZE_NUMBER_INT));
+    $pricetrim = preg_replace('/\D+/', '', ($pricetrim));	
+	}else{	
+	$errors[] = 'Price missing. Must be Numberic. Max ######.##.';
+	}
+// Has the medium been entered?
+ $mediumtrim = trim($_POST['medium']);
+   if ((!empty($mediumtrim)) && (preg_match('/[a-z\-\s\.]/i',$mediumtrim)) &&
+		(strlen($mediumtrim) <= 50)) {					
+	//Sanitize the trimmed medium						
+	$mediumtrim = (filter_var($mediumtrim, FILTER_SANITIZE_STRING));	
+	$mediumtrim = (filter_var($mediumtrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Medium missing or not alphabetic, dash, period or space. Max 50.';
+	}
+	// Has the artist been entered?
+	$artisttrim = trim($_POST['artist']);
+   if ((!empty($artisttrim)) && (preg_match('/[a-z\-\s\.]/i',$artisttrim)) &&
+		(strlen($artisttrim) <= 50)) {					
+	//Sanitize the trimmed artist						
+	$artisttrim = (filter_var($artisttrim, FILTER_SANITIZE_STRING));	
+	$artisttrim = (filter_var($artisttrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Artist missing or not alphabetic, dash, period or space. Max 50.';
+	}
+// Has a brief description been entered?
+   	$minitrim = trim($_POST['mini_descr']);
+    if ((!empty($minitrim)) && (preg_match('/[a-z\-\s\.]/i',$minitrim)) &&
+		(strlen($minitrim) <= 150)) {					
+	//Sanitize the trimmed artist						
+	$artisttrim = (filter_var($minitrim, FILTER_SANITIZE_STRING));	
+	$artisttrim = (filter_var($minitrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Description missing or not alphabetic, dash, period or space. Max 50.';
+	}
+	 // Has the PPcode been entered?
+	// $ppcodetrim = trim($_POST['ppcode']);
+    // if ((!empty($ppcodetrim)) && (strlen($ppcodetrim) <= 45)) {					
+	//Sanitize the trimmed artist						
+	//$ppcodetrim = (filter_var($minitrim, FILTER_SANITIZE_STRING));			
+	//}else{	
+	//$errors[] = 'PayPal Code missing or not alphabetic, dash, period or space. Max 50.';
+	//}
+if (empty($errors)) { // If no errors were encountered
+	// Register the painting in the database
+try {
+		require ('mysqli_connect.php'); // Connect to the database
+		// Make the query:'
+		
+	$query = "INSERT INTO art (art_id, thumb, type, medium, artist, mini_descr, price)"; 
+    $query .= "VALUES ";
+	$query .= "(' ', ?,?,?,?,?,?)"; 
+    $q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 'ssssss', $thumbtrim, $typetrim, $mediumtrim, $artisttrim, $minitrim, $pricetrim );
+    // execute query
+    mysqli_stmt_execute($q);
+    if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2>The painting was successfully registered</h2><br>';
+		} else { // If it was not registered
+		// Error message:
+			echo '<h2>System Error</h2>
+			<p class="error">The painting could not be added due to a system error. We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Add Painting | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Add Painting Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Add Painting Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Add Painting | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Add Painting Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Add Painting Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+	} else { // Display the errors.
+		echo '<h2>Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Print each error.
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h3>Please try again.</h3><p><br></p>';
+		}// End of if (empty($errors))
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/process_admin_page.php b/Ch11/Customcart/customcart/process_admin_page.php
new file mode 100644
index 0000000..9e83197
--- /dev/null
+++ b/Ch11/Customcart/customcart/process_admin_page.php
@@ -0,0 +1,91 @@
+<?php
+	$errors = array(); // Set an error array.
+// Has an artist's first name been entered?
+// Trim the first name
+    $first_name = trim($_POST['first_name']);
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$first_nametrim = (filter_var($first_name, FILTER_SANITIZE_STRING));
+    $first_nametrim = (filter_var($first_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$first_nametrim = NULL;
+	}
+// Has an artist's middle name been entered?
+    $middle_name = trim($_POST['middle_name']);
+// Strip HTML and apply escaping Is the middle name present? If it is, trim it
+if ((!empty($middle_name)) && (preg_match('/[a-z\s\.]/i',$middle_name)) &&
+		(strlen($middle_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$middle_nametrim = (filter_var($middle_name, FILTER_SANITIZE_STRING));
+    $middle_nametrim = (filter_var($middle_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$middle_nametrim = NULL;
+	}
+// Has the artist's last name been entered?
+    $last_name = trim($_POST['last_name']);
+// Strip HTML and apply escaping Is the last name present? If it is, trim it
+if ((!empty($last_name)) && (preg_match('/[a-z\s]/i',$last_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$last_nametrim = (filter_var($last_name, FILTER_SANITIZE_STRING));
+    $last_nametrim = (filter_var($last_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic and space characters. Max 30';
+	} 
+if (empty($errors)) { // If the wuery ran OK
+	// Register the artist in the database
+	
+	try {
+		require ('mysqli_connect.php'); // Connect to the db.
+		// Make the query:
+		$query = "INSERT INTO artists (artist_id, first_name, middle_name, last_name) ";
+        $query .= "VALUES ";
+	    $query .= "(' ',?,?,?)"; 
+        $q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'sss', $first_nametrim, $middle_nametrim, $last_nametrim);
+        // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2 class="col-sm-12 text-right">The artist was successfully added.</h2>';
+		} else { // If the query failed to run
+		// Message:
+			echo '<h2 class="col-sm-12 text-right" style="color: red;">System Error</h2>
+			<p class="error">The artist could not be added due to a system error. ';
+			echo 'We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Admin Page | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Admin Page Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Admin Page Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Admin Page | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Admin Page Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Admin Page Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+	} else { // Display any errors
+		echo '<h2 class="col-sm-12 text-right" style="color: red;">Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Display any errors
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h6>Please try again.</h6><p><br></p>';
+		}// End of if error checks
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/process_cart.php b/Ch11/Customcart/customcart/process_cart.php
new file mode 100644
index 0000000..448bcf7
--- /dev/null
+++ b/Ch11/Customcart/customcart/process_cart.php
@@ -0,0 +1,85 @@
+<?php
+// If the user changes the quantity then Update the cart
+  if(isset($_POST['qty'])) {
+  foreach ( $_POST['qty'] as $art_id => $item_qty )
+  {
+// Ensure that the id and the quantity are integers
+    $id = (int) $art_id;
+    $qty = (int) $item_qty;
+// If the quantity is set to zero clear the session or else store the changed quantity
+    if ( $qty == 0 ) { unset ($_SESSION['cart'][$id]); } 
+    elseif ( $qty > 0 ) { $_SESSION['cart'][$id]['quantity'] = $qty; }
+  }
+  }
+// Set an initial variable for the total cost
+$total = 0; 
+// Display the cart contents
+if (!empty($_SESSION['cart']))
+{
+?>
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+  <!-- Center Column Content Section -->
+  <div class="col-sm-4 text-center mx-auto" style="padding-left: 40px;"></div>
+  <div class="col-sm-10 text-center mx-auto" 
+  style="color: black; padding:20px; margin-top: 5px;">
+  <?php
+	try {
+// Connect to the database.
+  require ('mysqli_connect.php');
+// Get the items from the art table and insert them into the cart
+  $q = "SELECT * FROM art WHERE art_id IN (";
+  foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
+  $q = substr( $q, 0, -1 ) . ') ORDER BY art_id ASC';
+  $result = mysqli_query ($dbcon, $q);
+// Create a form and a table
+  echo '<form action="cart.php" method="post">';
+  echo '<table class="table table-responsive table-striped" style=" color:black;">';
+  echo '<tr><th scope="col">Medium</th><th scope="col">Type</th>';
+  echo '<th scope="col">Quantity</th><th scope="col"></th>';
+  echo '<th scope="col">Price</th></tr>';
+  while ($row = mysqli_fetch_array ($result, MYSQLI_ASSOC))
+  {
+// Calculate the subtotals and the grand total
+    $subtotal = $_SESSION['cart'][$row['art_id']]['quantity'] * $_SESSION['cart'][$row['art_id']]['price'];
+    $total += $subtotal;
+// Display the table
+    echo "<tr> <td>{$row['type']}</td><td>Painting(s)</td> 
+    <td><input type=\"text\" size=\"3\" name=\"qty[{$row['art_id']}]\" value=\"{$_SESSION['cart'][$row['art_id']]['quantity']}\"></td>
+    <td>at {$row['price']} each </td> <td style=\"text-align:right\">".number_format ($subtotal, 2)."</td></tr>";
+  }
+// Close the database connection
+  mysqli_close($dbcon); 
+// Display the total
+  echo ' <tr><td colspan="5" style="text-align:right">Total = '.number_format($total,2).'</td></tr>
+  </table>';
+  echo '<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Update Order"></form>';
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Cart | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Cart Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Cart Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Cart | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Cart Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Cart Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+echo "</div>";
+echo "</div>";
+}
+else
+// Or display a message
+{ echo '<p style="padding: 60px;">Your cart is currently empty.</p>' ; 
+}
+// Create some links
+echo '<p><a href="users_search_page.php">Continue Shopping</a> | <a href="checkout.php">Checkout</a>' ;
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/process_checkout.php b/Ch11/Customcart/customcart/process_checkout.php
new file mode 100644
index 0000000..dd7eefa
--- /dev/null
+++ b/Ch11/Customcart/customcart/process_checkout.php
@@ -0,0 +1,55 @@
+<?php
+// Redirect the user if he is not logged in
+if ( !isset( $_SESSION[ 'user_id' ] ) ) { require ( 'login_tools.php' ) ; load() ; }
+// Confirm that the total and cart have been passed to this page
+if ( isset( $_GET['total'] ) && ( $_GET['total'] > 0 ) && (!empty($_SESSION['cart']) ) )
+{
+	try {
+ // Connect to the database
+require ( 'mysqli_connect.php' ) ;
+  // Insert the user's id, the total, and the order date into the orders table
+  
+  $query = "INSERT INTO orders ( user_id, total, order_date ) VALUES ";
+  $query .= "( ?, ?, NOW())";
+ 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'is', $_SESSION['user_id'],$_GET['total']);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {	 
+  $order_id = mysqli_insert_id($dbcon);
+  // Get the selected paintings from the art table
+  $q = "SELECT * FROM art WHERE 'art_id' IN (";
+  foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
+  $q = substr( $q, 0, -1 ) . ') ORDER BY price ASC';
+  $result = mysqli_query ($dbcon, $q);
+// Insert the order contents into the order_contents table
+  while ($row = mysqli_fetch_array ($result, MYSQLI_ASSOC))
+  {
+    $query = "INSERT INTO order_contents ( order_id, art_id, quantity, price )
+    VALUES ( $order_id, ".$row['art_id'].",".$_SESSION['cart'][$row['art_id']]['quantity'].",".$_SESSION['cart'][$row['art_id']]['price'].")" ;
+    $result = mysqli_query($dbcon,$query);
+  }
+  // Close the database connection
+  mysqli_close($dbcon);
+  // Display a thank you message and state the order number
+  // Empty the cart ready for the next customer 
+  $_SESSION['cart'] = NULL;
+}
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+}
+// Display a message
+//else { echo '<h3 class="checkout">The shopping cart has been emptied ready for the next customer.</h3>' ; }
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/process_forgot.php b/Ch11/Customcart/customcart/process_forgot.php
new file mode 100644
index 0000000..ea204cc
--- /dev/null
+++ b/Ch11/Customcart/customcart/process_forgot.php
@@ -0,0 +1,75 @@
+<?php
+	try {
+	require ('mysqli_connect.php');
+	// Assign the value FALSe to the variable $buyid 
+	$buyid = FALSE;
+// Validate the email address...
+if (!empty($_POST['email'])) {
+// Does that email address exist in the database?
+		$query = 'SELECT user_id, user_level, secret FROM users WHERE email=?';	
+		$q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "s", $_POST['email']); 
+       // execute query 
+        mysqli_stmt_execute($q);
+       $result = mysqli_stmt_get_result($q);
+       $row = mysqli_fetch_array($result, MYSQLI_NUM);
+       if ((mysqli_num_rows($result) == 1) && ($row[1] == 0) &&
+	       ($row[2] == $_POST['secret']))
+	   {
+		$buyid = $row[0];
+		} else { // If the buyid for the email address was not retrieved
+			echo '<h6 style="padding-left:80px; padding-top: 20px;">If your e-mail and secret are correct, you will recieve an e-mail</h6>';
+		}
+		} 
+	if ($buyid) { // If buyid for the email address was retrieved, create a random password
+		$password = substr ( md5(uniqid(rand(), true)), 5, 10);
+// Update the database table
+        $hassed_password = password_hash($password, PASSWORD_DEFAULT);			
+        $query = "UPDATE users SET password=? WHERE user_id=?";
+        $q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "si", $hassed_password, $buyid); 
+       // execute query 
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {		   
+// Send an email to the buyer
+		$body = "Your password has been changed to '" . $password;
+		$body .= "'. Please login as soon as possible using the new password. ";
+		$body .= "Then change it immediately. otherwise, if a hacker has intercepted ";
+		$body .= "this email they will know your login details.";
+		mail ($_POST['email'], 'Your new password.', $body, 'From: admin@thedovegallery.co.uk');
+// Echo a message and exit the code
+		echo '<h6 style="padding-left:80px; padding-top: 20px;">Your password has been changed. ';
+		echo 'You will shortly receive the new temporary password by email.</h6>';
+		mysqli_close($dbcon);
+		include ('includes/footer.php');
+		exit(); // Stop the script.
+		} else { // If the query failed to run
+			echo '<p class="error">Due to a system error, your password could not be changed. We apologize for any inconvenience.</p>'; 
+		}
+		} 
+	mysqli_close($dbcon);
+	}
+	catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Forgot Password | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Forgot Password Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Forgot Password Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Forgot Password | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Forgot Password Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Forgot Password Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/process_found_pics.php b/Ch11/Customcart/customcart/process_found_pics.php
new file mode 100644
index 0000000..247316d
--- /dev/null
+++ b/Ch11/Customcart/customcart/process_found_pics.php
@@ -0,0 +1,73 @@
+<?php
+//Connect to the database
+try {
+require ( 'mysqli_connect.php' ) ;
+// Select the first thre items items from the art table
+//$q = "SELECT * FROM art LIMIT 3";
+$type=$_SESSION['type'];
+$price=$_SESSION['price'];
+$query = 
+"SELECT art_id, thumb, type, price, medium, artist, mini_descr, ppcode ";
+$query .= "FROM art WHERE type= ? AND price <= ? ORDER BY price DESC LIMIT 3";		
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// bind $id to SQL Statement
+mysqli_stmt_bind_param($q, "si", $type, $price); 
+// execute query 
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+//  $row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) > 0) {
+
+//$result = mysqli_query( $dbcon, $q ) ;
+//if ( mysqli_num_rows( $result ) > 0 )
+//{
+// Table header
+?>
+<table class="table table-responsive table-striped" style="background: white;">
+<tr><th scope="col">Thumb</th><th scope="col">Type</th>
+<th scope="col">Medium</th><th scope="col">Artist</th>
+<th scope="col">Details</th><th scope="col">Price &pound;</th>
+</tr>
+<?php	
+// Fetch the matching records and populate the table display
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	echo '<tr>
+	<td><img src='.$row['thumb'] . '></td>
+	<td>' . $row['type'] . '</td>
+	<td>' . $row['medium'] . '</td>
+	<td>' . $row['artist'] . '</td>
+	<td>' . $row['mini_descr'] . '</td>
+	<td>' . $row['price'] . 
+	'<br><a href="added.php?id=' . $row['art_id'] . '">Add to Cart</a></td>
+	</tr>';
+	}
+?>
+</table>
+<?php
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// Or notify the user that no matching paintings were found
+else { echo '<p>There are currently no items matching your search criteria.</p>' ; }
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Found Pics | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Found Pics Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Found Pics Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Found Pics | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Found Pics Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Found Pics Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/process_login.php b/Ch11/Customcart/customcart/process_login.php
new file mode 100644
index 0000000..459f34e
--- /dev/null
+++ b/Ch11/Customcart/customcart/process_login.php
@@ -0,0 +1,32 @@
+<?php
+// Was the form submitted?
+if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
+{
+// Connect to the database .
+  require ( 'mysqli_connect.php' ) ;
+// Load the validation functions.
+  require ( 'login_functions.php' ) ;
+// Check the login data
+  list ( $check, $data ) = validate ( $dbcon, $_POST[ 'email' ], $_POST[ 'passcode' ] ) ;
+// If successful, set session data and display the forum.php page
+  if ( $check )  
+  {
+// Access the session details
+    session_start();
+    $_SESSION[ 'user_id' ] = $data[ 'user_id'];
+    $_SESSION[ 'email' ] = $data[ 'email' ] ;
+	$_SESSION[ 'user_level' ] = $data[ 'user_level' ];
+	if ($data[ 'user_level'] == 1) {
+    header ( 'Location: admin_page.php' ) ;
+	} else {
+	header ( 'Location: users_search_page.php' );
+  }
+  }
+// If it fails, set the error messages
+  else { $errors = $data; } 
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// If it unsuccessful continue to display the login page
+include ( 'login.php' ) ;
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/process_register.php b/Ch11/Customcart/customcart/process_register.php
new file mode 100644
index 0000000..3371c4b
--- /dev/null
+++ b/Ch11/Customcart/customcart/process_register.php
@@ -0,0 +1,197 @@
+<?php
+// Has the form been submitted?
+try {
+require ('mysqli_connect.php'); // Connect to the database
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+//Is the title present? If it is, trim it 
+    $title = trim($_POST['title']);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title						
+	$titletrim = (filter_var($title, FILTER_SANITIZE_STRING));							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+    $first_name = trim($_POST['first_name']);
+// Strip HTML and apply escaping//	Is the first name present? If it is, trim it
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$first_nametrim = (filter_var($first_name, FILTER_SANITIZE_STRING));
+    $first_nametrim = (filter_var($first_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, trim it and sanitize it
+	$last_name = trim($_POST['last_name']);		
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 30)) {					
+	//Sanitize the trimmed last name						
+	$last_nametrim = (filter_var($last_name, FILTER_SANITIZE_STRING));	
+	$last_nametrim = (filter_var($last_nametrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}
+// Set the email alias as false and check for an email address:
+//$e = FALSE;	                                                                #1								
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = trim($_POST['password1']);	
+if (empty($password1trim)){   //                                             #7
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password1trim)) {  //                        #8
+$errors[] = 'Invalid password,8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+$password2trim = trim($_POST['password2']);	
+if($password1trim === $password2trim) { //                                 #9
+$password = $password1trim;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+}
+//Is the 1st address present? If it is, trim it and sanitize it
+$address1trim = trim($_POST['address1']);		
+if ((!empty($address1trim)) && (preg_match('/[a-z\.\s\,\-]/i', $address1trim)) &&
+  (strlen($address1trim) <= 30)) {					
+	//Sanitize the trimmed 1st address						
+	$address1trim = (filter_var($address1trim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing address. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+//If the 2nd address is present? If it is, trim it and sanitize it          #10
+$address2trim = trim($_POST['address2']);		
+if ((!empty($address2trim)) && (preg_match('/[a-z\.\s\,\-]/i', $address2trim)) &&
+  (strlen($address2trim) <= 30)) {				
+	//Sanitize the trimmed 2nd address						
+	$address2trim = (filter_var($address2trim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, trim it and sanitize it
+$citytrim = trim($_POST['city']);		
+if ((!empty($citytrim)) && (preg_match('/[a-z\.\s]/i', $citytrim)) &&
+  (strlen($citytrim) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = (filter_var($citytrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, trim it and sanitize it
+$state_countrytrim = trim($_POST['state_country']);		
+if ((!empty($state_countrytrim)) && (preg_match('/[a-z\.\s]/i', $state_countrytrim)) &&
+    (strlen($state_countrytrim) <= 30))	 {				
+	//Sanitize the trimmed state or country						
+	$state_countrytrim = (filter_var($state_countrytrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, trim it and sanitize it
+$zcode_pcodetrim = trim($_POST['zcode_pcode']);		
+if ((!empty($zcode_pcodetrim)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcodetrim)) &&
+    (strlen($citytrim) <= 30)) {						
+	//Sanitize the trimmed zcode_pcode						
+	$zcode_pcodetrim = (filter_var($zcode_pcodetrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the secret present? If it is, trim it and sanitize it
+$secrettrim = trim($_POST['secret']);		
+if ((!empty($secrettrim)) && (preg_match('/[a-z\.\s\,\-]/i', $secrettrim)) &&
+  (strlen($secrettrim) <= 30)) {					
+	//Sanitize the trimmed city						
+	$secrettrim = (filter_var($secrettrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+//Is the phone number present? If it is, trim it and sanitize it     
+$phonetrim = trim($_POST['phone']);		
+if ((!empty($phonetrim)) && (strlen($phonetrim) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phonetrim, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT user_id FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $e);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+	$query = "INSERT INTO users (user_id, title, first_name, last_name, email, password,"; 
+    $query .= "address1, address2, city, state_country, zcode_pcode, phone, secret, registration_date) ";
+    $query .= "VALUES ";
+	$query .= "(' ',?,?,?,?,?,?,?,?,?,?,?,?,NOW())"; 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'ssssssssssss', 
+	$titletrim, $first_nametrim, $last_nametrim, $emailtrim, $hashed_password, $address1trim, $address2trim, 
+	$citytrim, $state_countrytrim, $zcode_pcodetrim, $phonetrim, $secrettrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+	header ("location: register_thanks.php"); 					
+	} else {
+	echo 'Invalid query:' . $dbcon->error; 
+// change to generic message in production
+	}
+	}else{//The email address is already registered                         
+echo '<p class="error">The email address is already registered</p>';
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+echo '<h2>Error!</h2>
+<p class="error">The following error(s) occurred:<br>';
+foreach ($errors as $msg) { // Print each error.				
+echo " - $msg<br>\n";
+    }
+echo '</p><h3>Please try again.</h3><p><br></p>';
+    }// End of if (empty($errors)) IF.
+mysqli_close($dbcon);
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Registration | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Register Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Register Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Registration | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Register Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Register Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/register.php b/Ch11/Customcart/customcart/register.php
new file mode 100644
index 0000000..3ad26c6
--- /dev/null
+++ b/Ch11/Customcart/customcart/register.php
@@ -0,0 +1,210 @@
+<?php
+$menu = 8;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require("process_register.php"); }
+?>
+<form  action="register.php" method="post" onsubmit="return checked();">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2>Account Registration</h2>
+<h6>Items marked with an asterisk * are essential</h6>
+</div>
+</div>
+<div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	  value="<?php if (isset($_POST['title'])) echo $_POST['title']; ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	  value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	  value="<?php if (isset($_POST['address1'])) echo $_POST['address1']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	  value="<?php if (isset($_POST['address2'])) echo $_POST['address2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	  value="<?php if (isset($_POST['city'])) echo $_POST['city']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	  value="<?php if (isset($_POST['state_country'])) echo $_POST['state_country']; ?>">
+    </div>
+  </div>	
+<div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	  value="<?php if (isset($_POST['zcode_pcode'])) echo $_POST['zcode_pcode']; ?>">
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	  value="<?php if (isset($_POST['phone'])) echo $_POST['phone']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+      <label for="question" class="col-sm-4 col-form-label text-right">
+	  Secret Question*:</label>
+	  <div class="col-sm-8">
+      <select id="question" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Mother's Madien Name</option>
+	<option value="Nature">Pet's Name</option>
+	<option value="Abstract">High School</option>
+	<option value="Abstract">Favorite Vacation Spot</option>
+	</select>
+	</div>
+	</div>  
+	<div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Answer*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Secret Answer" maxlength="30" required
+	  value="<?php if (isset($_POST['secret'])) echo $_POST['secret']; ?>">
+    </div>
+  </div>
+ <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/register_thanks.php b/Ch11/Customcart/customcart/register_thanks.php
new file mode 100644
index 0000000..9576943
--- /dev/null
+++ b/Ch11/Customcart/customcart/register_thanks.php
@@ -0,0 +1,38 @@
+<?php
+$menu=9;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-14 text-center mx-auto" style="padding:20px; margin-top: 5px; color:white;">
+<h2>Thank you for registering</h2>
+<h6>You will now be able to login, search for, and view the paintings.</h6>
+<footer>
+<?php include("includes/footer.php"); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart/transparent.css b/Ch11/Customcart/customcart/transparent.css
new file mode 100644
index 0000000..a21422c
--- /dev/null
+++ b/Ch11/Customcart/customcart/transparent.css
@@ -0,0 +1,15 @@
+body { background:#68CE53; font-family:arial; font-size: 100%;
+}
+header {border:10px white solid;}
+#container {
+	margin:auto;
+}
+h2 { margin-top: 20px; }
+label { color: black; }
+#submit {margin: 0px; background:#559a55; border: 5px outset #559a55; width: 140px;}
+#includemenu {padding-top: 10px; padding-bottom: 10px; padding-right: 0px;}
+#includefooter {background:#68CE53; padding-top: 5px; padding-bottom: 5px; margin: 0px;}
+#includeheader {width:90%; height:auto; background:#95b522; margin-bottom: 0px; padding:0px;}
+#contents {background-color:transparent ;margin-top: -17px; border:10px white solid; color: white; width: 90%; }
+#buttons {background:#559a55; border: 5px outset #559a55;}
+
diff --git a/Ch11/Customcart/customcart/users_search_page.php b/Ch11/Customcart/customcart/users_search_page.php
new file mode 100644
index 0000000..6282630
--- /dev/null
+++ b/Ch11/Customcart/customcart/users_search_page.php
@@ -0,0 +1,105 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+$menu=7;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 20px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-6 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+	<form  action="found_pics_cart.php" method="post">
+<div class="form-group row">
+    <div class="col-sm-10 text-left" style="padding: 20px; padding-left: 30px;">
+	<h3>Welcome to the Dove Gallery</h3>
+	<h6 style="color: black;"><b>All prices include frames, sales tax, delivery and insurance</b></h6>
+	<h2 class="text-center">Search for a painting</h2>
+	</div>
+    <div class="col-sm-6">
+	
+</div>
+</div>
+	  <div class="form-group row">
+      <label for="type" class="col-sm-3 col-form-label text-right">Type:</label>
+	  <div class="col-sm-6">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="still-life">Still Life</option>
+	<option value="nature">Nature</option>
+	<option value="abstract">Abstract</option>
+</select>
+</div>
+
+</div>
+ <div class="form-group row">
+      <label for="price" class="col-sm-3 col-form-label text-right">Maximum Price:</label>
+	  <div class="col-sm-6">
+      <select id="price" name="price" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="40">&pound;40</option>
+	<option value="80">&pound;80</option>
+	<option value="800">&pound;800</option>
+</select>
+</div>
+</div>
+	 <div class="form-group row">
+
+  <label class="col-sm-3 col-form-label"></label>
+  <div class="col-sm-6">
+<input id="submit" class="btn btn-primary" 
+ type="submit" name="submit" value="Submit">
+</div>
+
+</div>
+
+
+</form><!--End of the add a painting content-->
+<!-- Right-side Column Content Section -->
+
+	</div>
+	<div class="col-sm-3 text-center" style="padding:0px; margin-top: 5px;">
+	 
+<img alt="Copper Kettle by James Kessell" class="img-fluid float-left" 
+style="margin-top: 20px;" src="images/k-copper-kettle-300.jpg"> 
+
+</div>
+	<aside class="col-sm-3" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
+
diff --git a/Ch11/Customcart/customcart/verify.js b/Ch11/Customcart/customcart/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch11/Customcart/customcart/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/customcart52818.zip b/Ch11/Customcart/customcart52818.zip
new file mode 100644
index 0000000..c0e2d56
Binary files /dev/null and b/Ch11/Customcart/customcart52818.zip differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/added.php b/Ch11/Customcart/customcartnew/customcartnew/added.php
new file mode 100644
index 0000000..bbec459
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/added.php
@@ -0,0 +1,100 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+$menu = 2;
+?>
+ <!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Added to Cart</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px;margin-top: -17px; width: 90%; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<div id="content"><!--Start of added page-->
+<p>
+<?php
+if ( isset( $_GET['id'] ) ) { $id = $_GET['id'] ; }
+// Connect to the database
+try {
+require ( 'mysqli_connect.php' ) ;
+// Get selected painting data from the  'art' table 
+        $query = "SELECT * FROM art ";
+		$query .= "WHERE art_id = ? ";		
+		$q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "i", $id); 
+       // execute query 
+        mysqli_stmt_execute($q);
+       $result = mysqli_stmt_get_result($q);
+       $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+       if (mysqli_num_rows($result) == 1) {
+ // If the cart already contains one of those products
+  if ( isset( $_SESSION['cart'][$id] ) )
+  { 
+    // Add another one of those paintings
+    $_SESSION['cart'][$id]['quantity']++; 
+    echo '<h3>Another one of those paintings has been added to your cart</h3>';
+  } 
+  else
+  {
+    // Add a different painting
+    $_SESSION['cart'][$id]= array ( 'quantity' => 1, 'price' => $row['price'] ) ;
+    echo '<h3>A painting has been added to your cart</h3>' ;
+  }
+}
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Added  | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Added Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Added Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Added | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Added Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Added Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+// Close the database connection
+mysqli_close($dbcon);
+// Insert three lnks
+echo '<p><a href="users_search_page.php">Continue Shopping</a> | <a href="checkout.php">Checkout</a></p>' ;
+?>
+<footer>
+<?php include("includes/footer.php"); ?>
+</footer>
+</div>
+</div><!--End of confirmation page content-->
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/admin_add_artist.php b/Ch11/Customcart/customcartnew/customcartnew/admin_add_artist.php
new file mode 100644
index 0000000..53f70bd
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/admin_add_artist.php
@@ -0,0 +1,106 @@
+<?php                                                                                     
+session_start();
+// Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 3;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section --> 
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// Confirm that form has been submitted
+// Has the form has been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require("process_admin_artist.php");
+}
+?>
+<form  action="admin_page.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add an Artist</h2>
+<h5>If the artist uses only one name (e.g., Picasso) enter it as the last name</h5> 
+</div>
+</div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">Artist's First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="Artist's First Name" maxlength="30"
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="middle_name" class="col-sm-4 col-form-label text-right">Artist's Middle Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="middle_name" name="middle_name" 
+	  placeholder="Artist's Middle Name" maxlength="30"
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" title="Alphabetic, period and space only max of 30 characters"
+	  value="<?php if (isset($_POST['middle_name'])) echo $_POST['middle_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Artist's Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Artist's Last Name" maxlength="30" required
+	   pattern="[a-zA-Z][a-zA-Z\s\']*" title="Alphabetic, quote and space only max of 30 characters"
+	  value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+ type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/admin_add_painting.php b/Ch11/Customcart/customcartnew/customcartnew/admin_add_painting.php
new file mode 100644
index 0000000..291066d
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/admin_add_painting.php
@@ -0,0 +1,145 @@
+<?php                                                                                     
+session_start();
+ //Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 1;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Add a Painting</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require('process_add_painting.php'); }
+?>
+<form  action="admin_add_painting.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add a Painting</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="thumb" class="col-sm-4 col-form-label text-right">Thumbnail:</label>
+    <div class="col-sm-8">
+      <input type="url" class="form-control" id="thumb" name="thumb" 
+	  placeholder="Thumbnail Address" maxlength="50" required
+	  value="<?php if (isset($_POST['thumb'])) echo $_POST['thumb']; ?>" >
+    </div>
+  </div>
+     <div class="form-group row">
+      <label for="type" class="col-sm-4 col-form-label text-right">Type:</label>
+	  <div class="col-sm-8">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Still Life</option>
+	<option value="Nature">Nature</option>
+	<option value="Abstract">Abstract</option>
+	</select>
+	</div>
+	</div>
+	  <div class="form-group row">
+      <label for="medium" class="col-sm-4 col-form-label text-right">Medium:</label>
+	  <div class="col-sm-8">
+      <select id="medium" name="medium" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Oil-painting">Oil Painting</option>
+	<option value="Colored-etching">Colored Etching</option>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+      <label for="artist" class="col-sm-4 col-form-label text-right">Artist:</label>
+	  <div class="col-sm-8">
+      <select id="artist" name="artist" class="form-control">
+        <option selected value="">- Select -</option>
+		<?php
+require ('mysqli_connect.php'); // Connect to the database
+		$q = "SELECT first_name, middle_name, last_name FROM artists";		
+		$result = mysqli_query ($dbcon, $q); // Run the query.
+        while ($row = mysqli_fetch_assoc($result)) {
+			$value = $row['first_name'] . "-" . $row['middle_name'] . "-" . $row['last_name'];
+		    $display = $row['first_name'] . " " . $row['middle_name'] . " " . $row['last_name'];
+            echo "<option value='$value'>$display</option>";
+        }	
+		?>
+</select></div></div>
+<div class="form-group row">
+    <label for="mini_descr" class="col-sm-4 col-form-label text-right">Brief Description:</label>
+	<div class="col-sm-8">
+    <textarea class="form-control" id="mini_descr" name="mini_descr" rows="3" 
+	maxlength="150" required></textarea>
+  </div>
+  </div>
+  <div class="form-group row">
+    <label for="price" class="col-sm-4 col-form-label text-right">Price:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="price" name="price" 
+	  placeholder="Price" maxlength="10" required
+	  value="<?php if (isset($_POST['price'])) echo $_POST['price']; ?>" >
+	  Figures only, no &pound;s, $s or commas
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="g-recaptcha" style="padding-left: 50px;" 
+  data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" 
+	id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/admin_page.php b/Ch11/Customcart/customcartnew/customcartnew/admin_page.php
new file mode 100644
index 0000000..3adff80
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/admin_page.php
@@ -0,0 +1,147 @@
+<?php                                                                                     
+session_start();
+ //Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 1;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Add a Painting</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require('process_add_painting.php'); }
+?>
+<form  action="admin_add_painting.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add a Painting</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="thumb" class="col-sm-4 col-form-label text-right">Thumbnail:</label>
+    <div class="col-sm-8">
+      <input type="url" class="form-control" id="thumb" name="thumb" 
+	  placeholder="Thumbnail Address" maxlength="50" required
+	  value="<?php if (isset($_POST['thumb'])) echo $_POST['thumb']; ?>" >
+    </div>
+  </div>
+     <div class="form-group row">
+      <label for="type" class="col-sm-4 col-form-label text-right">Type:</label>
+	  <div class="col-sm-8">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Still Life</option>
+	<option value="Nature">Nature</option>
+	<option value="Abstract">Abstract</option>
+	</select>
+	</div>
+	</div>
+	  <div class="form-group row">
+      <label for="medium" class="col-sm-4 col-form-label text-right">Medium:</label>
+	  <div class="col-sm-8">
+      <select id="medium" name="medium" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Oil-painting">Oil Painting</option>
+	<option value="Colored-etching">Colored Etching</option>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+      <label for="artist" class="col-sm-4 col-form-label text-right">Artist:</label>
+	  <div class="col-sm-8">
+      <select id="artist" name="artist" class="form-control">
+        <option selected value="">- Select -</option>
+		<?php
+require ('mysqli_connect.php'); // Connect to the database
+		$q = "SELECT first_name, middle_name, last_name FROM artists";		
+		$result = mysqli_query ($dbcon, $q); // Run the query.
+        while ($row = mysqli_fetch_assoc($result)) {
+			$value = $row['first_name'] . "-" . $row['middle_name'] . "-" . $row['last_name'];
+		    $display = $row['first_name'] . " " . $row['middle_name'] . " " . $row['last_name'];
+            echo "<option value='$value'>$display</option>";
+        }	
+		?>
+</select></div></div>
+<div class="form-group row">
+    <label for="mini_descr" class="col-sm-4 col-form-label text-right">Brief Description:</label>
+	<div class="col-sm-8">
+    <textarea class="form-control" id="mini_descr" name="mini_descr" rows="3" 
+	maxlength="150" required></textarea>
+  </div>
+  </div>
+  <div class="form-group row">
+    <label for="price" class="col-sm-4 col-form-label text-right">Price:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="price" name="price" 
+	  placeholder="Price" maxlength="10" required
+	  value="<?php if (isset($_POST['price'])) echo $_POST['price']; ?>" >
+	  Figures only, no &pound;s, $s or commas
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="g-recaptcha" style="padding-left: 50px;" 
+  data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" 
+	id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/cart.php b/Ch11/Customcart/customcartnew/customcartnew/cart.php
new file mode 100644
index 0000000..dd03ed0
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/cart.php
@@ -0,0 +1,59 @@
+<?php                                                                                     
+session_start();
+//Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+}
+$menu = 2;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>View Cart</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of view cart content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+//if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
+	require("process_cart.php");
+//}
+?>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/checkout.php b/Ch11/Customcart/customcartnew/customcartnew/checkout.php
new file mode 100644
index 0000000..d85c6c9
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/checkout.php
@@ -0,0 +1,63 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+$menu=10;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<?php
+require("process_checkout.php");
+?>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+
+	<div class="row">
+    <div class="col-sm-2"></div>
+    <div class="col-sm-6">
+<h2>Thank you for your order. Your order number is 
+<?php echo date('YmdHis') . $_SESSION['user_id']; ?>.</h2>
+<h6>The shopping cart has been emptied ready for your next 
+transaction.</h6>
+</div>
+<div class="col-sm-4">
+	<nav>
+	<?php include('includes/menu.php'); ?>
+	</nav>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/customdb.sql b/Ch11/Customcart/customcartnew/customcartnew/customdb.sql
new file mode 100644
index 0000000..f464c3d
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/customdb.sql
@@ -0,0 +1,273 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: May 28, 2018 at 08:36 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `customdb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `art`
+--
+
+CREATE TABLE `art` (
+  `art_id` int(8) UNSIGNED NOT NULL,
+  `thumb` varchar(50) NOT NULL,
+  `type` varchar(50) NOT NULL,
+  `price` decimal(6,2) UNSIGNED NOT NULL,
+  `medium` varchar(50) NOT NULL,
+  `artist` varchar(50) NOT NULL,
+  `mini_descr` varchar(150) NOT NULL,
+  `ppcode` text NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `art`
+--
+
+INSERT INTO `art` (`art_id`, `thumb`, `type`, `price`, `medium`, `artist`, `mini_descr`, `ppcode`) VALUES
+(1, '\"images/aw-brown-vessel-thumb.jpg\"', 'Still-life', '60.00', 'Oil-painting', 'Adrian-W-West', 'First exhibited in Coventry City Art Gallery 1968. Painted on durable tempered hardboard.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(2, '\"images/k-copper-kettle-thumb.jpg\"', 'Still-life', '750.00', 'Oil-painting', 'James-Kessell', 'James Kessell (RA and RABA) painted this on tempered hard board for an appreciative audience. It was exhibited at the Birmingham Art Gallery in 1967.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(3, '\"images/aw-white-jug-thumb.jpg\"', 'Still-life', '70.00', 'Oil-painting', 'Adrian-W-West', 'Painted on tempered hardboard in 1968 and exhibited first at Coventry City Art Gallery in the same year.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(4, '\"images/rsb-beer-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Looking back at Beer beach, South East Devon. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(5, '\"images/rsb-blue-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Roger produces excellent etchings of Devon\'s native butterflies. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(6, '\"images/rsb-fritillary-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'The silver washed fritillary is a less common Devon butterfly.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(7, '\"images/rsb-lyme-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Lyme Regis is a popular Devon seaside resort with a spectacular sea wall called the Cobb.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(22, '\"images/rsb-lyme-thumb.jpg\"', 'Landscape', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Lyme Regis is a popular Devon seaside resort with a spectacular sea wall called the Cobb.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(23, '\"images/k-abstract-squares-thumb.jpg\"', 'Abstract', '800.00', 'Oil-painting', 'James-Kessell', 'Composition of squares and circles in tasteful pastel colors. Painted on high quality tempered board.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(21, '\"images/rsb-beer-thumb.jpg\"', 'Landscape', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Looking back at Beer beach, South East Devon. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `artists`
+--
+
+CREATE TABLE `artists` (
+  `artist_id` int(8) UNSIGNED NOT NULL,
+  `first_name` varchar(30) DEFAULT NULL,
+  `middle_name` varchar(30) DEFAULT NULL,
+  `last_name` varchar(30) NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `artists`
+--
+
+INSERT INTO `artists` (`artist_id`, `first_name`, `middle_name`, `last_name`) VALUES
+(1, 'Adrian', 'W', 'West'),
+(2, 'Roger', 'St.', 'Barbe'),
+(3, 'James', '', 'Kessell'),
+(4, 'Charlie', 'S', 'Farnsbarns');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `orders`
+--
+
+CREATE TABLE `orders` (
+  `order_id` int(8) UNSIGNED NOT NULL,
+  `buyer_id` int(8) UNSIGNED NOT NULL,
+  `total_price` decimal(7,2) NOT NULL,
+  `order_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_contents`
+--
+
+CREATE TABLE `order_contents` (
+  `content_id` int(10) UNSIGNED NOT NULL,
+  `order_id` int(10) UNSIGNED NOT NULL,
+  `art_id` int(10) UNSIGNED NOT NULL,
+  `quantity` int(10) UNSIGNED NOT NULL DEFAULT '1',
+  `price` decimal(4,2) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Dumping data for table `order_contents`
+--
+
+INSERT INTO `order_contents` (`content_id`, `order_id`, `art_id`, `quantity`, `price`) VALUES
+(1, 2, 4, 1, '17.99'),
+(2, 3, 4, 1, '17.99'),
+(3, 4, 2, 1, '14.99'),
+(4, 5, 3, 1, '16.99'),
+(5, 6, 1, 1, '19.99'),
+(6, 7, 1, 1, '60.00'),
+(7, 8, 2, 1, '99.99'),
+(8, 15, 1, 1, '60.00'),
+(9, 16, 1, 1, '60.00');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_details`
+--
+
+CREATE TABLE `order_details` (
+  `ord_details_id` int(8) UNSIGNED NOT NULL,
+  `order_id` int(8) UNSIGNED NOT NULL,
+  `art_id` int(8) UNSIGNED NOT NULL,
+  `dispatch_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `user_id` mediumint(6) UNSIGNED NOT NULL,
+  `title` tinytext,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `address1` varchar(50) NOT NULL,
+  `address2` varchar(50) DEFAULT NULL,
+  `city` varchar(50) NOT NULL,
+  `state_country` char(25) NOT NULL,
+  `zcode_pcode` char(10) NOT NULL,
+  `phone` char(15) DEFAULT NULL,
+  `secret` varchar(30) NOT NULL,
+  `user_level` int(1) NOT NULL DEFAULT '0'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`user_id`, `title`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `address1`, `address2`, `city`, `state_country`, `zcode_pcode`, `phone`, `secret`, `user_level`) VALUES
+(1, 'Mr', 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$UiiBhmXca.0/bwopveFq8uInuX.EVrecinUQYQG546WjAWwZLJNoe', '2017-12-06 08:43:41', '4 The Street', 'The Village', 'Townsville', 'USA', 'WA', '0123777888', '', 0),
+(2, 'Mr', 'Jack', 'Smith', 'jsmith@outcook.com', '44fc2837cca3d8994cba9d02d94a15c1fe7b1d66', '2017-12-06 08:47:24', '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(4, 'Ms', 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$5KM8jy5MwHIgfVchsdfE8OvuF1cT2VYqU6mte2CWBw1HjmEv3r.ES', '2017-12-06 12:20:33', '6 The Street', '', 'Townsville', 'UK', 'EX9 9PG', '01234777888', '', 0),
+(5, 'Mr', 'Patrick', 'O\'Hara', 'pohara@myisp.org.uk', '$2y$10$0nmGDVmHdWusgFJRmVZADeL43Y7HCPViBrHj/Z2betxiMdMx5Y2sC', '2017-12-06 12:27:32', '5 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(6, 'Mr', 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$KCQhEftEJouWPfuOOVoRVOECY/oJTluxHRr85fWlz6nsfN4OHtCie', '2017-12-06 17:02:16', '6 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PS', '', '', 0),
+(7, 'Miss', 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$IrQE3TTkWzNm93FP/VYf.O/yMWDJDpIn/.qjrmvN.I97fvakynuza', '2017-12-06 17:11:44', '7 The Street', 'The Village', 'Townsville', 'UK', 'EXP 6PG', '01234777888', '', 0),
+(8, 'Mrs', 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$R2auBMKMe/Qw2fFr8D.S8eUEENUz8r.YUth5NHAyskNYupUzBen5O', '2017-12-06 17:18:30', '7 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(9, 'Mrs', 'Annie', 'Mossity', 'amossity@myisp.org.uk', '$2y$10$amqmyEfaOfiZ0MkIzdO90uZMPw4Mi/4RR70nNd0nxaZSOlxlr.8DC', '2017-12-06 17:24:42', '4 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', '', 0),
+(10, 'Mr', 'Percy', 'Veer', 'pveer@myisp.com', '$2y$10$Wvdx/YO4cCcOQvyMVVtapO3F/eiz2Ow3yU9VcczGMC.dcgwbgIXMS', '2017-12-06 17:28:53', '7 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PG', '01234777888', '', 0),
+(11, 'Mr', 'Darrel', 'Doo', 'ddoo@myisp.co.uk', '$2y$10$cTmJVcuUmTpCOIdQJ8MG3uwLmG7M7V3iE8zPXiNW2PQEdDQZMBftO', '2017-12-06 17:39:30', '5 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(12, 'Mr', 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$YUYnU8UvOF/WUJ5h4VK4Qe.I48ZcAbedjPiDekKHlODduqGdJoI9i', '2017-12-06 18:02:04', '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '01234777888', '', 0),
+(13, 'Mrs', 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$k9sMvE001164jjzJLs.OpOmb9LtluUEbR4GQ4RT5/rvSPNIqbL6gC', '2017-12-07 17:39:34', '6 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '', 0),
+(14, 'Mr', 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$TOr.IZq/joHIKSk0Oo.jE.yWau48sUSgtC5TzKJ0sl0AoO2Bsk3lW', '2017-12-08 12:16:58', '5 The Street', '', 'Townsville', 'UK', 'EX7 9PG', '01234777888', '', 0),
+(16, 'Miss', 'Lynn', 'Seed', 'lseed@myisp.com', '$2y$10$nEs3Zhh4V5ZznpcPzGs9gOWupjY2NgV87DPpLu2DjqsdyBNRjf4/C', '2017-12-16 20:03:16', '6 The Street', '', 'Townsville', 'UK', 'EX24 6PG', '01234777888', '', 0),
+(17, 'Mr', 'Barry', 'Tone', 'btone@myisp.net', '$2y$10$w4zMq7ij7NmVDeBBKDSmbu963EwchZwAHPZmgZmTQAQ8Gha2jTD5W', '2017-12-16 20:16:40', '2 The Street', '', 'Townsville', 'USA', 'CA12345', '', '', 0),
+(30, 'Mr', 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$lePdxFz7ZKn/bJ41BS0h/ehWyIL2ZgK123iPQJahNCaRjgxVY3Rfq', '2017-12-29 11:28:43', '2 The Street', 'The Village', 'Townsville', 'Germany', 'BL1234', '', '', 0),
+(31, 'Miss', 'Dee', 'Jected', 'djected@myisp.org.uk', '$2y$10$ujpV7w4blsTdQFWOsE1fiOFYtj9zN4w0WcK5V4WJ60Pc5HWodWlGC', '2017-12-29 11:48:04', '3 The Street', 'The Village', 'Townsville', 'UK', 'EX3 1TH', '', '', 0),
+(32, 'Mr', 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$Yu.c/cw/TSFa9vcMBGAfAe5vzyOwp3SZarBVc/9vEksfp.F8BzSiW', '2017-12-29 11:58:51', '2 The Street', '', 'Townsville', 'UK', 'EX24 6PS', '01234777888', '', 0),
+(40, NULL, 'Stuff', 'Stuff', 'stuff@stuff.com', '$2y$10$5D9RsKOqA/hr/Z.7ko/.M.ngQSqWDzOfnu7OhUnBLzxXwKVxHk6YW', '2018-05-25 16:52:54', '121 sd', NULL, 'fh', 'dj', '33333', '1233333333', 'dfd', 1),
+(41, NULL, 'xx', 'xx', 'ccc@ccc.com', '$2y$10$dxTlEJ82C3g99CUmSuUWbOFyg8CT42jFhz.cgHqrkMhqxyIajbgKi', '2018-05-27 10:00:33', '44 as', NULL, 'kl', 'kl', '33333', NULL, 'fred', 0),
+(42, NULL, 'Mx', 'asaa', 'mmm@mmm.com', '$2y$10$7iVu8Thd3ZEBTu0.aRtud.6qNtplrJ/jembAUcfEFwczEN42PkFii', '2018-05-27 10:02:28', '123 as', NULL, 'kw', 'fl', '33333', NULL, 'fred', 0);
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `art`
+--
+ALTER TABLE `art`
+  ADD PRIMARY KEY (`art_id`),
+  ADD KEY `art_name` (`thumb`,`price`);
+
+--
+-- Indexes for table `artists`
+--
+ALTER TABLE `artists`
+  ADD PRIMARY KEY (`artist_id`);
+
+--
+-- Indexes for table `orders`
+--
+ALTER TABLE `orders`
+  ADD PRIMARY KEY (`order_id`),
+  ADD KEY `buyer_id` (`buyer_id`,`order_date`);
+
+--
+-- Indexes for table `order_contents`
+--
+ALTER TABLE `order_contents`
+  ADD PRIMARY KEY (`content_id`);
+
+--
+-- Indexes for table `order_details`
+--
+ALTER TABLE `order_details`
+  ADD PRIMARY KEY (`ord_details_id`),
+  ADD KEY `order_id` (`order_id`,`art_id`,`dispatch_date`);
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`user_id`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `art`
+--
+ALTER TABLE `art`
+  MODIFY `art_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=31;
+
+--
+-- AUTO_INCREMENT for table `artists`
+--
+ALTER TABLE `artists`
+  MODIFY `artist_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=50;
+
+--
+-- AUTO_INCREMENT for table `orders`
+--
+ALTER TABLE `orders`
+  MODIFY `order_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT for table `order_contents`
+--
+ALTER TABLE `order_contents`
+  MODIFY `content_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=10;
+
+--
+-- AUTO_INCREMENT for table `order_details`
+--
+ALTER TABLE `order_details`
+  MODIFY `ord_details_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `user_id` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=43;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch11/Customcart/customcartnew/customcartnew/forgot.php b/Ch11/Customcart/customcartnew/customcartnew/forgot.php
new file mode 100644
index 0000000..28cff5d
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/forgot.php
@@ -0,0 +1,97 @@
+<?php
+$menu = 5;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Forgot Password</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query for forgot password
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	require("process_forgot.php");
+}
+?>
+<form  action="forgot.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Forgot Your Password?</h2>
+<h6>When you apply, you will receive your new password in an email. Read that 
+email as soon as possible. Don't delay! For 
+maximum security, immediately login with your new password. Then change the 
+password as quickly as possible.</h6>  
+</div>
+</div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">Your email address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="Email" maxlength="30" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Secret Answer:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  placeholder="Secret Question Answer" maxlength="30" required
+	  value="<?php if (isset($_POST['secret'])) echo $_POST['secret']; ?>" >
+	  If you don't know your secret answer, contact our service department.
+    </div>
+  </div>
+ <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="g-recaptcha" style="padding-left: 50px;" 
+  data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/found_pics_cart.php b/Ch11/Customcart/customcartnew/customcartnew/found_pics_cart.php
new file mode 100644
index 0000000..6068d58
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/found_pics_cart.php
@@ -0,0 +1,60 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+$menu = 2;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Paintings Found</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center mx-auto" 
+  style="color: black; padding:10px; margin-top: 5px;">
+	<!--Start of found paintings content-->
+<h3 style="color: white;">To buy a painting please click its Add to Cart link</h3>
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+$_SESSION['type'] = $_POST['type'];
+$_SESSION['price'] = $_POST['price'];
+require("process_found_pics.php");
+}
+?>
+<p style="color:white">No paintings displayed? Either we have nothing that matches 
+your requirements at the moment OR you may have forgotten to select 
+BOTH the search fields. Please click the Find Pictures button and try again.</p>
+</div>
+	</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div><!--End of content-->
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/L-looking-back-a-beer.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/L-looking-back-a-beer.jpg
new file mode 100644
index 0000000..bf6152f
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/L-looking-back-a-beer.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/L-silver-studded-blue.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/L-silver-studded-blue.jpg
new file mode 100644
index 0000000..c45da2f
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/L-silver-studded-blue.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/Thumbs.db b/Ch11/Customcart/customcartnew/customcartnew/images/Thumbs.db
new file mode 100644
index 0000000..faaaabf
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/Thumbs.db differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel-200.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel-200.jpg
new file mode 100644
index 0000000..df6dde2
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel-200.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel-thumb.jpg
new file mode 100644
index 0000000..26dcaa5
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel.jpg
new file mode 100644
index 0000000..8f62c17
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/aw-brown-vessel.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug-home.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug-home.jpg
new file mode 100644
index 0000000..8f92b65
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug-home.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug-thumb.jpg
new file mode 100644
index 0000000..426d3df
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug.jpg
new file mode 100644
index 0000000..d0d8f25
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/aw-white-jug.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/cart.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/cart.jpg
new file mode 100644
index 0000000..27213e0
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/cart.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/dove-1.png b/Ch11/Customcart/customcartnew/customcartnew/images/dove-1.png
new file mode 100644
index 0000000..69a4410
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/dove-1.png differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/green-grad-800.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/green-grad-800.jpg
new file mode 100644
index 0000000..696ad2b
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/green-grad-800.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/home.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/home.jpg
new file mode 100644
index 0000000..002c2c4
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/home.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-abstract-squares-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-abstract-squares-thumb.jpg
new file mode 100644
index 0000000..80362b7
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-abstract-squares-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-abstract-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-abstract-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-abstract-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-300.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-300.jpg
new file mode 100644
index 0000000..7bbaf16
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-300.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-home.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-home.jpg
new file mode 100644
index 0000000..957e09d
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-home.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-thumb.jpg
new file mode 100644
index 0000000..27ca9f7
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-copper-kettle-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-2.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-2.jpg
new file mode 100644
index 0000000..f22b330
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-2.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-3.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-3.jpg
new file mode 100644
index 0000000..7e92b77
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-3.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-stil-life-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/k-still-life-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/k-still-life-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/k-still-life-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-looking-back-a-beer.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-looking-back-a-beer.jpg
new file mode 100644
index 0000000..bf6152f
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-looking-back-a-beer.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-silver-studded-blue.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-silver-studded-blue.jpg
new file mode 100644
index 0000000..c45da2f
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-silver-studded-blue.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-silver-washed=fritillary.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-silver-washed=fritillary.jpg
new file mode 100644
index 0000000..9067c77
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/L-silver-washed=fritillary.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/Thumbs.db b/Ch11/Customcart/customcartnew/customcartnew/images/large files/Thumbs.db
new file mode 100644
index 0000000..b80fb46
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/Thumbs.db differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-brown-vessel-200.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-brown-vessel-200.jpg
new file mode 100644
index 0000000..df6dde2
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-brown-vessel-200.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-brown-vessel.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-brown-vessel.jpg
new file mode 100644
index 0000000..8f62c17
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-brown-vessel.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug-200.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug-200.jpg
new file mode 100644
index 0000000..87f6c8a
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug-200.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug-home.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug-home.jpg
new file mode 100644
index 0000000..35425ca
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug-home.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug.jpg
new file mode 100644
index 0000000..d0d8f25
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/aw-white-jug.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-copper-kettle-380.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-copper-kettle-380.jpg
new file mode 100644
index 0000000..e1c21f0
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-copper-kettle-380.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-2.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-2.jpg
new file mode 100644
index 0000000..f22b330
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-2.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-3.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-3.jpg
new file mode 100644
index 0000000..7e92b77
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-3.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-300.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-300.jpg
new file mode 100644
index 0000000..01bbc4f
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/large files/k-stil-life-300.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/prints.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/prints.jpg
new file mode 100644
index 0000000..01a7209
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/prints.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/rsb-beer-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/rsb-beer-thumb.jpg
new file mode 100644
index 0000000..196ca9c
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/rsb-beer-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/rsb-blue-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/rsb-blue-thumb.jpg
new file mode 100644
index 0000000..fe2b0c9
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/rsb-blue-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/rsb-fritillary-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/rsb-fritillary-thumb.jpg
new file mode 100644
index 0000000..1ea329f
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/rsb-fritillary-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/rsb-lyme-thumb.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/rsb-lyme-thumb.jpg
new file mode 100644
index 0000000..ddb1800
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/rsb-lyme-thumb.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/title.jpg b/Ch11/Customcart/customcartnew/customcartnew/images/title.jpg
new file mode 100644
index 0000000..5e38df9
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/title.jpg differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/images/unavailable.png b/Ch11/Customcart/customcartnew/customcartnew/images/unavailable.png
new file mode 100644
index 0000000..41374c4
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew/images/unavailable.png differ
diff --git a/Ch11/Customcart/customcartnew/customcartnew/includes/footer.php b/Ch11/Customcart/customcartnew/customcartnew/includes/footer.php
new file mode 100644
index 0000000..6f56f56
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/includes/footer.php
@@ -0,0 +1 @@
+<p class="h6 col-sm-12" style="color:black;">Footer goes here</p>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/includes/header.php b/Ch11/Customcart/customcartnew/customcartnew/includes/header.php
new file mode 100644
index 0000000..cc291fb
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/includes/header.php
@@ -0,0 +1,117 @@
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js"></script>
+  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js"></script>
+<div class="col-sm-2" >
+<img class="img-fluid" style="padding-top: 5px; height=200" src="images/dove-1.png" alt="dove"> 
+</div>
+<div class="col-sm-6" style="color :white; padding-top: 5%;">
+ <div class="h1 mb-2 font-bold text-left" >The Dove Gallery</div>
+ <p class='lead text-center'>Affordable Original Paintings</p>
+</div>
+
+<div class="col-sm-4" style="padding-top: 10px; padding-bottom: 10px;">
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu">
+    <span class="navbar-toggler-icon"></span>
+  </button>
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+     
+	<?php
+	 switch ($menu) {
+	case 1: //admin_add_painting.php
+	    ?>
+		 <li class="nav-item">
+         <a class="btn btn-primary" id="buttons" href="admin_page.php" role="button">Add Another</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="admin_add_artist.php" role="button">Add Artist</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="#" role="button">View Orders</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="#" role="button">New Password</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="Logout.php" role="button">Logout</a>
+		 </li>
+		<?php
+        break;	 	 
+    case 2: // added.php, cart.php, found_pics_cart.php
+	    ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="cart.php" role="button">View Cart</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="users_search_page.php" role="button">Find Paintings</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="Logout.php" role="button">Logout</a>
+		</li>
+		<?php
+        break;
+    case 3: //admin_page.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="admin_add_artist.php" role="button">Add Another</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="admin_page.php" role="button">Add Painting</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="#" role="button">View Orders</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="#" role="button">New Password</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="Logout.php" role="button">Logout</a>
+		</li>
+		<?php
+        break;
+    case 4: // index.php  case 5 - forgot.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="register.php" role="button">Register</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="Login.php" role="button">Login</a>
+		</li>
+		<?php
+        break;
+	case 7: // login.php user_search_page.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="register.php" role="button">Register</a>
+		</li>
+		<?php
+        break;
+	case 8: //; register.php
+        ?> 
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="register.php" role="button">Erase</a>
+		</li>
+		<?php
+        break;
+	case 9: //register_thanks.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="Login.php" role="button">Login</a>
+        </li>	
+		<?php
+        break;
+	case 10: //checkout.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="logout.php" role="button">Logout</a>
+        </li>	
+		<?php
+        break;
+}
+	?>
+	</ul>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/includes/menu.php b/Ch11/Customcart/customcartnew/customcartnew/includes/menu.php
new file mode 100644
index 0000000..5f44ec0
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/includes/menu.php
@@ -0,0 +1,27 @@
+
+
+
+<div style="padding-top: 10px; padding-bottom: 10px; padding-right: 15px;">
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<!--<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu1">
+    <span class="navbar-toggler-icon"></span>
+    </button> 
+    Not activating above code makes menu invisible for small devices
+    -->
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu1"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+      <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">About Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">FAQs</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">Contact Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="index.php" role="button">Home Page</a>
+	 </li>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/index.php b/Ch11/Customcart/customcartnew/customcartnew/index.php
new file mode 100644
index 0000000..dd8e55e
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/index.php
@@ -0,0 +1,64 @@
+<?php
+$menu = 4;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+
+	<div class="row">
+    <div class="col-sm-2"></div>
+    <div class="col-sm-6">
+    <h2>Welcome to the Dove Gallery</h2>
+	<h5 style="color: black">To search the gallery, please register and log in</h5>
+	<p class="col-sm-12">
+<img alt="Brown Jug by Adrian West" class="img-fluid col-sm-3" src="images/aw-brown-vessel-200.jpg"> 
+<img alt="L-Silver washed blue" class="img-fluid col-sm-3" src="images/L-silver-studded-blue.jpg"> 
+<img alt="White Jug" class="img-fluid col-sm-3" src="images/aw-white-jug-home.jpg"> 
+</p>
+</div>
+<aside class="col-sm-4" id="includemenu" style="padding-right: 16px;">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+</div>
+<div class="row mx-auto">
+<div class="col-sm-2"></div>
+<div class="col-sm-6">
+<img alt="Copper kettle" class="img-fluid com-sm-3" src="images/k-copper-kettle-home.jpg"> 
+<img alt="Looking Back at Beer" class="img-fluid col-sm-3" src="images/L-looking-back-a-beer.jpg"> 
+</div>
+</div>
+</div>
+</div>
+<div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<div class="col-sm-12 text-center" style="padding:0px; margin-top: 5px;">
+<footer>
+<?php include ('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/login-files/login.php b/Ch11/Customcart/customcartnew/customcartnew/login-files/login.php
new file mode 100644
index 0000000..640deaf
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/login-files/login.php
@@ -0,0 +1,47 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Login page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="msgboard.css">
+<style type="text/css">
+h2 { color:navy; }
+/*#tab-navigation ul { margin-left:140px; }*/
+form { padding-left:260px; width:200px;}
+.label { width:120px; float:left; text-align:right;}
+form p { width:280px; }
+p.submit {margin-left:125px; }
+</style>
+</head>
+<body>
+<br>
+<div id='container'>
+<header>
+<?php include ( 'includes/header_login.php' ) ;?>
+</header>
+<?php
+// Display any error messages if present.
+if ( isset( $errors ) AND !empty( $errors ) )
+{
+ echo '<p id="err_msg">A problem occurred:<br>' ;
+ foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
+ echo 'Please try again or <a href="register-page.php">Register</a></p>' ;
+}
+?>
+<!-- Display the login form fields -->
+<h2>Login</h2>
+<form action="process_login.php" method="post">
+<p><label class="label" for="user_name">User Name:</label><input id="user_name" type="text" 
+name="user_name" size="16" maxlength="16" value="<?php if (isset($_POST['user_name']))
+echo $_POST['user_name']; ?>"></p>
+<p><label class="label" for="passcode">Password:</label><input id="passcode" 
+type="password" name="passcode" size="16" maxlength="16" value="<?php if
+(isset($_POST['passcode'])) echo $_POST['passcode']; ?>" ></p>
+<p class="submit"><input type="submit" value="Login" ></p>
+</form>
+<footer>
+<?php include ( 'includes/footer.php' ) ; ?>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/login-files/login_functions.php b/Ch11/Customcart/customcartnew/customcartnew/login-files/login_functions.php
new file mode 100644
index 0000000..7bc1283
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/login-files/login_functions.php
@@ -0,0 +1,48 @@
+<?php 
+// Function for loading the URL of pages
+function load( $page = 'login.php' )
+{
+  // The code for setting the page URL
+  $url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[ 'PHP_SELF' ] ) ;
+  // Trim the URL
+  $url = rtrim( $url, '/\\' ) ;
+  $url .= '/' . $page ;
+ //Redirect to the page and exit the script. 
+  header( "Location: $url" ) ; 
+  exit() ;
+}
+// Create a function to check user name and password 
+function validate( $dbcon, $user_name = '', $passcode = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the user name been entered?
+  if ( empty( $user_name ) ) 
+  { $errors[] = 'You forgot to enter your user name' ; 
+  } 
+  else  { $user_name = mysqli_real_escape_string( $dbcon, trim( $user_name ) ) ; 
+  }
+  // Has the password been entered
+  if ( empty( $passcode ) ) 
+  { $errors[] = 'Enter your password.' ; 
+  } 
+  else { $passcode = mysqli_real_escape_string( $dbcon, trim( $passcode ) ) ; 
+  }
+  $hp=password_hash($p, PASSWORD_BCRYPT);
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+    $q = "SELECT member_id, user_name FROM members WHERE user_name='$user_name' AND passcode='$hp')" ;  
+    $result = mysqli_query ( $dbcon, $q ) ;
+    if ( mysqli_num_rows( $result ) == 1 ) 
+    {
+      $row = mysqli_fetch_array ( $result, MYSQLI_ASSOC ) ;
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/login-files/process_login.php b/Ch11/Customcart/customcartnew/customcartnew/login-files/process_login.php
new file mode 100644
index 0000000..0b895d0
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/login-files/process_login.php
@@ -0,0 +1,27 @@
+<?php
+// Was the form submitted?
+if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
+{
+// Connect to the database .
+  require ( 'mysqli_connect.php' ) ;
+// Load the validation functions.
+  require ( 'login_functions.php' ) ;
+// Check the login data
+  list ( $check, $data ) = validate ( $dbcon, $_POST[ 'user_name' ], $_POST[ 'passcode' ] ) ;
+// If successful, set session data and display the forum.php page
+  if ( $check )  
+  {
+// Access the session details
+    session_start();
+    $_SESSION[ 'member_id' ] = $data[ 'member_id' ] ;
+    $_SESSION[ 'user_name' ] = $data[ 'user_name' ] ;
+    load ( 'forum.php' ) ;
+  }
+// If it fails, set the error messages
+  else { $errors = $data; } 
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// If it unsuccessful continue to display the login page
+include ( 'login.php' ) ;
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/login.php b/Ch11/Customcart/customcartnew/customcartnew/login.php
new file mode 100644
index 0000000..cd3f266
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/login.php
@@ -0,0 +1,100 @@
+<?php
+$menu = 7;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Login Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of login content-->
+<?php
+// Display any error messages if present.
+if ( isset( $errors ) && !empty( $errors ) )
+{
+ echo '<p id="err_msg">A problem occurred:<br>' ;
+ foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
+ echo 'Please try again or <a href="register-page.php">Register</a></p>' ;
+}
+?>
+<!-- Display the login form fields -->
+<form  action="process_login.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Login</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="30" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" >
+    </div>
+	</div>
+<div class="form-group row">
+    <label for="passcode" class="col-sm-4 col-form-label text-right">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="passcode" name="passcode" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['passcode'])) echo $_POST['passcode']; ?>" >
+    </div>
+	</div>
+	<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<div class="g-recaptcha" style="padding-left: 50px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+	</div>
+	</div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <a href="forgot.php">Forgot Password?</a>
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a login content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/login_functions.php b/Ch11/Customcart/customcartnew/customcartnew/login_functions.php
new file mode 100644
index 0000000..88ee47e
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/login_functions.php
@@ -0,0 +1,76 @@
+<?php 
+// Create a function to check user name and password 
+function validate( $dbcon, $email = '', $passcode = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the user name been entered?
+  if ( !empty( $email ) ) 
+  {  $user_name = trim( $email); 
+  }
+  if ( empty( $email ) ) 
+  { $errors[] = 'You forgot to enter your email' ; 
+  } 
+   
+  // Has the password been entered
+  if ( !empty( $passcode ) ) 
+  {  
+  $passcode = trim( $passcode ); 
+  }
+  if ( empty( $passcode ) ) 
+  { $errors[] = 'You forgot to enter your password.' ; 
+  } 
+  
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+	  
+	  try {
+ $query = "SELECT user_id, password, user_level FROM users WHERE email=?" ;  
+ 
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+if ((mysqli_num_rows($result) == 1) && 
+(password_verify($passcode, $row['password']))) {
+
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+	  }
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Login | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Login Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Login Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Login | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Login Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Login Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/login_toolss.php b/Ch11/Customcart/customcartnew/customcartnew/login_toolss.php
new file mode 100644
index 0000000..b634d7f
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/login_toolss.php
@@ -0,0 +1,47 @@
+<?php 
+// Function for loading the URL of pages
+function load( $page = 'login.php' )
+{
+  // The code for setting the page URL
+  $url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[ 'PHP_SELF' ] ) ;
+  // Trim the URL
+  $url = rtrim( $url, '/\\' ) ;
+  $url .= '/' . $page ;
+ //Redirect to the page and exit the script. 
+  header( "Location: $url" ) ; 
+  exit() ;
+}
+// Create a function to check email and password 
+function validate( $dbcon, $email = '', $p = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the email been entered?
+  if ( empty( $email ) ) 
+  { $errors[] = 'You forgot to enter your email' ; 
+  } 
+  else  { $email = mysqli_real_escape_string( $dbcon, trim( $email ) ) ; 
+  }
+  // Has the password been entered
+  if ( empty( $p ) ) 
+  { $errors[] = 'Enter your password.' ; 
+  } 
+  else { $p = mysqli_real_escape_string( $dbcon, trim( $p ) ) ; 
+  }
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+    $q = "SELECT user_id, email FROM users WHERE emai='$email' AND psword=SHA1('$p')" ;  
+    $result = mysqli_query ( $dbcon, $q ) ;
+    if ( @mysqli_num_rows( $result ) == 1 ) 
+    {
+      $row = mysqli_fetch_array ( $result, MYSQLI_ASSOC ) ;
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/logout.php b/Ch11/Customcart/customcartnew/customcartnew/logout.php
new file mode 100644
index 0000000..07c13b0
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/logout.php
@@ -0,0 +1,12 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+	$_SESSION = array(); // Destroy the variables
+	session_destroy(); // Destroy the session
+	setcookie('PHPSESSID', time()-3600,'/', 0, 0);//Destroy the cookie
+	header("location:index.php");
+	exit();
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/mysqli_connect.php b/Ch11/Customcart/customcartnew/customcartnew/mysqli_connect.php
new file mode 100644
index 0000000..26eb5ed
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/mysqli_connect.php
@@ -0,0 +1,12 @@
+<?php 
+// Create a connection to the migrate database and to MySQL
+// Set the encoding to utf-8
+// Set the database access details as constants
+DEFINE ('DB_USER', 'turing');
+DEFINE ('DB_PASSWORD', 'En1gm3');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'customdb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
diff --git a/Ch11/Customcart/customcartnew/customcartnew/process_add_painting.php b/Ch11/Customcart/customcartnew/customcartnew/process_add_painting.php
new file mode 100644
index 0000000..3759c03
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/process_add_painting.php
@@ -0,0 +1,124 @@
+<?php
+	$errors = array(); // Start an array to contain the error messages 
+// Check if a thumbnail url has been entered
+    $thumbtrim = trim($_POST['thumb']);
+	if ((!empty($thumbtrim)) && (filter_var($thumbtrim, FILTER_VALIDATE_URL))
+		&& (strlen($thumbtrim) <= 50)) {
+		// $thumb = $thumbtrim;
+	}
+	  else
+	  {
+        $errors[] = 'Missing thumbnail url or wrong format. Max 50.';
+	} 
+// Check for a type
+   $typetrim = trim($_POST['type']);
+   if ((!empty($typetrim)) && (preg_match('/[a-z\-\s\.]/i',$typetrim)) &&
+		(strlen($typetrim) <= 50)) {					
+	//Sanitize the trimmed type						
+	$typetrim = (filter_var($typetrim, FILTER_SANITIZE_STRING));	
+	$typetrim = (filter_var($typetrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Type missing or not alphabetic, dash, period or space. Max 50.';
+	}
+// Has a price been entered?
+$pricetrim = trim($_POST['price']);		
+if ((!empty($pricetrim)) && (strlen($pricetrim) <= 10)) {					
+	//Sanitize the trimmed price					
+	$pricetrim = (filter_var($pricetrim, FILTER_SANITIZE_NUMBER_INT));
+    $pricetrim = preg_replace('/\D+/', '', ($pricetrim));	
+	}else{	
+	$errors[] = 'Price missing. Must be Numberic. Max ######.##.';
+	}
+// Has the medium been entered?
+ $mediumtrim = trim($_POST['medium']);
+   if ((!empty($mediumtrim)) && (preg_match('/[a-z\-\s\.]/i',$mediumtrim)) &&
+		(strlen($mediumtrim) <= 50)) {					
+	//Sanitize the trimmed medium						
+	$mediumtrim = (filter_var($mediumtrim, FILTER_SANITIZE_STRING));	
+	$mediumtrim = (filter_var($mediumtrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Medium missing or not alphabetic, dash, period or space. Max 50.';
+	}
+	// Has the artist been entered?
+	$artisttrim = trim($_POST['artist']);
+   if ((!empty($artisttrim)) && (preg_match('/[a-z\-\s\.]/i',$artisttrim)) &&
+		(strlen($artisttrim) <= 50)) {					
+	//Sanitize the trimmed artist						
+	$artisttrim = (filter_var($artisttrim, FILTER_SANITIZE_STRING));	
+	$artisttrim = (filter_var($artisttrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Artist missing or not alphabetic, dash, period or space. Max 50.';
+	}
+// Has a brief description been entered?
+   	$minitrim = trim($_POST['mini_descr']);
+    if ((!empty($minitrim)) && (preg_match('/[a-z\-\s\.]/i',$minitrim)) &&
+		(strlen($minitrim) <= 150)) {					
+	//Sanitize the trimmed artist						
+	$artisttrim = (filter_var($minitrim, FILTER_SANITIZE_STRING));	
+	$artisttrim = (filter_var($minitrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Description missing or not alphabetic, dash, period or space. Max 50.';
+	}
+	 // Has the PPcode been entered?
+	// $ppcodetrim = trim($_POST['ppcode']);
+    // if ((!empty($ppcodetrim)) && (strlen($ppcodetrim) <= 45)) {					
+	//Sanitize the trimmed artist						
+	//$ppcodetrim = (filter_var($minitrim, FILTER_SANITIZE_STRING));			
+	//}else{	
+	//$errors[] = 'PayPal Code missing or not alphabetic, dash, period or space. Max 50.';
+	//}
+if (empty($errors)) { // If no errors were encountered
+	// Register the painting in the database
+try {
+		require ('mysqli_connect.php'); // Connect to the database
+		// Make the query:'
+		
+	$query = "INSERT INTO art (art_id, thumb, type, medium, artist, mini_descr, price)"; 
+    $query .= "VALUES ";
+	$query .= "(' ', ?,?,?,?,?,?)"; 
+    $q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 'ssssss', $thumbtrim, $typetrim, $mediumtrim, $artisttrim, $minitrim, $pricetrim );
+    // execute query
+    mysqli_stmt_execute($q);
+    if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2>The painting was successfully registered</h2><br>';
+		} else { // If it was not registered
+		// Error message:
+			echo '<h2>System Error</h2>
+			<p class="error">The painting could not be added due to a system error. We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Add Painting | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Add Painting Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Add Painting Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Add Painting | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Add Painting Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Add Painting Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+	} else { // Display the errors.
+		echo '<h2>Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Print each error.
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h3>Please try again.</h3><p><br></p>';
+		}// End of if (empty($errors))
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/process_admin_page.php b/Ch11/Customcart/customcartnew/customcartnew/process_admin_page.php
new file mode 100644
index 0000000..9e83197
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/process_admin_page.php
@@ -0,0 +1,91 @@
+<?php
+	$errors = array(); // Set an error array.
+// Has an artist's first name been entered?
+// Trim the first name
+    $first_name = trim($_POST['first_name']);
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$first_nametrim = (filter_var($first_name, FILTER_SANITIZE_STRING));
+    $first_nametrim = (filter_var($first_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$first_nametrim = NULL;
+	}
+// Has an artist's middle name been entered?
+    $middle_name = trim($_POST['middle_name']);
+// Strip HTML and apply escaping Is the middle name present? If it is, trim it
+if ((!empty($middle_name)) && (preg_match('/[a-z\s\.]/i',$middle_name)) &&
+		(strlen($middle_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$middle_nametrim = (filter_var($middle_name, FILTER_SANITIZE_STRING));
+    $middle_nametrim = (filter_var($middle_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$middle_nametrim = NULL;
+	}
+// Has the artist's last name been entered?
+    $last_name = trim($_POST['last_name']);
+// Strip HTML and apply escaping Is the last name present? If it is, trim it
+if ((!empty($last_name)) && (preg_match('/[a-z\s]/i',$last_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$last_nametrim = (filter_var($last_name, FILTER_SANITIZE_STRING));
+    $last_nametrim = (filter_var($last_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic and space characters. Max 30';
+	} 
+if (empty($errors)) { // If the wuery ran OK
+	// Register the artist in the database
+	
+	try {
+		require ('mysqli_connect.php'); // Connect to the db.
+		// Make the query:
+		$query = "INSERT INTO artists (artist_id, first_name, middle_name, last_name) ";
+        $query .= "VALUES ";
+	    $query .= "(' ',?,?,?)"; 
+        $q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'sss', $first_nametrim, $middle_nametrim, $last_nametrim);
+        // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2 class="col-sm-12 text-right">The artist was successfully added.</h2>';
+		} else { // If the query failed to run
+		// Message:
+			echo '<h2 class="col-sm-12 text-right" style="color: red;">System Error</h2>
+			<p class="error">The artist could not be added due to a system error. ';
+			echo 'We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Admin Page | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Admin Page Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Admin Page Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Admin Page | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Admin Page Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Admin Page Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+	} else { // Display any errors
+		echo '<h2 class="col-sm-12 text-right" style="color: red;">Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Display any errors
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h6>Please try again.</h6><p><br></p>';
+		}// End of if error checks
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/process_cart.php b/Ch11/Customcart/customcartnew/customcartnew/process_cart.php
new file mode 100644
index 0000000..448bcf7
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/process_cart.php
@@ -0,0 +1,85 @@
+<?php
+// If the user changes the quantity then Update the cart
+  if(isset($_POST['qty'])) {
+  foreach ( $_POST['qty'] as $art_id => $item_qty )
+  {
+// Ensure that the id and the quantity are integers
+    $id = (int) $art_id;
+    $qty = (int) $item_qty;
+// If the quantity is set to zero clear the session or else store the changed quantity
+    if ( $qty == 0 ) { unset ($_SESSION['cart'][$id]); } 
+    elseif ( $qty > 0 ) { $_SESSION['cart'][$id]['quantity'] = $qty; }
+  }
+  }
+// Set an initial variable for the total cost
+$total = 0; 
+// Display the cart contents
+if (!empty($_SESSION['cart']))
+{
+?>
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+  <!-- Center Column Content Section -->
+  <div class="col-sm-4 text-center mx-auto" style="padding-left: 40px;"></div>
+  <div class="col-sm-10 text-center mx-auto" 
+  style="color: black; padding:20px; margin-top: 5px;">
+  <?php
+	try {
+// Connect to the database.
+  require ('mysqli_connect.php');
+// Get the items from the art table and insert them into the cart
+  $q = "SELECT * FROM art WHERE art_id IN (";
+  foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
+  $q = substr( $q, 0, -1 ) . ') ORDER BY art_id ASC';
+  $result = mysqli_query ($dbcon, $q);
+// Create a form and a table
+  echo '<form action="cart.php" method="post">';
+  echo '<table class="table table-responsive table-striped" style=" color:black;">';
+  echo '<tr><th scope="col">Medium</th><th scope="col">Type</th>';
+  echo '<th scope="col">Quantity</th><th scope="col"></th>';
+  echo '<th scope="col">Price</th></tr>';
+  while ($row = mysqli_fetch_array ($result, MYSQLI_ASSOC))
+  {
+// Calculate the subtotals and the grand total
+    $subtotal = $_SESSION['cart'][$row['art_id']]['quantity'] * $_SESSION['cart'][$row['art_id']]['price'];
+    $total += $subtotal;
+// Display the table
+    echo "<tr> <td>{$row['type']}</td><td>Painting(s)</td> 
+    <td><input type=\"text\" size=\"3\" name=\"qty[{$row['art_id']}]\" value=\"{$_SESSION['cart'][$row['art_id']]['quantity']}\"></td>
+    <td>at {$row['price']} each </td> <td style=\"text-align:right\">".number_format ($subtotal, 2)."</td></tr>";
+  }
+// Close the database connection
+  mysqli_close($dbcon); 
+// Display the total
+  echo ' <tr><td colspan="5" style="text-align:right">Total = '.number_format($total,2).'</td></tr>
+  </table>';
+  echo '<input id="submit" class="btn btn-primary" type="submit" name="submit" value="Update Order"></form>';
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Cart | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Cart Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Cart Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Cart | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Cart Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Cart Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+echo "</div>";
+echo "</div>";
+}
+else
+// Or display a message
+{ echo '<p style="padding: 60px;">Your cart is currently empty.</p>' ; 
+}
+// Create some links
+echo '<p><a href="users_search_page.php">Continue Shopping</a> | <a href="checkout.php">Checkout</a>' ;
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/process_checkout.php b/Ch11/Customcart/customcartnew/customcartnew/process_checkout.php
new file mode 100644
index 0000000..dd7eefa
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/process_checkout.php
@@ -0,0 +1,55 @@
+<?php
+// Redirect the user if he is not logged in
+if ( !isset( $_SESSION[ 'user_id' ] ) ) { require ( 'login_tools.php' ) ; load() ; }
+// Confirm that the total and cart have been passed to this page
+if ( isset( $_GET['total'] ) && ( $_GET['total'] > 0 ) && (!empty($_SESSION['cart']) ) )
+{
+	try {
+ // Connect to the database
+require ( 'mysqli_connect.php' ) ;
+  // Insert the user's id, the total, and the order date into the orders table
+  
+  $query = "INSERT INTO orders ( user_id, total, order_date ) VALUES ";
+  $query .= "( ?, ?, NOW())";
+ 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'is', $_SESSION['user_id'],$_GET['total']);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {	 
+  $order_id = mysqli_insert_id($dbcon);
+  // Get the selected paintings from the art table
+  $q = "SELECT * FROM art WHERE 'art_id' IN (";
+  foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
+  $q = substr( $q, 0, -1 ) . ') ORDER BY price ASC';
+  $result = mysqli_query ($dbcon, $q);
+// Insert the order contents into the order_contents table
+  while ($row = mysqli_fetch_array ($result, MYSQLI_ASSOC))
+  {
+    $query = "INSERT INTO order_contents ( order_id, art_id, quantity, price )
+    VALUES ( $order_id, ".$row['art_id'].",".$_SESSION['cart'][$row['art_id']]['quantity'].",".$_SESSION['cart'][$row['art_id']]['price'].")" ;
+    $result = mysqli_query($dbcon,$query);
+  }
+  // Close the database connection
+  mysqli_close($dbcon);
+  // Display a thank you message and state the order number
+  // Empty the cart ready for the next customer 
+  $_SESSION['cart'] = NULL;
+}
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+}
+// Display a message
+//else { echo '<h3 class="checkout">The shopping cart has been emptied ready for the next customer.</h3>' ; }
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/process_forgot.php b/Ch11/Customcart/customcartnew/customcartnew/process_forgot.php
new file mode 100644
index 0000000..ea204cc
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/process_forgot.php
@@ -0,0 +1,75 @@
+<?php
+	try {
+	require ('mysqli_connect.php');
+	// Assign the value FALSe to the variable $buyid 
+	$buyid = FALSE;
+// Validate the email address...
+if (!empty($_POST['email'])) {
+// Does that email address exist in the database?
+		$query = 'SELECT user_id, user_level, secret FROM users WHERE email=?';	
+		$q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "s", $_POST['email']); 
+       // execute query 
+        mysqli_stmt_execute($q);
+       $result = mysqli_stmt_get_result($q);
+       $row = mysqli_fetch_array($result, MYSQLI_NUM);
+       if ((mysqli_num_rows($result) == 1) && ($row[1] == 0) &&
+	       ($row[2] == $_POST['secret']))
+	   {
+		$buyid = $row[0];
+		} else { // If the buyid for the email address was not retrieved
+			echo '<h6 style="padding-left:80px; padding-top: 20px;">If your e-mail and secret are correct, you will recieve an e-mail</h6>';
+		}
+		} 
+	if ($buyid) { // If buyid for the email address was retrieved, create a random password
+		$password = substr ( md5(uniqid(rand(), true)), 5, 10);
+// Update the database table
+        $hassed_password = password_hash($password, PASSWORD_DEFAULT);			
+        $query = "UPDATE users SET password=? WHERE user_id=?";
+        $q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "si", $hassed_password, $buyid); 
+       // execute query 
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {		   
+// Send an email to the buyer
+		$body = "Your password has been changed to '" . $password;
+		$body .= "'. Please login as soon as possible using the new password. ";
+		$body .= "Then change it immediately. otherwise, if a hacker has intercepted ";
+		$body .= "this email they will know your login details.";
+		mail ($_POST['email'], 'Your new password.', $body, 'From: admin@thedovegallery.co.uk');
+// Echo a message and exit the code
+		echo '<h6 style="padding-left:80px; padding-top: 20px;">Your password has been changed. ';
+		echo 'You will shortly receive the new temporary password by email.</h6>';
+		mysqli_close($dbcon);
+		include ('includes/footer.php');
+		exit(); // Stop the script.
+		} else { // If the query failed to run
+			echo '<p class="error">Due to a system error, your password could not be changed. We apologize for any inconvenience.</p>'; 
+		}
+		} 
+	mysqli_close($dbcon);
+	}
+	catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Forgot Password | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Forgot Password Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Forgot Password Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Forgot Password | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Forgot Password Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Forgot Password Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/process_found_pics.php b/Ch11/Customcart/customcartnew/customcartnew/process_found_pics.php
new file mode 100644
index 0000000..247316d
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/process_found_pics.php
@@ -0,0 +1,73 @@
+<?php
+//Connect to the database
+try {
+require ( 'mysqli_connect.php' ) ;
+// Select the first thre items items from the art table
+//$q = "SELECT * FROM art LIMIT 3";
+$type=$_SESSION['type'];
+$price=$_SESSION['price'];
+$query = 
+"SELECT art_id, thumb, type, price, medium, artist, mini_descr, ppcode ";
+$query .= "FROM art WHERE type= ? AND price <= ? ORDER BY price DESC LIMIT 3";		
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// bind $id to SQL Statement
+mysqli_stmt_bind_param($q, "si", $type, $price); 
+// execute query 
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+//  $row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) > 0) {
+
+//$result = mysqli_query( $dbcon, $q ) ;
+//if ( mysqli_num_rows( $result ) > 0 )
+//{
+// Table header
+?>
+<table class="table table-responsive table-striped" style="background: white;">
+<tr><th scope="col">Thumb</th><th scope="col">Type</th>
+<th scope="col">Medium</th><th scope="col">Artist</th>
+<th scope="col">Details</th><th scope="col">Price &pound;</th>
+</tr>
+<?php	
+// Fetch the matching records and populate the table display
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	echo '<tr>
+	<td><img src='.$row['thumb'] . '></td>
+	<td>' . $row['type'] . '</td>
+	<td>' . $row['medium'] . '</td>
+	<td>' . $row['artist'] . '</td>
+	<td>' . $row['mini_descr'] . '</td>
+	<td>' . $row['price'] . 
+	'<br><a href="added.php?id=' . $row['art_id'] . '">Add to Cart</a></td>
+	</tr>';
+	}
+?>
+</table>
+<?php
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// Or notify the user that no matching paintings were found
+else { echo '<p>There are currently no items matching your search criteria.</p>' ; }
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Found Pics | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Found Pics Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Found Pics Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Found Pics | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Found Pics Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Found Pics Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/process_login.php b/Ch11/Customcart/customcartnew/customcartnew/process_login.php
new file mode 100644
index 0000000..459f34e
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/process_login.php
@@ -0,0 +1,32 @@
+<?php
+// Was the form submitted?
+if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
+{
+// Connect to the database .
+  require ( 'mysqli_connect.php' ) ;
+// Load the validation functions.
+  require ( 'login_functions.php' ) ;
+// Check the login data
+  list ( $check, $data ) = validate ( $dbcon, $_POST[ 'email' ], $_POST[ 'passcode' ] ) ;
+// If successful, set session data and display the forum.php page
+  if ( $check )  
+  {
+// Access the session details
+    session_start();
+    $_SESSION[ 'user_id' ] = $data[ 'user_id'];
+    $_SESSION[ 'email' ] = $data[ 'email' ] ;
+	$_SESSION[ 'user_level' ] = $data[ 'user_level' ];
+	if ($data[ 'user_level'] == 1) {
+    header ( 'Location: admin_page.php' ) ;
+	} else {
+	header ( 'Location: users_search_page.php' );
+  }
+  }
+// If it fails, set the error messages
+  else { $errors = $data; } 
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// If it unsuccessful continue to display the login page
+include ( 'login.php' ) ;
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/process_register.php b/Ch11/Customcart/customcartnew/customcartnew/process_register.php
new file mode 100644
index 0000000..264c58b
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/process_register.php
@@ -0,0 +1,195 @@
+<?php
+// Has the form been submitted?
+try {
+require ('mysqli_connect.php'); // Connect to the database
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+//Is the title present? If it is, trim it 
+    $title = filter_var( $_POST['title'], FILTER_SANITIZE_STRING);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title		
+	$titletrim = $title;							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+   $first_name = filter_var( $_POST['first_name'], FILTER_SANITIZE_STRING);	
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name
+    $first_nametrim = $first_name;		
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, trim it and sanitize it
+	$last_name = filter_var( $_POST['last_name'], FILTER_SANITIZE_STRING);			
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 40)) {					
+	//Sanitize the trimmed last name
+    $last_nametrim = $last_name;				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}
+// Set the email alias as false and check for an email address:
+//$e = FALSE;	                                                                #1								
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))
+			|| (strlen($emailtrim > 60))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = filter_var( $_POST['password1'], FILTER_SANITIZE_STRING);		
+if ((empty($password1trim)) || ($password1trim < 8) || ($password1trim > 12)){   //                                             #7
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password1trim)) {  //                        #8
+$errors[] = 'Invalid password,8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+$password2trim = filter_var( $_POST['password2'], FILTER_SANITIZE_STRING);	
+if($password1trim === $password2trim) { //                                 #9
+$password = $password1trim;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+}
+//Is the 1st address present? If it is, trim it and sanitize it
+$address1 = filter_var( $_POST['address1'], FILTER_SANITIZE_STRING);			
+if ((!empty($address1)) && (preg_match('/[a-z\.\s\,\-]/i', $address1)) &&
+  (strlen($address1) <= 30)) {					
+	//Sanitize the trimmed 1st address
+    $address1trim = $address1;						
+	}else{	
+	$errors[] = 'Missing address. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+//If the 2nd address is present? If it is, trim it and sanitize it          #10
+$address2 = filter_var( $_POST['address2'], FILTER_SANITIZE_STRING);	
+if ((!empty($address2)) && (preg_match('/[a-z\.\s\,\-]/i', $address2)) &&
+  (strlen($address2) <= 30)) {				
+	//Sanitize the trimmed 2nd address
+	$address2trim = $address2;	
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, trim it and sanitize it
+$city = filter_var( $_POST['city'], FILTER_SANITIZE_STRING);			
+if ((!empty($city)) && (preg_match('/[a-z\.\s]/i', $city)) &&
+  (strlen($city) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = $city;							
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, trim it and sanitize it
+$state_country = filter_var( $_POST['state_country'], FILTER_SANITIZE_STRING);		
+if ((!empty($state_country)) && (preg_match('/[a-z\.\s]/i', $state_country)) &&
+    (strlen($state_country) <= 30))	 {				
+	//Sanitize the trimmed state or country	
+    $state_citytrim = $state_country;						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, trim it and sanitize it
+$zcode_pcode = filter_var( $_POST['zcode_pcode'], FILTER_SANITIZE_STRING);	
+if ((!empty($zcode_pcode)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcode)) &&
+    (strlen($zcode_pcode) <= 30) && (strlen($zcode_pcode >= 5))) {						
+	//Sanitize the trimmed zcode_pcode
+    $zcode_pcodetrim = $zcode_pcode;							
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the secret present? If it is, trim it and sanitize it
+$secret = filter_var( $_POST['secret'], FILTER_SANITIZE_STRING);		
+if ((!empty($secret)) && (preg_match('/[a-z\.\s\,\-]/i', $secret)) &&
+  (strlen($secret) <= 30)) {					
+	//Sanitize the trimmed city	
+	$secrettrim = $secret;					
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+//Is the phone number present? If it is, trim it and sanitize it 
+$phone = filter_var( $_POST['phone'], FILTER_SANITIZE_STRING);	    		
+if ((!empty($phone)) && (strlen($phone) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phone, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT user_id FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $e);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+	$query = "INSERT INTO users (user_id, title, first_name, last_name, email, password,"; 
+    $query .= "address1, address2, city, state_country, zcode_pcode, phone, secret, registration_date) ";
+    $query .= "VALUES ";
+	$query .= "(' ',?,?,?,?,?,?,?,?,?,?,?,?,NOW())"; 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'ssssssssssss', 
+	$titletrim, $first_nametrim, $last_nametrim, $emailtrim, $hashed_password, $address1trim, $address2trim, 
+	$citytrim, $state_countrytrim, $zcode_pcodetrim, $phonetrim, $secrettrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+	header ("location: register_thanks.php"); 					
+	} else {
+	echo 'Invalid query:' . $dbcon->error; 
+// change to generic message in production
+	}
+	}else{//The email address is already registered                         
+echo '<p class="error">The email address is already registered</p>';
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+echo '<h2>Error!</h2>
+<p class="error">The following error(s) occurred:<br>';
+foreach ($errors as $msg) { // Print each error.				
+echo " - $msg<br>\n";
+    }
+echo '</p><h3>Please try again.</h3><p><br></p>';
+    }// End of if (empty($errors)) IF.
+mysqli_close($dbcon);
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Registration | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Register Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Register Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Registration | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Register Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Register Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/register.php b/Ch11/Customcart/customcartnew/customcartnew/register.php
new file mode 100644
index 0000000..6c643f5
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/register.php
@@ -0,0 +1,217 @@
+<?php
+$menu = 8;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require("process_register.php"); }
+?>
+<form  action="register.php" method="post" onsubmit="return checked();">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2>Account Registration</h2>
+<h6>Items marked with an asterisk * are essential</h6>
+</div>
+</div>
+<div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	  value="<?php if (isset($_POST['title'])) echo $_POST['title']; ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	  value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>">
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value="<?php if (isset($_POST['password2'])) echo $_POST['password2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	  value="<?php if (isset($_POST['address1'])) echo $_POST['address1']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	  value="<?php if (isset($_POST['address2'])) echo $_POST['address2']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	  value="<?php if (isset($_POST['city'])) echo $_POST['city']; ?>">
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	  value="<?php if (isset($_POST['state_country'])) echo $_POST['state_country']; ?>">
+    </div>
+  </div>	
+<div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	  value="<?php if (isset($_POST['zcode_pcode'])) echo $_POST['zcode_pcode']; ?>">
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	  value="<?php if (isset($_POST['phone'])) echo $_POST['phone']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+      <label for="question" class="col-sm-4 col-form-label text-right">
+	  Secret Question*:</label>
+	  <div class="col-sm-8">
+      <select id="question" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Mother's Madien Name</option>
+	<option value="Nature">Pet's Name</option>
+	<option value="Abstract">High School</option>
+	<option value="Abstract">Favorite Vacation Spot</option>
+	</select>
+	</div>
+	</div>  
+	<div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Answer*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Secret Answer" maxlength="30" required
+	  value="<?php if (isset($_POST['secret'])) echo $_POST['secret']; ?>">
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="g-recaptcha" style="padding-left: 50px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+ <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/register_thanks.php b/Ch11/Customcart/customcartnew/customcartnew/register_thanks.php
new file mode 100644
index 0000000..9576943
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/register_thanks.php
@@ -0,0 +1,38 @@
+<?php
+$menu=9;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-14 text-center mx-auto" style="padding:20px; margin-top: 5px; color:white;">
+<h2>Thank you for registering</h2>
+<h6>You will now be able to login, search for, and view the paintings.</h6>
+<footer>
+<?php include("includes/footer.php"); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew/transparent.css b/Ch11/Customcart/customcartnew/customcartnew/transparent.css
new file mode 100644
index 0000000..a21422c
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/transparent.css
@@ -0,0 +1,15 @@
+body { background:#68CE53; font-family:arial; font-size: 100%;
+}
+header {border:10px white solid;}
+#container {
+	margin:auto;
+}
+h2 { margin-top: 20px; }
+label { color: black; }
+#submit {margin: 0px; background:#559a55; border: 5px outset #559a55; width: 140px;}
+#includemenu {padding-top: 10px; padding-bottom: 10px; padding-right: 0px;}
+#includefooter {background:#68CE53; padding-top: 5px; padding-bottom: 5px; margin: 0px;}
+#includeheader {width:90%; height:auto; background:#95b522; margin-bottom: 0px; padding:0px;}
+#contents {background-color:transparent ;margin-top: -17px; border:10px white solid; color: white; width: 90%; }
+#buttons {background:#559a55; border: 5px outset #559a55;}
+
diff --git a/Ch11/Customcart/customcartnew/customcartnew/users_search_page.php b/Ch11/Customcart/customcartnew/customcartnew/users_search_page.php
new file mode 100644
index 0000000..6282630
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/users_search_page.php
@@ -0,0 +1,105 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+$menu=7;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 20px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-6 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+	<form  action="found_pics_cart.php" method="post">
+<div class="form-group row">
+    <div class="col-sm-10 text-left" style="padding: 20px; padding-left: 30px;">
+	<h3>Welcome to the Dove Gallery</h3>
+	<h6 style="color: black;"><b>All prices include frames, sales tax, delivery and insurance</b></h6>
+	<h2 class="text-center">Search for a painting</h2>
+	</div>
+    <div class="col-sm-6">
+	
+</div>
+</div>
+	  <div class="form-group row">
+      <label for="type" class="col-sm-3 col-form-label text-right">Type:</label>
+	  <div class="col-sm-6">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="still-life">Still Life</option>
+	<option value="nature">Nature</option>
+	<option value="abstract">Abstract</option>
+</select>
+</div>
+
+</div>
+ <div class="form-group row">
+      <label for="price" class="col-sm-3 col-form-label text-right">Maximum Price:</label>
+	  <div class="col-sm-6">
+      <select id="price" name="price" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="40">&pound;40</option>
+	<option value="80">&pound;80</option>
+	<option value="800">&pound;800</option>
+</select>
+</div>
+</div>
+	 <div class="form-group row">
+
+  <label class="col-sm-3 col-form-label"></label>
+  <div class="col-sm-6">
+<input id="submit" class="btn btn-primary" 
+ type="submit" name="submit" value="Submit">
+</div>
+
+</div>
+
+
+</form><!--End of the add a painting content-->
+<!-- Right-side Column Content Section -->
+
+	</div>
+	<div class="col-sm-3 text-center" style="padding:0px; margin-top: 5px;">
+	 
+<img alt="Copper Kettle by James Kessell" class="img-fluid float-left" 
+style="margin-top: 20px;" src="images/k-copper-kettle-300.jpg"> 
+
+</div>
+	<aside class="col-sm-3" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
+
diff --git a/Ch11/Customcart/customcartnew/customcartnew/verify.js b/Ch11/Customcart/customcartnew/customcartnew/verify.js
new file mode 100644
index 0000000..b5a9501
--- /dev/null
+++ b/Ch11/Customcart/customcartnew/customcartnew/verify.js
@@ -0,0 +1,12 @@
+function checked() {
+  if (document.getElementById('password1').value ==
+    document.getElementById('password2').value) {
+    document.getElementById('message').style.color = 'green';
+    document.getElementById('message').innerHTML = 'Passwords match';
+	return true;
+  } else {
+    document.getElementById('message').style.color = 'red';
+    document.getElementById('message').innerHTML = 'Passwords do not match';
+	return false;
+  }
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/customcartnew/customcartnew53018v2.zip b/Ch11/Customcart/customcartnew/customcartnew53018v2.zip
new file mode 100644
index 0000000..7c4abc3
Binary files /dev/null and b/Ch11/Customcart/customcartnew/customcartnew53018v2.zip differ
diff --git a/Ch11/Customcart/customcartnewest.zip b/Ch11/Customcart/customcartnewest.zip
new file mode 100644
index 0000000..1ee3545
Binary files /dev/null and b/Ch11/Customcart/customcartnewest.zip differ
diff --git a/Ch11/Customcart/customdb.sql b/Ch11/Customcart/customdb.sql
new file mode 100644
index 0000000..8473ce0
--- /dev/null
+++ b/Ch11/Customcart/customdb.sql
@@ -0,0 +1,295 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: May 12, 2018 at 10:47 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `customdb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `art`
+--
+
+CREATE TABLE `art` (
+  `art_id` int(8) UNSIGNED NOT NULL,
+  `thumb` varchar(50) NOT NULL,
+  `type` varchar(50) NOT NULL,
+  `price` decimal(6,2) UNSIGNED NOT NULL,
+  `medium` varchar(50) NOT NULL,
+  `artist` varchar(50) NOT NULL,
+  `mini_descr` varchar(150) NOT NULL,
+  `ppcode` text NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `art`
+--
+
+INSERT INTO `art` (`art_id`, `thumb`, `type`, `price`, `medium`, `artist`, `mini_descr`, `ppcode`) VALUES
+(1, '\"images/aw-brown-vessel-thumb.jpg\"', 'Still-life', '60.00', 'Oil-painting', 'Adrian-W-West', 'First exhibited in Coventry City Art Gallery 1968. Painted on durable tempered hardboard.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(2, '\"images/k-copper-kettle-thumb.jpg\"', 'Still-life', '750.00', 'Oil-painting', 'James-Kessell', 'James Kessell (RA and RABA) painted this on tempered hard board for an appreciative audience. It was exhibited at the Birmingham Art Gallery in 1967.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(3, '\"images/aw-white-jug-thumb.jpg\"', 'Still-life', '70.00', 'Oil-painting', 'Adrian-W-West', 'Painted on tempered hardboard in 1968 and exhibited first at Coventry City Art Gallery in the same year.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(4, '\"images/rsb-beer-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Looking back at Beer beach, South East Devon. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(5, '\"images/rsb-blue-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Roger produces excellent etchings of Devon\'s native butterflies. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(6, '\"images/rsb-fritillary-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'The silver washed fritillary is a less common Devon butterfly.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(7, '\"images/rsb-lyme-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Lyme Regis is a popular Devon seaside resort with a spectacular sea wall called the Cobb.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(22, '\"images/rsb-lyme-thumb.jpg\"', 'Landscape', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Lyme Regis is a popular Devon seaside resort with a spectacular sea wall called the Cobb.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(23, '\"images/k-abstract-squares-thumb.jpg\"', 'Abstract', '800.00', 'Oil-painting', 'James-Kessell', 'Composition of squares and circles in tasteful pastel colors. Painted on high quality tempered board.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(21, '\"images/rsb-beer-thumb.jpg\"', 'Landscape', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Looking back at Beer beach, South East Devon. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `artists`
+--
+
+CREATE TABLE `artists` (
+  `artist_id` int(8) UNSIGNED NOT NULL,
+  `afname` varchar(30) DEFAULT NULL,
+  `amname` varchar(30) DEFAULT NULL,
+  `alname` varchar(30) NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `artists`
+--
+
+INSERT INTO `artists` (`artist_id`, `afname`, `amname`, `alname`) VALUES
+(1, 'Adrian', 'W', 'West'),
+(2, 'Roger', 'St.', 'Barbe'),
+(3, 'James', '', 'Kessell'),
+(4, 'Charlie', 'S', 'Farnsbarns');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `orders`
+--
+
+CREATE TABLE `orders` (
+  `order_id` int(8) UNSIGNED NOT NULL,
+  `buyer_id` int(8) UNSIGNED NOT NULL,
+  `total_price` decimal(7,2) NOT NULL,
+  `order_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_contents`
+--
+
+CREATE TABLE `order_contents` (
+  `content_id` int(10) UNSIGNED NOT NULL,
+  `order_id` int(10) UNSIGNED NOT NULL,
+  `art_id` int(10) UNSIGNED NOT NULL,
+  `quantity` int(10) UNSIGNED NOT NULL DEFAULT '1',
+  `price` decimal(4,2) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Dumping data for table `order_contents`
+--
+
+INSERT INTO `order_contents` (`content_id`, `order_id`, `art_id`, `quantity`, `price`) VALUES
+(1, 2, 4, 1, '17.99'),
+(2, 3, 4, 1, '17.99'),
+(3, 4, 2, 1, '14.99'),
+(4, 5, 3, 1, '16.99'),
+(5, 6, 1, 1, '19.99'),
+(6, 7, 1, 1, '60.00'),
+(7, 8, 2, 1, '99.99'),
+(8, 15, 1, 1, '60.00'),
+(9, 16, 1, 1, '60.00');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_details`
+--
+
+CREATE TABLE `order_details` (
+  `ord_details_id` int(8) UNSIGNED NOT NULL,
+  `order_id` int(8) UNSIGNED NOT NULL,
+  `art_id` int(8) UNSIGNED NOT NULL,
+  `dispatch_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `prices`
+--
+
+CREATE TABLE `prices` (
+  `oneyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `oneyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyeargb` decimal(6,0) UNSIGNED NOT NULL,
+  `fiveyearus` decimal(6,0) UNSIGNED NOT NULL,
+  `militarygb` decimal(6,0) UNSIGNED NOT NULL,
+  `militaryus` decimal(6,0) UNSIGNED NOT NULL,
+  `u21gb` decimal(6,0) UNSIGNED NOT NULL,
+  `u21us` decimal(6,0) UNSIGNED NOT NULL,
+  `minpricegb` decimal(6,0) UNSIGNED NOT NULL,
+  `minpriceus` decimal(6,0) UNSIGNED NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `prices`
+--
+
+INSERT INTO `prices` (`oneyeargb`, `oneyearus`, `fiveyeargb`, `fiveyearus`, `militarygb`, `militaryus`, `u21gb`, `u21us`, `minpricegb`, `minpriceus`) VALUES
+('30', '40', '125', '140', '5', '8', '2', '3', '15', '20');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `user_id` mediumint(6) UNSIGNED NOT NULL,
+  `title` tinytext NOT NULL,
+  `fname` varchar(30) NOT NULL,
+  `lname` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `psword` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `addr1` varchar(50) NOT NULL,
+  `addr2` varchar(50) DEFAULT NULL,
+  `city` varchar(50) NOT NULL,
+  `state_country` char(25) NOT NULL,
+  `zcode_pcode` char(10) NOT NULL,
+  `phone` char(15) DEFAULT NULL,
+  `user_level` int(1) NOT NULL DEFAULT '0'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`user_id`, `title`, `fname`, `lname`, `email`, `psword`, `registration_date`, `addr1`, `addr2`, `city`, `state_country`, `zcode_pcode`, `phone`, `user_level`) VALUES
+(1, 'Mr', 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$UiiBhmXca.0/bwopveFq8uInuX.EVrecinUQYQG546WjAWwZLJNoe', '2017-12-06 08:43:41', '4 The Street', 'The Village', 'Townsville', 'USA', 'WA', '0123777888', 0),
+(2, 'Mr', 'Jack', 'Smith', 'jsmith@outcook.com', '44fc2837cca3d8994cba9d02d94a15c1fe7b1d66', '2017-12-06 08:47:24', '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', 0),
+(4, 'Ms', 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$5KM8jy5MwHIgfVchsdfE8OvuF1cT2VYqU6mte2CWBw1HjmEv3r.ES', '2017-12-06 12:20:33', '6 The Street', '', 'Townsville', 'UK', 'EX9 9PG', '01234777888', 0),
+(5, 'Mr', 'Patrick', 'O\'Hara', 'pohara@myisp.org.uk', '$2y$10$0nmGDVmHdWusgFJRmVZADeL43Y7HCPViBrHj/Z2betxiMdMx5Y2sC', '2017-12-06 12:27:32', '5 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', 0),
+(6, 'Mr', 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$KCQhEftEJouWPfuOOVoRVOECY/oJTluxHRr85fWlz6nsfN4OHtCie', '2017-12-06 17:02:16', '6 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PS', '', 0),
+(7, 'Miss', 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$IrQE3TTkWzNm93FP/VYf.O/yMWDJDpIn/.qjrmvN.I97fvakynuza', '2017-12-06 17:11:44', '7 The Street', 'The Village', 'Townsville', 'UK', 'EXP 6PG', '01234777888', 0),
+(8, 'Mrs', 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$R2auBMKMe/Qw2fFr8D.S8eUEENUz8r.YUth5NHAyskNYupUzBen5O', '2017-12-06 17:18:30', '7 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', 0),
+(9, 'Mrs', 'Annie', 'Mossity', 'amossity@myisp.org.uk', '$2y$10$amqmyEfaOfiZ0MkIzdO90uZMPw4Mi/4RR70nNd0nxaZSOlxlr.8DC', '2017-12-06 17:24:42', '4 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 0),
+(10, 'Mr', 'Percy', 'Veer', 'pveer@myisp.com', '$2y$10$Wvdx/YO4cCcOQvyMVVtapO3F/eiz2Ow3yU9VcczGMC.dcgwbgIXMS', '2017-12-06 17:28:53', '7 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PG', '01234777888', 0),
+(11, 'Mr', 'Darrel', 'Doo', 'ddoo@myisp.co.uk', '$2y$10$cTmJVcuUmTpCOIdQJ8MG3uwLmG7M7V3iE8zPXiNW2PQEdDQZMBftO', '2017-12-06 17:39:30', '5 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '', 0),
+(12, 'Mr', 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$YUYnU8UvOF/WUJ5h4VK4Qe.I48ZcAbedjPiDekKHlODduqGdJoI9i', '2017-12-06 18:02:04', '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '01234777888', 0),
+(13, 'Mrs', 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$k9sMvE001164jjzJLs.OpOmb9LtluUEbR4GQ4RT5/rvSPNIqbL6gC', '2017-12-07 17:39:34', '6 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', 0),
+(14, 'Mr', 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$TOr.IZq/joHIKSk0Oo.jE.yWau48sUSgtC5TzKJ0sl0AoO2Bsk3lW', '2017-12-08 12:16:58', '5 The Street', '', 'Townsville', 'UK', 'EX7 9PG', '01234777888', 0),
+(16, 'Miss', 'Lynn', 'Seed', 'lseed@myisp.com', '$2y$10$nEs3Zhh4V5ZznpcPzGs9gOWupjY2NgV87DPpLu2DjqsdyBNRjf4/C', '2017-12-16 20:03:16', '6 The Street', '', 'Townsville', 'UK', 'EX24 6PG', '01234777888', 0),
+(17, 'Mr', 'Barry', 'Tone', 'btone@myisp.net', '$2y$10$w4zMq7ij7NmVDeBBKDSmbu963EwchZwAHPZmgZmTQAQ8Gha2jTD5W', '2017-12-16 20:16:40', '2 The Street', '', 'Townsville', 'USA', 'CA12345', '', 0),
+(30, 'Mr', 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$lePdxFz7ZKn/bJ41BS0h/ehWyIL2ZgK123iPQJahNCaRjgxVY3Rfq', '2017-12-29 11:28:43', '2 The Street', 'The Village', 'Townsville', 'Germany', 'BL1234', '', 0),
+(31, 'Miss', 'Dee', 'Jected', 'djected@myisp.org.uk', '$2y$10$ujpV7w4blsTdQFWOsE1fiOFYtj9zN4w0WcK5V4WJ60Pc5HWodWlGC', '2017-12-29 11:48:04', '3 The Street', 'The Village', 'Townsville', 'UK', 'EX3 1TH', '', 0),
+(32, 'Mr', 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$Yu.c/cw/TSFa9vcMBGAfAe5vzyOwp3SZarBVc/9vEksfp.F8BzSiW', '2017-12-29 11:58:51', '2 The Street', '', 'Townsville', 'UK', 'EX24 6PS', '01234777888', 0);
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `art`
+--
+ALTER TABLE `art`
+  ADD PRIMARY KEY (`art_id`),
+  ADD KEY `art_name` (`thumb`,`price`);
+
+--
+-- Indexes for table `artists`
+--
+ALTER TABLE `artists`
+  ADD PRIMARY KEY (`artist_id`);
+
+--
+-- Indexes for table `orders`
+--
+ALTER TABLE `orders`
+  ADD PRIMARY KEY (`order_id`),
+  ADD KEY `buyer_id` (`buyer_id`,`order_date`);
+
+--
+-- Indexes for table `order_contents`
+--
+ALTER TABLE `order_contents`
+  ADD PRIMARY KEY (`content_id`);
+
+--
+-- Indexes for table `order_details`
+--
+ALTER TABLE `order_details`
+  ADD PRIMARY KEY (`ord_details_id`),
+  ADD KEY `order_id` (`order_id`,`art_id`,`dispatch_date`);
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`user_id`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `art`
+--
+ALTER TABLE `art`
+  MODIFY `art_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=30;
+
+--
+-- AUTO_INCREMENT for table `artists`
+--
+ALTER TABLE `artists`
+  MODIFY `artist_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=33;
+
+--
+-- AUTO_INCREMENT for table `orders`
+--
+ALTER TABLE `orders`
+  MODIFY `order_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT for table `order_contents`
+--
+ALTER TABLE `order_contents`
+  MODIFY `content_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=10;
+
+--
+-- AUTO_INCREMENT for table `order_details`
+--
+ALTER TABLE `order_details`
+  MODIFY `ord_details_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `user_id` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=41;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch11/Customcart/forgot.php b/Ch11/Customcart/forgot.php
new file mode 100644
index 0000000..b0c8394
--- /dev/null
+++ b/Ch11/Customcart/forgot.php
@@ -0,0 +1,113 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Forgotten password form</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+#content h2 { margin-left:-220px;}
+#content h2.main_title { margin-left:-100px; }
+#content h3 { margin-left:90px; }
+l { margin-top:0; }
+ul li {height:30px; }
+p { margin-bottom:-5px; }
+form { margin-left:180px; }
+#submit {margin-top:0; margin-left:215px; }
+p.error { color:red; font-size:105%; font-weight:bold; text-align:center;}
+footer { margin-left:-20px; }
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_forgot.inc'); ?>
+</header>
+<div id="content">
+<?php 
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	
+	try {
+	require ('mysqli_connect.php');
+	// Assign the value FALSe to the variable $buyid 
+	$buyid = FALSE;
+// Validate the email address...
+if (!empty($_POST['email'])) {
+// Does that email address exist in the database?
+		$query = 'SELECT user_id, user_level FROM users WHERE email=?';	
+		$q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "s", $_POST['email']); 
+       // execute query 
+        mysqli_stmt_execute($q);
+       $result = mysqli_stmt_get_result($q);
+       $row = mysqli_fetch_array($result, MYSQLI_NUM);
+       if ((mysqli_num_rows($result) == 1) && ($row[1] == 0))
+	   {
+		$buyid = $row[0];
+		} else { // If the buyid for the email address was not retrieved
+			echo '<p class="error">That email is not in the database</p>';
+		}
+		} 
+	if ($buyid) { // If buyid for the email address was retrieved, create a random password
+		$password = substr ( md5(uniqid(rand(), true)), 5, 10);
+// Update the database table
+        $hassed_password = password_hash($password, PASSWORD_BCRYPT);			
+        $query = "UPDATE users SET password=? WHERE user_id=?";
+        $q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "si", $hassed_password, $buyid); 
+       // execute query 
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {		   
+// Send an email to the buyer
+		$body = "Your password has been changed to '" . $password . "'. Please login as soon as possible using the new password. ";
+		$body .= "Then change it immediately. otherwise, if a hacker has intercepted this email he will know your login details.";
+		mail ($_POST['email'], 'Your new password.', $body, 'From: admin@thedovegallery.co.uk');
+// Echo a message and exit the code
+		echo '<h3>Your password has been changed. You will shortly receive the new temporary password by email.</h3>';
+		mysqli_close($dbcon);
+		include ('includes/footer.inc');
+		exit(); // Stop the script.
+		} else { // If the query failed to run
+			echo '<p class="error">Due to a system error, your password could not be changed. We apologize for any inconvenience.</p>'; 
+		}
+		} 
+	mysqli_close($dbcon);
+	}
+	catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+} 
+?>
+<div id="rightcol">
+<nav>
+<?php include('includes/menu.inc'); ?>
+</nav>
+</div>
+<h2 class="main_title">Forgotten Your Password?</h2>
+<h3>When you apply, you will receive your new password in an email.<br>Read that 
+email as soon as possible. Don't delay!<br>For 
+maximum security, immediately login with your new password<br>Then change the 
+password as quickly as possible.<br></h3>  
+<form  action="forgot.php" method="post">
+<p><label class="label" for="email"><b>Your email adddress</b></label>
+<input id="email" type="text" name="email" size="30" maxlength="30" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>">
+	<br>
+	<p><input id="submit" type="submit" name="submit" value="Get a new password"></p>
+</form>
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer><br></div>
+<div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/found_paintings.css b/Ch11/Customcart/found_paintings.css
new file mode 100644
index 0000000..253d081
--- /dev/null
+++ b/Ch11/Customcart/found_paintings.css
@@ -0,0 +1,10 @@
+p{ text-align:center; }
+table, td, th { width:930px; border-collapse:collapse; border:1px black solid; background:white;}
+td, th { padding-left:5px; padding-right:5px; text-align:center; }
+td.narrow, th.narrow { width:45px;}
+td.descr { text-align:left; }
+td.medium, th.medium { width:100px;}
+td.artist, th.artist { width:210px;}
+td.thumb, th.thumb { width:125px; text-align:center;}
+#content h3 { text-align:center; font-size:130%; font-weight:bold;}
+img { display:block;}
\ No newline at end of file
diff --git a/Ch11/Customcart/found_pics_cart.php b/Ch11/Customcart/found_pics_cart.php
new file mode 100644
index 0000000..4c0e04b
--- /dev/null
+++ b/Ch11/Customcart/found_pics_cart.php
@@ -0,0 +1,80 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>The page for displaying the found paintings</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<link rel="stylesheet" type="text/css" href="found_paintings.css">
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_found_pics_cart.inc'); ?>
+<div id="content"><!--Start of table displaying selected paintings-->
+<h3>To buy a painting please click its Add to Cart link</h3>
+<p>
+<?php
+//Connect to the database
+try {
+require ( 'mysqli_connect.php' ) ;
+// Select the first thre items items from the art table
+$q = "SELECT * FROM art LIMIT 3";
+$result = mysqli_query( $dbcon, $q ) ;
+if ( mysqli_num_rows( $result ) > 0 )
+{
+// Table header
+echo '<table>
+<tr>
+<th class="thumb"><b>Thumb</b></th>
+<th class="narrow"><b>Type</b></th>
+<th class="medium"><b>Medium</b></th>
+<th class="artist"><b>Artist</b></th>
+<th class="descr"><b>Details</b></th>
+<th class="narrow"><b>Price &pound;</b></th>
+</tr>';
+// Fetch the matching records and populate the table display
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	echo '<tr>
+	<td class="thumb"><img src='.$row['thumb'] . '></td>
+	<td class="narrow">' . $row['type'] . '</td>
+	<td class="medium">' . $row['medium'] . '</td>
+	<td class="artist">' . $row['artist'] . '</td>
+	<td class="descr">' . $row['mini_descr'] . '</td>
+	<td class="artist">' . $row['price'] . 
+	'<br><a href="added.php?id=' . $row['art_id'] . '">Add to Cart</a></td>
+	</tr>';
+	}
+	echo '</table>'; // End of table
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// Or notify the user that no matching paintings were found
+else { echo '<p>There are currently no items matching your search criteria.</p>' ; }
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+?>
+<p>No paintings displayed? Either we have nothing that matches your requirements at the moment OR<br>you may have forgotten to select 
+BOTH the search fields. Please click the Home Page button and try again.</p>
+<footer>
+<?php include("includes/footer.inc"); ?>
+</footer>
+</div><!--End of content-->
+<br>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/header_found_pics_cart1.inc b/Ch11/Customcart/header_found_pics_cart1.inc
new file mode 100644
index 0000000..97548f8
--- /dev/null
+++ b/Ch11/Customcart/header_found_pics_cart1.inc
@@ -0,0 +1,45 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="images/dove-1.png" alt="dove"> 
+<!-- <img alt="dove" height="170" src="images/dove-1.png" width="234"> -->
+</div>
+<div class="col-sm-8">
+ <h1 class="blue-text mb-4 font-bold">Header Goes Here</h1>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" id="header-button" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'cart.php'" >View Cart</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+</div>
+    </nav>
+	
+	
+<!--
+<div id="header-button">
+		<ul>
+			<!--<li><a href="view_gallery.php">View gallery</a></li>
+			<li><a href="search.php">Search</a></li>
+			<li><a href="register.php">Register</a></li>
+			<li><a href="admin_view_art.php">View Art</a></li>
+			<li><a href="admin_search.php">Search</a></li>
+			<li><a href="cart.php">View Cart</a></li>
+			<li><a href="index.php">Home Page</a></li>
+			<li><a href="logout.php">Logout</a></li>
+		
+		<!--<form name="_xclick" target="paypal" 
+action="https://www.paypal.com/uk/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_cart">
+<input type="hidden" name="business" value="me@mybusiness.co.uk"> 
+<input type="image" src="https://www.paypal.com/en_GB/i/btn/view_cart.gif" border="0" 
+name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> 
+<input type="hidden" name="display" value="1">
+</form>
+			</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+	</div>
+	-->
+	
\ No newline at end of file
diff --git a/Ch11/Customcart/images/L-looking-back-a-beer.jpg b/Ch11/Customcart/images/L-looking-back-a-beer.jpg
new file mode 100644
index 0000000..bf6152f
Binary files /dev/null and b/Ch11/Customcart/images/L-looking-back-a-beer.jpg differ
diff --git a/Ch11/Customcart/images/L-silver-studded-blue.jpg b/Ch11/Customcart/images/L-silver-studded-blue.jpg
new file mode 100644
index 0000000..c45da2f
Binary files /dev/null and b/Ch11/Customcart/images/L-silver-studded-blue.jpg differ
diff --git a/Ch11/Customcart/images/Thumbs.db b/Ch11/Customcart/images/Thumbs.db
new file mode 100644
index 0000000..faaaabf
Binary files /dev/null and b/Ch11/Customcart/images/Thumbs.db differ
diff --git a/Ch11/Customcart/images/aw-brown-vessel-200.jpg b/Ch11/Customcart/images/aw-brown-vessel-200.jpg
new file mode 100644
index 0000000..df6dde2
Binary files /dev/null and b/Ch11/Customcart/images/aw-brown-vessel-200.jpg differ
diff --git a/Ch11/Customcart/images/aw-brown-vessel-thumb.jpg b/Ch11/Customcart/images/aw-brown-vessel-thumb.jpg
new file mode 100644
index 0000000..26dcaa5
Binary files /dev/null and b/Ch11/Customcart/images/aw-brown-vessel-thumb.jpg differ
diff --git a/Ch11/Customcart/images/aw-white-jug-home.jpg b/Ch11/Customcart/images/aw-white-jug-home.jpg
new file mode 100644
index 0000000..8f92b65
Binary files /dev/null and b/Ch11/Customcart/images/aw-white-jug-home.jpg differ
diff --git a/Ch11/Customcart/images/aw-white-jug-thumb.jpg b/Ch11/Customcart/images/aw-white-jug-thumb.jpg
new file mode 100644
index 0000000..426d3df
Binary files /dev/null and b/Ch11/Customcart/images/aw-white-jug-thumb.jpg differ
diff --git a/Ch11/Customcart/images/dove-1.png b/Ch11/Customcart/images/dove-1.png
new file mode 100644
index 0000000..69a4410
Binary files /dev/null and b/Ch11/Customcart/images/dove-1.png differ
diff --git a/Ch11/Customcart/images/k-copper-kettle-300.jpg b/Ch11/Customcart/images/k-copper-kettle-300.jpg
new file mode 100644
index 0000000..7bbaf16
Binary files /dev/null and b/Ch11/Customcart/images/k-copper-kettle-300.jpg differ
diff --git a/Ch11/Customcart/images/k-copper-kettle-home.jpg b/Ch11/Customcart/images/k-copper-kettle-home.jpg
new file mode 100644
index 0000000..957e09d
Binary files /dev/null and b/Ch11/Customcart/images/k-copper-kettle-home.jpg differ
diff --git a/Ch11/Customcart/images/k-copper-kettle-thumb.jpg b/Ch11/Customcart/images/k-copper-kettle-thumb.jpg
new file mode 100644
index 0000000..27ca9f7
Binary files /dev/null and b/Ch11/Customcart/images/k-copper-kettle-thumb.jpg differ
diff --git a/Ch11/Customcart/images/k-still-life-thumb.jpg b/Ch11/Customcart/images/k-still-life-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/Customcart/images/k-still-life-thumb.jpg differ
diff --git a/Ch11/Customcart/images/rsb-beer-thumb.jpg b/Ch11/Customcart/images/rsb-beer-thumb.jpg
new file mode 100644
index 0000000..196ca9c
Binary files /dev/null and b/Ch11/Customcart/images/rsb-beer-thumb.jpg differ
diff --git a/Ch11/Customcart/images/rsb-blue-thumb.jpg b/Ch11/Customcart/images/rsb-blue-thumb.jpg
new file mode 100644
index 0000000..fe2b0c9
Binary files /dev/null and b/Ch11/Customcart/images/rsb-blue-thumb.jpg differ
diff --git a/Ch11/Customcart/images/rsb-fritillary-thumb.jpg b/Ch11/Customcart/images/rsb-fritillary-thumb.jpg
new file mode 100644
index 0000000..1ea329f
Binary files /dev/null and b/Ch11/Customcart/images/rsb-fritillary-thumb.jpg differ
diff --git a/Ch11/Customcart/images/rsb-lyme-thumb.jpg b/Ch11/Customcart/images/rsb-lyme-thumb.jpg
new file mode 100644
index 0000000..ddb1800
Binary files /dev/null and b/Ch11/Customcart/images/rsb-lyme-thumb.jpg differ
diff --git a/Ch11/Customcart/includes/footer.inc b/Ch11/Customcart/includes/footer.inc
new file mode 100644
index 0000000..6048dd8
--- /dev/null
+++ b/Ch11/Customcart/includes/footer.inc
@@ -0,0 +1 @@
+<p>Footer goes here</p>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/footer.php b/Ch11/Customcart/includes/footer.php
new file mode 100644
index 0000000..870c34f
--- /dev/null
+++ b/Ch11/Customcart/includes/footer.php
@@ -0,0 +1 @@
+<p class="h6 col-sm-12" style="color:white;">Footer goes here</p>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/header_add_painting.inc b/Ch11/Customcart/includes/header_add_painting.inc
new file mode 100644
index 0000000..8664bb7
--- /dev/null
+++ b/Ch11/Customcart/includes/header_add_painting.inc
@@ -0,0 +1,14 @@
+<div id="header-button">
+		<ul>
+			<li><a href="admin_add_painting.php">Add Another</a></li>
+			<li><a href="admin_page.php">Add Artist</a></li>
+			<li><a href="#">View Orders</a></li>
+			<li><a href="#">New Password</a></li>
+			<li><a href="logout.php">Logout</a></li>
+		</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+</div>
diff --git a/Ch11/Customcart/includes/header_add_painting1.php b/Ch11/Customcart/includes/header_add_painting1.php
new file mode 100644
index 0000000..3e90198
--- /dev/null
+++ b/Ch11/Customcart/includes/header_add_painting1.php
@@ -0,0 +1,16 @@
+<div class="col-sm-2" >
+<img id="logo" class="img-fluid" style="padding-top: 5px; height="170" src="images/dove-1.png" alt="dove"> 
+</div>
+<div class="col-sm-8" style="color :white; padding-top: 5%;">
+ <div class="h1 mb-2 font-bold text-left" >The Dove Gallery</div>
+ <p class='lead text-center'>Affordable Original Paintings</p>
+</div>
+<div class="col-sm-2" style="padding-top: 10px; padding-bottom: 10px;">
+     <nav>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="admin_add_painting.php" role="button">Add Another</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="admin_page.php" role="button">Add Artist</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="#" role="button">View Orders</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="#" role="button">New Password</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="Logout.php" role="button">Logout</a>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/header_admin.inc b/Ch11/Customcart/includes/header_admin.inc
new file mode 100644
index 0000000..243a8f4
--- /dev/null
+++ b/Ch11/Customcart/includes/header_admin.inc
@@ -0,0 +1,15 @@
+<div id="header-button">
+		<ul>
+			<li><a href="admin_page.php">Add Another</a></li>
+			<li><a href="admin_add_painting.php">Add Painting</a></li>
+			<li><a href="#">View Orders</a></li>
+			<!--<li><a href="#">Edit Content</a></li>-->
+			<li><a href="#">New Password</a></li>
+			<li><a href="logout.php">Logout</a></li>
+		</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+	</div>
diff --git a/Ch11/Customcart/includes/header_checkout.inc b/Ch11/Customcart/includes/header_checkout.inc
new file mode 100644
index 0000000..4d7589d
--- /dev/null
+++ b/Ch11/Customcart/includes/header_checkout.inc
@@ -0,0 +1,10 @@
+<div id="header-button">
+		<ul>
+			<li><a href="logout.php">Logout</a></li>
+		</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+</div>
diff --git a/Ch11/Customcart/includes/header_forgot.inc b/Ch11/Customcart/includes/header_forgot.inc
new file mode 100644
index 0000000..7db9250
--- /dev/null
+++ b/Ch11/Customcart/includes/header_forgot.inc
@@ -0,0 +1,14 @@
+<div id="header-button">
+		<ul>
+			<!--<li><a href="view_gallery.php">View gallery</a></li>
+			<li><a href="search.php">Search</a></li>
+			<li><a href="register.php">Register</a></li>
+			<li><a href="admin_view_art.php">View Art</a></li>
+			<li><a href="admin_search.php">Search</a></li>-->
+			</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+</div>
diff --git a/Ch11/Customcart/includes/header_found_pics.inc b/Ch11/Customcart/includes/header_found_pics.inc
new file mode 100644
index 0000000..ae30e07
--- /dev/null
+++ b/Ch11/Customcart/includes/header_found_pics.inc
@@ -0,0 +1,15 @@
+<div id="header-button">
+		<ul>
+			<li><a href="index.php">home Page</a></li>
+		<form name="_xclick" target="paypal" 
+action="https://www.paypal.com/uk/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_cart">
+<input type="hidden" name="business" value="me@mybusiness.co.uk"> 
+<input type="image" src="https://www.paypal.com/en_GB/i/btn/view_cart.gif" border="0" 
+name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> 
+<input type="hidden" name="display" value="1">
+</form>
+			</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
diff --git a/Ch11/Customcart/includes/header_found_pics_cart.inc b/Ch11/Customcart/includes/header_found_pics_cart.inc
new file mode 100644
index 0000000..2d9aec5
--- /dev/null
+++ b/Ch11/Customcart/includes/header_found_pics_cart.inc
@@ -0,0 +1,26 @@
+<div id="header-button">
+		<ul>
+			<!--<li><a href="view_gallery.php">View gallery</a></li>
+			<li><a href="search.php">Search</a></li>
+			<li><a href="register.php">Register</a></li>
+			<li><a href="admin_view_art.php">View Art</a></li>
+			<li><a href="admin_search.php">Search</a></li>-->
+			<li><a href="cart.php">View Cart</a></li>
+			<li><a href="index.php">Home Page</a></li>
+			<li><a href="logout.php">Logout</a></li>
+		
+		<!--<form name="_xclick" target="paypal" 
+action="https://www.paypal.com/uk/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_cart">
+<input type="hidden" name="business" value="me@mybusiness.co.uk"> 
+<input type="image" src="https://www.paypal.com/en_GB/i/btn/view_cart.gif" border="0" 
+name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> 
+<input type="hidden" name="display" value="1">
+</form>-->
+			</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+	</div>
diff --git a/Ch11/Customcart/includes/header_found_pics_cart1.inc b/Ch11/Customcart/includes/header_found_pics_cart1.inc
new file mode 100644
index 0000000..e2fae3b
--- /dev/null
+++ b/Ch11/Customcart/includes/header_found_pics_cart1.inc
@@ -0,0 +1,46 @@
+<div class="col-sm-2">
+<img class="img-fluid float-left" src="images/dove-1.png" alt="dove"> 
+<!-- <img alt="dove" height="170" src="images/dove-1.png" width="234"> -->
+</div>
+<div class="col-sm-4">
+ <h1 class="mb-4 font-bold">The Dove Gallery</h1>
+<h2 class="mb-4">Affordable Original Paintings</h2>
+ </div>
+     <nav class="col-sm-2">
+	 <div class="btn-group-vertical btn-group-sm" id="header-button" role="group" aria-label="Button Group">
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'cart.php'" >View Cart</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'index.php'" >Home Page</button>
+  <button type="button" class="btn btn-secondary" onclick="location.href = 'logout.php'" >Logout</button>
+</div>
+    </nav>
+	
+	
+<!--
+<div id="header-button">
+		<ul>
+			<!--<li><a href="view_gallery.php">View gallery</a></li>
+			<li><a href="search.php">Search</a></li>
+			<li><a href="register.php">Register</a></li>
+			<li><a href="admin_view_art.php">View Art</a></li>
+			<li><a href="admin_search.php">Search</a></li>
+			<li><a href="cart.php">View Cart</a></li>
+			<li><a href="index.php">Home Page</a></li>
+			<li><a href="logout.php">Logout</a></li>
+		
+		<!--<form name="_xclick" target="paypal" 
+action="https://www.paypal.com/uk/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_cart">
+<input type="hidden" name="business" value="me@mybusiness.co.uk"> 
+<input type="image" src="https://www.paypal.com/en_GB/i/btn/view_cart.gif" border="0" 
+name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> 
+<input type="hidden" name="display" value="1">
+</form>
+			</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+	</div>
+	-->
+	
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/header_found_pics_cart1.php b/Ch11/Customcart/includes/header_found_pics_cart1.php
new file mode 100644
index 0000000..abef4a4
--- /dev/null
+++ b/Ch11/Customcart/includes/header_found_pics_cart1.php
@@ -0,0 +1,14 @@
+<div class="col-sm-2" >
+<img id="logo" class="img-fluid" style="padding-top: 5px; height="170" src="images/dove-1.png" alt="dove"> 
+</div>
+<div class="col-sm-8" style="color :white; padding-top: 5%;">
+ <div class="h1 mb-2 font-bold text-left" >The Dove Gallery</div>
+ <p class='lead text-center'>Affordable Original Paintings</p>
+</div>
+<div class="col-sm-2" style="padding-top: 10px; padding-bottom: 10px;">
+     <nav>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="cart.php" role="button">View Cart</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="index.php" role="button">Home Page</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="Logout.php" role="button">Logout</a>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/header_home.inc b/Ch11/Customcart/includes/header_home.inc
new file mode 100644
index 0000000..f521c10
--- /dev/null
+++ b/Ch11/Customcart/includes/header_home.inc
@@ -0,0 +1,14 @@
+<div id="header-button">
+		<ul>
+			<!--<li><a href="view_gallery.php">View gallery</a></li>-->
+			<li><a href="register.php">Register</a></li>
+			<li><a href="login.php">Login</a></li>
+			<!--<li><a href="admin_view_art.php">View Art</a></li>-->
+			<!--<li><a href="admin_search.php">Search</a></li>-->
+			</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/header_login.inc b/Ch11/Customcart/includes/header_login.inc
new file mode 100644
index 0000000..28d8175
--- /dev/null
+++ b/Ch11/Customcart/includes/header_login.inc
@@ -0,0 +1,14 @@
+<div id="header-button">
+		<ul>
+			<!--<li><a href="view_gallery.php">View gallery</a></li>-->
+			<!--<li><a href="search.php">Search</a></li>-->
+			<li><a href="register.php">Register</a></li>
+			<!--<li><a href="admin_view_art.php">View Art</a></li>-->
+			<!--<li><a href="admin_search.php">Search</a></li>-->
+			</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/header_reg.inc b/Ch11/Customcart/includes/header_reg.inc
new file mode 100644
index 0000000..58d0d30
--- /dev/null
+++ b/Ch11/Customcart/includes/header_reg.inc
@@ -0,0 +1,10 @@
+<div id="header-button">
+		<ul>
+			<li><a href="register.php">Erase Entries</a></li>
+			</ul>
+</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/header_thanks.inc b/Ch11/Customcart/includes/header_thanks.inc
new file mode 100644
index 0000000..6760554
--- /dev/null
+++ b/Ch11/Customcart/includes/header_thanks.inc
@@ -0,0 +1,15 @@
+<div id="header-button">
+		<ul>
+			<!--<li><a href="view_gallery.php">View gallery</a></li>-->
+			<!--<li><a href="search.php">Search</a></li>-->
+			<!--<li><a href="view_art.php">View Art</a></li>-->
+			<!--<li><a href="admin_view_art.php">View Art</a></li>-->
+			<!--<li><a href="admin_search.php">Search</a></li>-->
+			<li><a href="login.php">Login</a></li>
+			</ul>
+	</div>
+<h1>The Dove Gallery</h1>
+<h2>Affordable Original Paintings</h2>
+<div id="logo">
+	<img alt="dove" height="170" src="images/dove-1.png" width="234">
+</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/login_page.inc b/Ch11/Customcart/includes/login_page.inc
new file mode 100644
index 0000000..ab01df8
--- /dev/null
+++ b/Ch11/Customcart/includes/login_page.inc
@@ -0,0 +1,8 @@
+<h2>Login</h2>
+<form action="login.php" method="post">
+	<p><label class="label" for="email">Email Address:</label>
+	<input id="email" type="text" name="email" size="30" maxlength="60" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" > </p>
+		<p><label class="label" for="psword">Password:</label>
+	<input id="psword" type="password" name="psword" size="12" maxlength="12" value="<?php if (isset($_POST['psword'])) echo $_POST['psword']; ?>" ></p>
+	<br><br><p><input id="submit" type="submit" name="submit" value="Login"></p>
+</form>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/login_page.inc.php b/Ch11/Customcart/includes/login_page.inc.php
new file mode 100644
index 0000000..ab01df8
--- /dev/null
+++ b/Ch11/Customcart/includes/login_page.inc.php
@@ -0,0 +1,8 @@
+<h2>Login</h2>
+<form action="login.php" method="post">
+	<p><label class="label" for="email">Email Address:</label>
+	<input id="email" type="text" name="email" size="30" maxlength="60" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" > </p>
+		<p><label class="label" for="psword">Password:</label>
+	<input id="psword" type="password" name="psword" size="12" maxlength="12" value="<?php if (isset($_POST['psword'])) echo $_POST['psword']; ?>" ></p>
+	<br><br><p><input id="submit" type="submit" name="submit" value="Login"></p>
+</form>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/menu.inc b/Ch11/Customcart/includes/menu.inc
new file mode 100644
index 0000000..683d52c
--- /dev/null
+++ b/Ch11/Customcart/includes/menu.inc
@@ -0,0 +1,6 @@
+<ul>
+		<li><a href="#" title="About Us">About Us</a></li>
+		<li><a href="#" title="Frequently Asked Questions">FAQs</a></li>
+		<li><a href="#" title="Contact Us">Contact Us</a></li>
+		<li><a href="index.php" title="Return to Home Page">Home Page</a></li>
+</ul>
diff --git a/Ch11/Customcart/includes/menu1.php b/Ch11/Customcart/includes/menu1.php
new file mode 100644
index 0000000..88646b1
--- /dev/null
+++ b/Ch11/Customcart/includes/menu1.php
@@ -0,0 +1,8 @@
+<div style="padding-top: 10px; padding-bottom: 10px;">
+     <nav>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="#" role="button">About Us</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="#" role="button">FAQs</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="#" role="button">Contact Us</a>
+	 <a class="btn btn-primary btn-sm float-right" style="background:#559a55; border: 5px outset #559a55; width:160px;" href="index.php" role="button">Home Page</a>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/Customcart/includes/style.css b/Ch11/Customcart/includes/style.css
new file mode 100644
index 0000000..eec13e8
--- /dev/null
+++ b/Ch11/Customcart/includes/style.css
@@ -0,0 +1,6 @@
+header > h1 { border-bottom: 1px dashed black ; font-style: italic ; font-size: x-large; }
+footer > p { border-top: 1px dashed black ; font-style: italic ; }
+table { border-spacing:5px; width:530px;}
+th { color:#FFF; background:#000; text-align:left; }
+td { border-bottom:1px solid black; background:#F0F0F0; padding:3px; text-align:left; vertical-align:top;}
+p#err_msg { color:#F00; font-weight:bold; }
\ No newline at end of file
diff --git a/Ch11/Customcart/index.php b/Ch11/Customcart/index.php
new file mode 100644
index 0000000..365be98
--- /dev/null
+++ b/Ch11/Customcart/index.php
@@ -0,0 +1,38 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Home page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+#midcol h3.search {	width:500px; margin-left:142px;}
+#midcol p.gallery {	margin-left:70px;}
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_home.inc'); ?>
+</header>
+<div id="content"><!--Start of admin page content. -->
+<div id="rightcol">
+	<nav>
+	<?php include('includes/menu.inc'); ?>
+	</nav>
+</div>
+<div id="midcol">
+	<h2>Welcome to the Dove Gallery</h2>
+	<h3 class="search">To search the gallery, please register and log in</h3>
+	<p class="gallery">
+	<img alt="Brown Jug by Adrian West" height="228" src="images/aw-brown-vessel-200.jpg" width="200">
+	<img alt="L-Silver washed blue" height="245" src="images/L-silver-studded-blue.jpg" width="200">
+	<img alt="White Jug" height="228" src="images/aw-white-jug-home.jpg" width="168">
+	<img alt="Copper kettle" height="213" src="images/k-copper-kettle-home.jpg" width="252">&nbsp;
+	<img alt="Looking Back at Beer" height="213" src="images/L-looking-back-a-beer.jpg" width="300">
+	</p>
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer></div>
+</div></div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/login-files/login.php b/Ch11/Customcart/login-files/login.php
new file mode 100644
index 0000000..640deaf
--- /dev/null
+++ b/Ch11/Customcart/login-files/login.php
@@ -0,0 +1,47 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Login page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="msgboard.css">
+<style type="text/css">
+h2 { color:navy; }
+/*#tab-navigation ul { margin-left:140px; }*/
+form { padding-left:260px; width:200px;}
+.label { width:120px; float:left; text-align:right;}
+form p { width:280px; }
+p.submit {margin-left:125px; }
+</style>
+</head>
+<body>
+<br>
+<div id='container'>
+<header>
+<?php include ( 'includes/header_login.php' ) ;?>
+</header>
+<?php
+// Display any error messages if present.
+if ( isset( $errors ) AND !empty( $errors ) )
+{
+ echo '<p id="err_msg">A problem occurred:<br>' ;
+ foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
+ echo 'Please try again or <a href="register-page.php">Register</a></p>' ;
+}
+?>
+<!-- Display the login form fields -->
+<h2>Login</h2>
+<form action="process_login.php" method="post">
+<p><label class="label" for="user_name">User Name:</label><input id="user_name" type="text" 
+name="user_name" size="16" maxlength="16" value="<?php if (isset($_POST['user_name']))
+echo $_POST['user_name']; ?>"></p>
+<p><label class="label" for="passcode">Password:</label><input id="passcode" 
+type="password" name="passcode" size="16" maxlength="16" value="<?php if
+(isset($_POST['passcode'])) echo $_POST['passcode']; ?>" ></p>
+<p class="submit"><input type="submit" value="Login" ></p>
+</form>
+<footer>
+<?php include ( 'includes/footer.php' ) ; ?>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/login-files/login_functions.php b/Ch11/Customcart/login-files/login_functions.php
new file mode 100644
index 0000000..7bc1283
--- /dev/null
+++ b/Ch11/Customcart/login-files/login_functions.php
@@ -0,0 +1,48 @@
+<?php 
+// Function for loading the URL of pages
+function load( $page = 'login.php' )
+{
+  // The code for setting the page URL
+  $url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[ 'PHP_SELF' ] ) ;
+  // Trim the URL
+  $url = rtrim( $url, '/\\' ) ;
+  $url .= '/' . $page ;
+ //Redirect to the page and exit the script. 
+  header( "Location: $url" ) ; 
+  exit() ;
+}
+// Create a function to check user name and password 
+function validate( $dbcon, $user_name = '', $passcode = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the user name been entered?
+  if ( empty( $user_name ) ) 
+  { $errors[] = 'You forgot to enter your user name' ; 
+  } 
+  else  { $user_name = mysqli_real_escape_string( $dbcon, trim( $user_name ) ) ; 
+  }
+  // Has the password been entered
+  if ( empty( $passcode ) ) 
+  { $errors[] = 'Enter your password.' ; 
+  } 
+  else { $passcode = mysqli_real_escape_string( $dbcon, trim( $passcode ) ) ; 
+  }
+  $hp=password_hash($p, PASSWORD_BCRYPT);
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+    $q = "SELECT member_id, user_name FROM members WHERE user_name='$user_name' AND passcode='$hp')" ;  
+    $result = mysqli_query ( $dbcon, $q ) ;
+    if ( mysqli_num_rows( $result ) == 1 ) 
+    {
+      $row = mysqli_fetch_array ( $result, MYSQLI_ASSOC ) ;
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/login-files/process_login.php b/Ch11/Customcart/login-files/process_login.php
new file mode 100644
index 0000000..0b895d0
--- /dev/null
+++ b/Ch11/Customcart/login-files/process_login.php
@@ -0,0 +1,27 @@
+<?php
+// Was the form submitted?
+if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
+{
+// Connect to the database .
+  require ( 'mysqli_connect.php' ) ;
+// Load the validation functions.
+  require ( 'login_functions.php' ) ;
+// Check the login data
+  list ( $check, $data ) = validate ( $dbcon, $_POST[ 'user_name' ], $_POST[ 'passcode' ] ) ;
+// If successful, set session data and display the forum.php page
+  if ( $check )  
+  {
+// Access the session details
+    session_start();
+    $_SESSION[ 'member_id' ] = $data[ 'member_id' ] ;
+    $_SESSION[ 'user_name' ] = $data[ 'user_name' ] ;
+    load ( 'forum.php' ) ;
+  }
+// If it fails, set the error messages
+  else { $errors = $data; } 
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// If it unsuccessful continue to display the login page
+include ( 'login.php' ) ;
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/login.php b/Ch11/Customcart/login.php
new file mode 100644
index 0000000..5921a3a
--- /dev/null
+++ b/Ch11/Customcart/login.php
@@ -0,0 +1,57 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Login page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+#content h2 { width:60px; margin-left:-40px; }
+p.error { color:red; font-size:105%; font-weight:bold; text-align:center;}
+form { 	margin-left:130px; }
+.submit { margin-left:215px; }
+.cntr { text-align:center; margin-left:20px; }
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_login.inc'); ?>
+</header>
+<div id="content"><!--Start of the login page content-->
+<div id="rightcol">
+	<nav>
+	<?php include('includes/menu.inc'); ?>
+	</nav>
+</div>
+<?php
+// Display any error messages if present.
+if ( isset( $errors ) && !empty( $errors ) )
+{
+ echo '<p id="err_msg">A problem occurred:<br>' ;
+ foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
+ echo 'Please try again or <a href="register-page.php">Register</a></p>' ;
+}
+?>
+<!-- Display the login form fields -->
+<h2>Login</h2>
+<form id="login" action="process_login.php" method="post">
+<p><label class="label" for="email">E-mail:</label>
+<input id="email" type="text" name="email" size="12"
+value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" 
+required> </p>
+<!--<br>-->
+<p><label class="label" for="passcode">Password:</label>
+<input id="passcode" type="password" name="passcode" size="12" minlength="8" maxlength="12"
+value="<?php if (isset($_POST['passcode'])) echo $_POST['passcode']; ?>" 
+required>
+<span>&nbsp;Between 8 and 12 characters.</span></p>
+<!--<p>&nbsp;</p>--><p><input id="submit_login" type="submit" name="submit_login" value="Login"></p>
+</form>
+<footer>
+<?php
+include ( 'includes/footer.inc' ) ; 
+?>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/login_functions.php b/Ch11/Customcart/login_functions.php
new file mode 100644
index 0000000..945bcfb
--- /dev/null
+++ b/Ch11/Customcart/login_functions.php
@@ -0,0 +1,66 @@
+<?php 
+// Create a function to check user name and password 
+function validate( $dbcon, $email = '', $passcode = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the user name been entered?
+  if ( !empty( $email ) ) 
+  {  $user_name = trim( $email); 
+  }
+  if ( empty( $email ) ) 
+  { $errors[] = 'You forgot to enter your user name' ; 
+  } 
+   
+  // Has the password been entered
+  if ( !empty( $passcode ) ) 
+  {  
+  $passcode = trim( $passcode ); 
+  }
+  if ( empty( $passcode ) ) 
+  { $errors[] = 'Enter your password.' ; 
+  } 
+  
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+	  
+	  try {
+ $query = "SELECT user_id, password, user_level FROM users WHERE email=?" ;  
+ 
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+if ((mysqli_num_rows($result) == 1) && 
+(password_verify($passcode, $row['password']))) {
+
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+	  }
+	  catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/login_toolss.php b/Ch11/Customcart/login_toolss.php
new file mode 100644
index 0000000..b634d7f
--- /dev/null
+++ b/Ch11/Customcart/login_toolss.php
@@ -0,0 +1,47 @@
+<?php 
+// Function for loading the URL of pages
+function load( $page = 'login.php' )
+{
+  // The code for setting the page URL
+  $url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[ 'PHP_SELF' ] ) ;
+  // Trim the URL
+  $url = rtrim( $url, '/\\' ) ;
+  $url .= '/' . $page ;
+ //Redirect to the page and exit the script. 
+  header( "Location: $url" ) ; 
+  exit() ;
+}
+// Create a function to check email and password 
+function validate( $dbcon, $email = '', $p = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the email been entered?
+  if ( empty( $email ) ) 
+  { $errors[] = 'You forgot to enter your email' ; 
+  } 
+  else  { $email = mysqli_real_escape_string( $dbcon, trim( $email ) ) ; 
+  }
+  // Has the password been entered
+  if ( empty( $p ) ) 
+  { $errors[] = 'Enter your password.' ; 
+  } 
+  else { $p = mysqli_real_escape_string( $dbcon, trim( $p ) ) ; 
+  }
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+    $q = "SELECT user_id, email FROM users WHERE emai='$email' AND psword=SHA1('$p')" ;  
+    $result = mysqli_query ( $dbcon, $q ) ;
+    if ( @mysqli_num_rows( $result ) == 1 ) 
+    {
+      $row = mysqli_fetch_array ( $result, MYSQLI_ASSOC ) ;
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/Customcart/logout.php b/Ch11/Customcart/logout.php
new file mode 100644
index 0000000..07c13b0
--- /dev/null
+++ b/Ch11/Customcart/logout.php
@@ -0,0 +1,12 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+	$_SESSION = array(); // Destroy the variables
+	session_destroy(); // Destroy the session
+	setcookie('PHPSESSID', time()-3600,'/', 0, 0);//Destroy the cookie
+	header("location:index.php");
+	exit();
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/mysqli_connect.php b/Ch11/Customcart/mysqli_connect.php
new file mode 100644
index 0000000..26eb5ed
--- /dev/null
+++ b/Ch11/Customcart/mysqli_connect.php
@@ -0,0 +1,12 @@
+<?php 
+// Create a connection to the migrate database and to MySQL
+// Set the encoding to utf-8
+// Set the database access details as constants
+DEFINE ('DB_USER', 'turing');
+DEFINE ('DB_PASSWORD', 'En1gm3');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'customdb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
diff --git a/Ch11/Customcart/order_contents.sql b/Ch11/Customcart/order_contents.sql
new file mode 100644
index 0000000..c3f41ea
--- /dev/null
+++ b/Ch11/Customcart/order_contents.sql
@@ -0,0 +1,55 @@
+-- phpMyAdmin SQL Dump
+-- version 3.5.2
+-- http://www.phpmyadmin.net
+--
+-- Host: localhost
+-- Generation Time: Nov 08, 2013 at 06:53 PM
+-- Server version: 5.5.25a
+-- PHP Version: 5.4.4
+
+SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8 */;
+
+--
+-- Database: `shopdb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_contents`
+--
+
+CREATE TABLE IF NOT EXISTS `order_contents` (
+  `content_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `order_id` int(10) unsigned NOT NULL,
+  `art_id` int(10) unsigned NOT NULL,
+  `quantity` int(10) unsigned NOT NULL DEFAULT '1',
+  `price` decimal(4,2) NOT NULL,
+  PRIMARY KEY (`content_id`)
+) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=10 ;
+
+--
+-- Dumping data for table `order_contents`
+--
+
+INSERT INTO `order_contents` (`content_id`, `order_id`, `art_id`, `quantity`, `price`) VALUES
+(1, 2, 4, 1, 17.99),
+(2, 3, 4, 1, 17.99),
+(3, 4, 2, 1, 14.99),
+(4, 5, 3, 1, 16.99),
+(5, 6, 1, 1, 19.99),
+(6, 7, 1, 1, 60.00),
+(7, 8, 2, 1, 99.99),
+(8, 15, 1, 1, 60.00),
+(9, 16, 1, 1, 60.00);
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch11/Customcart/orders.sql b/Ch11/Customcart/orders.sql
new file mode 100644
index 0000000..b01a89a
--- /dev/null
+++ b/Ch11/Customcart/orders.sql
@@ -0,0 +1,40 @@
+-- phpMyAdmin SQL Dump
+-- version 3.5.2
+-- http://www.phpmyadmin.net
+--
+-- Host: localhost
+-- Generation Time: Nov 08, 2013 at 07:04 PM
+-- Server version: 5.5.25a
+-- PHP Version: 5.4.4
+
+SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8 */;
+
+--
+-- Database: `shopperdb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `orders`
+--
+
+CREATE TABLE IF NOT EXISTS `orders` (
+  `order_id` int(8) unsigned NOT NULL AUTO_INCREMENT,
+  `buyer_id` int(8) unsigned NOT NULL,
+  `total_price` decimal(7,2) NOT NULL,
+  `order_date` datetime NOT NULL,
+  PRIMARY KEY (`order_id`),
+  KEY `buyer_id` (`buyer_id`,`order_date`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch11/Customcart/process_add_painting.php b/Ch11/Customcart/process_add_painting.php
new file mode 100644
index 0000000..88951f2
--- /dev/null
+++ b/Ch11/Customcart/process_add_painting.php
@@ -0,0 +1,92 @@
+<?php
+	$errors = array(); // Start an array to contain the error messages 
+// Check if a thumbnail url has been entered
+	if (empty($_POST['thumb'])) {
+				$errors[] = 'You forgot to enter the thumbnail url';
+	} else {
+		$thumb = ($_POST['thumb']);
+	}
+// Check for a type
+	if (empty($_POST['type'])) {
+		$errors[] = 'You forgot to enter the type of painting';
+	} else {
+		$type = trim($_POST['type']);
+	}
+// Has a price been entered?	
+if (empty($_POST['price'])){
+$errors[] ='You forgot to enter the price.' ;
+}
+elseif (!empty($_POST['price'])) {			
+//Remove unwanted characters and use regex to ensure that the remaining characters are digits
+$price = preg_replace('/\D+/', '', ($_POST['price']));
+}
+// Has the medium been entered?
+	if (empty($_POST['medium'])) {
+				$errors[] = 'You forgot to enter the medium';
+	} else {
+		$medium = ($_POST['medium']);
+	}
+
+	// Has the artist been entered?
+	if (empty($_POST['artist'])) {
+				$errors[] = 'You forgot to enter the artist';
+	} else {
+		$artist = ($_POST['artist']);
+	}
+// Has a brief description been entered?
+	if (empty($_POST['mini_descr'])) {
+			 $errors[] = 'You forgot to enter the brief description';
+	} else{
+	 $mini_descr = strip_tags($_POST['mini_descr']);
+	 }
+	 // Has the PPcode been entered?
+	if (empty($_POST['ppcode'])) {
+			 $errors[] = 'You forgot to enter the PayPal code';
+	} else{
+	 $ppcode = ($_POST['ppcode']);
+	 }
+if (empty($errors)) { // If no errors were encountered
+	// Register the painting in the database
+try {
+		require ('mysqli_connect.php'); // Connect to the database
+		// Make the query:'
+		
+	$query = "INSERT INTO art (art_id, thumb, type, medium, artist, mini_descr, price)"; 
+    $query .= "VALUES ";
+	$query .= "(' ', ?,?,?,?,?,?)"; 
+    $q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 'sssssss', $thumb, $type, $medium, $artist, $mini_descr, $price );
+    // execute query
+    mysqli_stmt_execute($q);
+    if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2>The painting was successfully registered</h2><br>';
+		} else { // If it was not registered
+		// Error message:
+			echo '<h2>System Error</h2>
+			<p class="error">The painting could not be added due to a system error. We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+	} else { // Display the errors.
+		echo '<h2>Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Print each error.
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h3>Please try again.</h3><p><br></p>';
+		}// End of if (empty($errors))
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/process_login.php b/Ch11/Customcart/process_login.php
new file mode 100644
index 0000000..459f34e
--- /dev/null
+++ b/Ch11/Customcart/process_login.php
@@ -0,0 +1,32 @@
+<?php
+// Was the form submitted?
+if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
+{
+// Connect to the database .
+  require ( 'mysqli_connect.php' ) ;
+// Load the validation functions.
+  require ( 'login_functions.php' ) ;
+// Check the login data
+  list ( $check, $data ) = validate ( $dbcon, $_POST[ 'email' ], $_POST[ 'passcode' ] ) ;
+// If successful, set session data and display the forum.php page
+  if ( $check )  
+  {
+// Access the session details
+    session_start();
+    $_SESSION[ 'user_id' ] = $data[ 'user_id'];
+    $_SESSION[ 'email' ] = $data[ 'email' ] ;
+	$_SESSION[ 'user_level' ] = $data[ 'user_level' ];
+	if ($data[ 'user_level'] == 1) {
+    header ( 'Location: admin_page.php' ) ;
+	} else {
+	header ( 'Location: users_search_page.php' );
+  }
+  }
+// If it fails, set the error messages
+  else { $errors = $data; } 
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// If it unsuccessful continue to display the login page
+include ( 'login.php' ) ;
+?>
\ No newline at end of file
diff --git a/Ch11/Customcart/register-thanks.php b/Ch11/Customcart/register-thanks.php
new file mode 100644
index 0000000..05a561d
--- /dev/null
+++ b/Ch11/Customcart/register-thanks.php
@@ -0,0 +1,36 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Home page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+#content h2 { margin-left:0; }
+#content h3 { margin-left:200px; }
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_thanks.inc'); ?>
+</header>
+	<div id="content"><!--Start of the thank you page content-->
+<div id="rightcol">
+<nav>
+<?php include('includes/menu.inc'); ?>
+</nav>
+</div>
+
+<div id="midcol">
+<h2>Thank you for registering</h2>
+<h3>You will now be able to login, search for, and view the paintings.</h3>
+
+</div><br class="clear">
+	<!--End of the thankyou page content-->
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer>
+</div></div>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/register.css b/Ch11/Customcart/register.css
new file mode 100644
index 0000000..83317e3
--- /dev/null
+++ b/Ch11/Customcart/register.css
@@ -0,0 +1,5 @@
+#midcol h2 { margin-left:-15px; }
+#midcol h3 {margin-left:240px;;}
+form { 	margin-left:150px; }
+input {	margin-bottom:5px;}
+p.error { color:red; font-size:105%; font-weight:bold; text-align:center;}
\ No newline at end of file
diff --git a/Ch11/Customcart/register.php b/Ch11/Customcart/register.php
new file mode 100644
index 0000000..8a5d7b7
--- /dev/null
+++ b/Ch11/Customcart/register.php
@@ -0,0 +1,243 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Registration page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<link rel="stylesheet" type="text/css" href="register.css">
+
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_reg.inc'); ?>
+</header>
+<div id="content"><!--Start of the registration page content-->
+<div id="rightcol">
+<nav>
+<?php include('includes/menu.inc'); ?>
+</nav>
+</div>
+<?php
+require ('mysqli_connect.php'); // Connect to the database
+// Has the form been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+try {
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+//Is the title present? If it is, trim it                                    
+	if (isset($_POST['title'])) {
+	$titletrim = trim($_POST['title']);						
+	//Sanitize the trimmed title						
+	$titletrim = (filter_var($titletrim, FILTER_SANITIZE_STRING));			
+	$titletrim = mysqli_real_escape_string($dbcon, $titletrim);				
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+    $first_name = trim($_POST['first_name']);
+// Strip HTML and apply escaping//	Is the first name present? If it is, trim it
+if (!empty($first_name)) {				
+	//Sanitize the trimmed first name						
+	$first_nametrim = (filter_var($first_name, FILTER_SANITIZE_STRING));
+    $first_nametrim = (filter_var($first_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$errors[] = 'You forgot to enter your first name.';
+	}
+	//Is the last name present? If it is, trim it and sanitize it
+	$last_name = trim($_POST['last_name']);		
+if (!empty($last_name)) {					
+	//Sanitize the trimmed last name						
+	$last_nametrim = (filter_var($last_name, FILTER_SANITIZE_STRING));	
+	$last_nametrim = (filter_var($last_nametrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'You forgot to enter your last name.';
+	}
+// Set the email alias as false and check for an email address:
+//$e = FALSE;	                                                                #1								
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = trim($_POST['password1']);	
+if (empty($password1trim)){   //                                             #7
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match('/^\w{8,12}$/', $password1trim)) {  //                        #8
+$errors[] = 'Invalid password, use 8 to 12 characters and no spaces.';
+} else{
+$password1 = $password1trim;
+}
+$password2trim = trim($_POST['password2']);	
+if($password1 ==+ $password2trim) { //                                 #9
+$password = $password1;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+//Is the 1st address present? If it is, trim it and sanitize it
+$address1trim = trim($_POST['address1']);		
+if (!empty($address1trim)) {					
+	//Sanitize the trimmed 1st address						
+	$address1trim = (filter_var($address1trim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'You forgot to enter your first address.';
+	}
+//If the 2nd address is present? If it is, trim it and sanitize it          #10
+$address2trim = trim($_POST['address2']);		
+if (!empty($address2trim)) {					
+	//Sanitize the trimmed 2nd address						
+	$address2trim = (filter_var($address2trim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, trim it and sanitize it
+$citytrim = trim($_POST['city']);		
+if (!empty($citytrim)) {					
+	//Sanitize the trimmed city						
+	$citytrim = (filter_var($citytrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'You forgot to enter your city.';
+	}
+//Is the state or country present? If it is, trim it and sanitize it
+$state_countrytrim = trim($_POST['state_country']);		
+if (!empty($state_countrytrim)) {				
+	//Sanitize the trimmed state or country						
+	$state_countrytrim = (filter_var($state_countrytrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'You forgot to enter your state or country.';
+	}
+//Is the zip code or post code present? If it is, trim it and sanitize it
+$zcode_pcodetrim = trim($_POST['zcode_pcode']);		
+if (!empty($zcode_pcodetrim)) {					
+	//Sanitize the trimmed zcode_pcode						
+	$zcode_pcodetrim = (filter_var($zcode_pcodetrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'You forgot to enter your zip code or post code.';
+	}
+//Is the phone number present? If it is, trim it and sanitize it     
+$phonetrim = trim($_POST['phone']);		
+if (!empty($phonetrim)) {					
+	//Sanitize the trimmed phone number						
+	$phonetrim = (filter_var($phonetrim, FILTER_SANITIZE_NUMBER_INT));						
+	}else{	
+	$phonetrim = NULL;
+	}
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT user_id FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $e);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+	$query = "INSERT INTO users (user_id, title, first_name, last_name, email, password,"; 
+    $query .= "address1, address2, city, state_country, zcode_pcode, phone, registration_date) ";
+    $query .= "VALUES ";
+	$query .= "(' ',?,?,?,?,?,?,?,?,?,?,?,NOW())"; 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'sssssssssss', $titletrim, $first_nametrim, $last_nametrim, $emailtrim, $hashed_password, $address1trim, $address2trim, $citytrim, $state_countrytrim, $zcode_pcodetrim, $phonetrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+	header ("location: register-thanks.php"); 					
+	} else {
+	echo 'Invalid query:' . $dbcon->error; 
+// change to generic message in production
+	}
+	}else{//The email address is already registered                         
+echo '<p class="error">The email address is already registered</p>';
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+echo '<h2>Error!</h2>
+<p class="error">The following error(s) occurred:<br>';
+foreach ($errors as $msg) { // Print each error.				
+echo " - $msg<br>\n";
+    }
+echo '</p><h3>Please try again.</h3><p><br></p>';
+    }// End of if (empty($errors)) IF.
+mysqli_close($dbcon);
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+    //print "An Error occurred. Message: " . $e->getMessage();
+}
+} 
+?>
+<div id="midcol">
+<h2>Account Registration</h2>
+		<h3 class="content">Items marked with an asterisk * are essential</h3>
+<form action="register.php" method="post">
+	<label class="label" for="title">Title*</label>
+	<input id="title" type="text" name="title" size="15" maxlength="12" required value="<?php if (isset($_POST['title'])) echo $_POST['title']; ?>">
+	
+	<br><label class="label" for="first_name">First Name*</label>
+	<input id="first_name" type="text" name="first_name" size="30" maxlength="30" required value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>">
+	
+	<br><label class="label" for="last_name">Last Name*</label>
+	<input id="last_name" type="text" name="last_name" size="30" maxlength="40" required value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>">
+	
+	<br><label class="label" for="email">Email Address*</label>
+	<input id="email" type="text" name="email" size="30" maxlength="60" required value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" >
+	
+	<br><label class="label" for="psword1">Password*</label>
+	<input id="password1" type="password" name="password1" size="12" minlength="8" maxlength="12" required value="<?php if (isset($_POST['password1'])) echo $_POST['password1']; ?>" >8 
+	to 12 characters
+	
+	<br><label class="label" for="password2">Confirm Password*</label>
+	<input id="password2" type="password" name="password2" size="12" minlength="8" maxlength="12" required value="<?php if (isset($_POST['psword2'])) echo $_POST['password2']; ?>" >
+	
+	<br><label class="label" for="address1">Address*</label>
+	<input id="address1" type="text" name="address1" size="30" maxlength="30" required value="<?php if (isset($_POST['address1'])) echo $_POST['address1']; ?>">
+	
+	<br><label class="label" for="addr2">Address</label>
+	<input id="address2" type="text" name="address2" size="30" maxlength="30" value="<?php if (isset($_POST['address2'])) echo $_POST['address2']; ?>">
+	
+	<br><label class="label" for="city">City*</label>
+	
+	<input id="city" type="text" name="city" size="30" maxlength="30" required value="<?php if (isset($_POST['city'])) echo $_POST['city']; ?>">
+	
+	<br><label class="label" for="state_country">Country/state*</label>
+	<input id="state_country" type="text" name="state_country" size="30" maxlength="30" required value="<?php if (isset($_POST['state_country'])) echo $_POST['state_country']; ?>">
+	
+	<br><label class="label" for="zcode_pcode">zcode/pcode*</label>
+	<input id="pcode" type="text" name="zcode_pcode" size="15" maxlength="15" required value="<?php if (isset($_POST['zcode_pcode'])) echo $_POST['zcode_pcode']; ?>">
+	
+	<br><label class="label" for="phone">Telephone</label>
+	<input id="phone" type="tel" name="phone" size="30" maxlength="30" value="<?php if (isset($_POST['phone'])) echo $_POST['phone']; ?>">
+
+	<p><input id="submit" type="submit" name="submit" value="Register"></p>
+</form>
+</div>
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer>
+</div>
+</div>
+<div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/Customcart/search.css b/Ch11/Customcart/search.css
new file mode 100644
index 0000000..c4d7ad5
--- /dev/null
+++ b/Ch11/Customcart/search.css
@@ -0,0 +1,7 @@
+p { font-size:110%; }
+#midcol h2 { width:400px; }
+#mid-left-col h3 {font-size:150%; text-align:left; }
+select { width:130px; }
+form { 	margin-left:170px; }
+.search { margin:0 0 0 120px; font-weight:bold; font-size:130%; color:white; }
+#submit { width:70px; margin-left:0; }
\ No newline at end of file
diff --git a/Ch11/Customcart/transparent.css b/Ch11/Customcart/transparent.css
new file mode 100644
index 0000000..bd0cf8d
--- /dev/null
+++ b/Ch11/Customcart/transparent.css
@@ -0,0 +1,64 @@
+/*equalise all the margins, paddings and borders built into various browsers
+div body #header #content { margin:0; padding:0; border:0; 
+}*/
+body { background:#68CE53; font-family:arial; font-size: 100%;
+}
+/*add display attributes for the semantic tags*/
+/*header, footer, section, article, nav { display:block; 
+}*/
+header {border:10px white solid;
+background:#95b522;
+}
+#logo { position:absolute; left:10px; top:5px;}
+#container {
+	margin:auto;
+}
+#content { background-color:transparent; border:10px white solid; color: white; 
+}
+#rightcol { width: 135px; float:right; height: 200px; margin-right:10px;
+}
+#midcol { margin-left:15px; margin-right:145px; margin-top:10px; vertical-align:top;
+}
+#midcol h2 { position:relative; left:325px;
+	
+}
+#mid-left-col { float:left;
+	width:47%;
+}
+#mid-right-col {float:right;
+	width:47%;
+}
+/* set side menu block position and width*/
+
+nav li a:hover, #header-button li a:hover {  background: red;  color:white; border: 5px outset red;
+}
+/*mouse active*/
+nav li a:active { background:maroon;  border: 5px inset maroon; 
+}
+/*#ftr {
+	margin:auto; text-align:center;
+}*/
+br.clear { clear:both; 
+}
+#midcol img { margin-left:10px; 
+}
+footer { clear:both; color:black; text-align:center; margin:auto;
+}
+table tr td {
+	background-color:#FFFFFF; text-align:center; border: 1px black solid; border-collapse:collapse;
+}
+.label { float:left; width:210px; text-align:right; clear:left; margin-right:5px;
+}
+#submit { margin-left:215px; text-align:center;
+}
+
+#loginfields { display:block; margin-left:50px;
+}
+#loginfields input { float:left; margin-bottom:5px;
+}
+#loginfields label { margin-bottom:5px; font-weight:bold;
+}
+#loginfields span { float:left;
+}
+#loginfields submit { margin:5px auto 5px auto;
+}
diff --git a/Ch11/Customcart/users_search_page.php b/Ch11/Customcart/users_search_page.php
new file mode 100644
index 0000000..3cf9035
--- /dev/null
+++ b/Ch11/Customcart/users_search_page.php
@@ -0,0 +1,69 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>The registered user's search page, custom cart version</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+p { font-size:110%; }
+#midcol h2 { width:400px; }
+#mid-left-col h3 {font-size:150%; text-align:left; }
+select { width:130px; }
+form { margin-left:150px; }
+.search { margin:0 0 0 120px; font-weight:bold; font-size:130%; color:white; }
+#submit { width:70px; margin-left:0; }
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_forgot.inc'); ?>
+</header>
+<div id="content"><!--Start of users' search page content-->
+<div id="rightcol">
+	<nav>
+	<?php include('includes/menu.inc'); ?>
+	</nav>
+</div>
+<div id="midcol">
+<div id="mid-left-col">
+	<h3><b>Welcome to the Dove Gallery</b></h3>
+	<p><b>All prices include frames, sales tax, delivery and insurance</b></p>
+	<p class="search"><strong>Search for a painting</strong></p>
+<form action="found_pics_cart.php" method="post">
+	<strong>Type</strong><br>
+	<select name="type">
+	<option value="">- Select -</option>
+	<option value="still-life">Still Life</option>
+	<option value="nature">Nature</option>
+	<option value="abstract">Abstract</option>
+	</select><br>
+	<strong>Maximum Price</strong><br>
+	<select name="price">
+	<option value="">- Select -</option>
+	<option value="40">&pound;40</option>
+	<option value="80">&pound;80</option>
+	<option value="800">&pound;800</option>
+	</select><br>
+	<p><input id="submit" type="submit" name="submit" value="Search"></p>
+</form>
+</div>
+<div id="mid-right-col">
+<p><img alt="Copper Kettle by James Kessell" height="254" src="images/k-copper-kettle-
+300.jpg" width="300">&nbsp;</p>
+</div>
+<br class="clear">
+</div>
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer></div>
+</div>
+</body>
+</html>
diff --git a/Ch11/paypalcart/admin_add_artist.php b/Ch11/paypalcart/admin_add_artist.php
new file mode 100644
index 0000000..3d98109
--- /dev/null
+++ b/Ch11/paypalcart/admin_add_artist.php
@@ -0,0 +1,112 @@
+<?php                                                                                     
+session_start();
+// Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 3;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section --> 
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// Confirm that form has been submitted
+// Has the form has been submitted?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require("process_admin_artist.php");
+}
+?>
+<form  action="admin_page.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add an Artist</h2>
+<h5>If the artist uses only one name (e.g., Picasso) enter it as the last name</h5> 
+</div>
+</div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">Artist's First Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  placeholder="Artist's First Name" maxlength="30"
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	   value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="middle_name" class="col-sm-4 col-form-label text-right">Artist's Middle Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="middle_name" name="middle_name" 
+	  placeholder="Artist's Middle Name" maxlength="30"
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" title="Alphabetic, period and space only max of 30 characters"
+	   value=
+		"<?php if (isset($_POST['middle_name'])) 
+		echo htmlspecialchars($_POST['middle_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Artist's Last Name:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  placeholder="Artist's Last Name" maxlength="30" required
+	   pattern="[a-zA-Z][a-zA-Z\s\']*" title="Alphabetic, quote and space only max of 30 characters"
+	    value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+ type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/admin_add_painting.php b/Ch11/paypalcart/admin_add_painting.php
new file mode 100644
index 0000000..8b9e2b2
--- /dev/null
+++ b/Ch11/paypalcart/admin_add_painting.php
@@ -0,0 +1,156 @@
+<?php                                                                                     
+session_start();
+ //Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 1;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require('process_add_painting.php'); }
+?>
+<form  action="admin_add_painting.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add a Painting</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="thumb" class="col-sm-4 col-form-label text-right">Thumbnail:</label>
+    <div class="col-sm-8">
+      <input type="url" class="form-control" id="thumb" name="thumb" 
+	  placeholder="Thumbnail Address" maxlength="50" required
+	   value=
+		"<?php if (isset($_POST['thumb'])) 
+		echo htmlspecialchars($_POST['thumb'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+     <div class="form-group row">
+      <label for="type" class="col-sm-4 col-form-label text-right">Type:</label>
+	  <div class="col-sm-8">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Still Life</option>
+	<option value="Nature">Nature</option>
+	<option value="Abstract">Abstract</option>
+	</select>
+	</div>
+	</div>
+	  <div class="form-group row">
+      <label for="medium" class="col-sm-4 col-form-label text-right">Medium:</label>
+	  <div class="col-sm-8">
+      <select id="medium" name="medium" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Oil-painting">Oil Painting</option>
+	<option value="Colored-etching">Colored Etching</option>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+      <label for="artist" class="col-sm-4 col-form-label text-right">Artist:</label>
+	  <div class="col-sm-8">
+      <select id="artist" name="artist" class="form-control">
+        <option selected value="">- Select -</option>
+		<?php
+require ('mysqli_connect.php'); // Connect to the database
+		$q = "SELECT first_name, middle_name, last_name FROM artists";			
+		$result = mysqli_query ($dbcon, $q); // Run the query.
+        while ($row = mysqli_fetch_assoc($result)) {
+			 $first_name = htmlspecialchars($_row['first_name'], ENT_QUOTES);
+			 $middle_name = htmlspecialchars($_row['middle_name'], ENT_QUOTES);
+			 $last_name = htmlspecialchars($_row['last_name'], ENT_QUOTES);
+			$value = $first_name . "-" . $middle_name . "-" . $last_name;
+		    $display = $first_name . " " . $middle_name . " " . $last_name;
+            echo "<option value='$value'>$display</option>";
+        }	
+		?>
+</select></div></div>
+<div class="form-group row">
+    <label for="mini_descr" class="col-sm-4 col-form-label text-right">Brief Description:</label>
+	<div class="col-sm-8">
+    <textarea class="form-control" id="mini_descr" name="mini_descr" rows="3" 
+	maxlength="150" required></textarea>
+  </div>
+  </div>
+<div class="form-group row">
+    <label for="ppcode" class="col-sm-4 col-form-label text-right">PayPal Code:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="ppcode" name="ppcode" 
+	  placeholder="PayPal Code" maxlength="45" required
+	   value=
+		"<?php if (isset($_POST['ppcode'])) 
+		echo htmlspecialchars($_POST['ppcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="price" class="col-sm-4 col-form-label text-right">Price:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="price" name="price" 
+	  placeholder="Price" maxlength="10" required
+	   value=
+		"<?php if (isset($_POST['price'])) 
+		echo htmlspecialchars($_POST['price'], ENT_QUOTES); ?>" >
+	  Figures only, no &pound;s, $s or commas
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" 
+	id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/admin_page.php b/Ch11/paypalcart/admin_page.php
new file mode 100644
index 0000000..b225a68
--- /dev/null
+++ b/Ch11/paypalcart/admin_page.php
@@ -0,0 +1,164 @@
+<?php                                                                                     
+session_start();
+ //Data from valid source?
+if (!isset($_SESSION['user_id']))
+{ header("Location: index.php");
+exit();
+} else {
+if (($_SESSION['user_level'] != 1))
+{ header("Location: index.php");
+exit();
+}}
+$menu = 1;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require('process_add_painting.php'); }
+?>
+<form  action="admin_add_painting.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Add a Painting</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="thumb" class="col-sm-4 col-form-label text-right">Thumbnail:</label>
+    <div class="col-sm-8">
+      <input type="url" class="form-control" id="thumb" name="thumb" 
+	  placeholder="Thumbnail Address" maxlength="50" required
+	   value=
+		"<?php if (isset($_POST['thumb'])) 
+		echo htmlspecialchars($_POST['thumb'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+     <div class="form-group row">
+      <label for="type" class="col-sm-4 col-form-label text-right">Type:</label>
+	  <div class="col-sm-8">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Still-life">Still Life</option>
+	<option value="Nature">Nature</option>
+	<option value="Abstract">Abstract</option>
+	</select>
+	</div>
+	</div>
+	  <div class="form-group row">
+      <label for="medium" class="col-sm-4 col-form-label text-right">Medium:</label>
+	  <div class="col-sm-8">
+      <select id="medium" name="medium" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Oil-painting">Oil Painting</option>
+	<option value="Colored-etching">Colored Etching</option>
+</select>
+</div>
+</div>
+ <div class="form-group row">
+      <label for="artist" class="col-sm-4 col-form-label text-right">Artist:</label>
+	  <div class="col-sm-8">
+      <select id="artist" name="artist" class="form-control">
+        <option selected value="">- Select -</option>
+		<?php
+require ('mysqli_connect.php'); // Connect to the database
+		$q = "SELECT first_name, middle_name, last_name FROM artists";			
+		$result = mysqli_query ($dbcon, $q); // Run the query.
+        while ($row = mysqli_fetch_assoc($result)) {
+			 $first_name = htmlspecialchars($_row['first_name'], ENT_QUOTES);
+			 $middle_name = htmlspecialchars($_row['middle_name'], ENT_QUOTES);
+			 $last_name = htmlspecialchars($_row['last_name'], ENT_QUOTES);
+			$value = $first_name . "-" . $middle_name . "-" . $last_name;
+		    $display = $first_name . " " . $middle_name . " " . $last_name;
+            echo "<option value='$value'>$display</option>";
+        }	
+		?>
+</select></div></div>
+<div class="form-group row">
+    <label for="mini_descr" class="col-sm-4 col-form-label text-right">Brief Description:</label>
+	<div class="col-sm-8">
+    <textarea class="form-control" id="mini_descr" name="mini_descr" rows="3" 
+	maxlength="150" required></textarea>
+  </div>
+  </div>
+<div class="form-group row">
+    <label for="ppcode" class="col-sm-4 col-form-label text-right">PayPal Code:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="ppcode" name="ppcode" 
+	  placeholder="PayPal Code" maxlength="45" required
+	  value=
+		"<?php if (isset($_POST['ppcode'])) 
+		echo htmlspecialchars($_POST['ppcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="price" class="col-sm-4 col-form-label text-right">Price:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="price" name="price" 
+	  placeholder="Price" maxlength="10" required
+	  value=
+		"<?php if (isset($_POST['price'])) 
+		echo htmlspecialchars($_POST['price'], ENT_QUOTES); ?>" >
+	  Figures only, no &pound;s, $s or commas
+    </div>
+  </div>
+ <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+ <div class="g-recaptcha" style="padding-left: 50px;"
+ data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+ </div>
+ </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" 
+	id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/forgot.php b/Ch11/paypalcart/forgot.php
new file mode 100644
index 0000000..d72e5ae
--- /dev/null
+++ b/Ch11/paypalcart/forgot.php
@@ -0,0 +1,93 @@
+<?php
+$menu = 5;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+	require("process_forgot.php");
+}
+?>
+<form  action="forgot.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Forgot Your Password?</h2>
+<h6>When you apply, you will receive your new password in an email. Read that 
+email as soon as possible. Don't delay! For 
+maximum security, immediately login with your new password. Then change the 
+password as quickly as possible.</h6>  
+</div>
+</div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">Your email address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="Email" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+ <div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Secret Answer:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  placeholder="Secret Question Answer" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['secret'])) 
+		echo htmlspecialchars($_POST['secret'], ENT_QUOTES); ?>" >
+	  If you don't know your secret answer, contact our service department.
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/found_paintings.php b/Ch11/paypalcart/found_paintings.php
new file mode 100644
index 0000000..9a660f6
--- /dev/null
+++ b/Ch11/paypalcart/found_paintings.php
@@ -0,0 +1,56 @@
+<?php
+session_start();
+$menu = 2;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Found Paintings</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-12 text-center mx-auto" 
+  style="color: black; padding:10px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<h3 style="color: white;">To buy a painting please click its Add to Cart link</h3>
+<?php
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+$_SESSION['type'] = $_POST['type'];
+$_SESSION['price'] = $_POST['price'];
+require("process_found_pics.php");
+}
+?>
+<p style="color:white">No paintings displayed? Either we have nothing that matches 
+your requirements at the moment OR you may have forgotten to select 
+BOTH the search fields. Please click the Home Page button and try again.</p>
+</div>
+	</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div><!--End of content-->
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/images/L-looking-back-a-beer.jpg b/Ch11/paypalcart/images/L-looking-back-a-beer.jpg
new file mode 100644
index 0000000..bf6152f
Binary files /dev/null and b/Ch11/paypalcart/images/L-looking-back-a-beer.jpg differ
diff --git a/Ch11/paypalcart/images/L-silver-studded-blue.jpg b/Ch11/paypalcart/images/L-silver-studded-blue.jpg
new file mode 100644
index 0000000..c45da2f
Binary files /dev/null and b/Ch11/paypalcart/images/L-silver-studded-blue.jpg differ
diff --git a/Ch11/paypalcart/images/Thumbs.db b/Ch11/paypalcart/images/Thumbs.db
new file mode 100644
index 0000000..faaaabf
Binary files /dev/null and b/Ch11/paypalcart/images/Thumbs.db differ
diff --git a/Ch11/paypalcart/images/aw-brown-vessel-200.jpg b/Ch11/paypalcart/images/aw-brown-vessel-200.jpg
new file mode 100644
index 0000000..df6dde2
Binary files /dev/null and b/Ch11/paypalcart/images/aw-brown-vessel-200.jpg differ
diff --git a/Ch11/paypalcart/images/aw-brown-vessel-thumb.jpg b/Ch11/paypalcart/images/aw-brown-vessel-thumb.jpg
new file mode 100644
index 0000000..26dcaa5
Binary files /dev/null and b/Ch11/paypalcart/images/aw-brown-vessel-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/aw-brown-vessel.jpg b/Ch11/paypalcart/images/aw-brown-vessel.jpg
new file mode 100644
index 0000000..8f62c17
Binary files /dev/null and b/Ch11/paypalcart/images/aw-brown-vessel.jpg differ
diff --git a/Ch11/paypalcart/images/aw-white-jug-home.jpg b/Ch11/paypalcart/images/aw-white-jug-home.jpg
new file mode 100644
index 0000000..8f92b65
Binary files /dev/null and b/Ch11/paypalcart/images/aw-white-jug-home.jpg differ
diff --git a/Ch11/paypalcart/images/aw-white-jug-thumb.jpg b/Ch11/paypalcart/images/aw-white-jug-thumb.jpg
new file mode 100644
index 0000000..426d3df
Binary files /dev/null and b/Ch11/paypalcart/images/aw-white-jug-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/aw-white-jug.jpg b/Ch11/paypalcart/images/aw-white-jug.jpg
new file mode 100644
index 0000000..d0d8f25
Binary files /dev/null and b/Ch11/paypalcart/images/aw-white-jug.jpg differ
diff --git a/Ch11/paypalcart/images/cart.jpg b/Ch11/paypalcart/images/cart.jpg
new file mode 100644
index 0000000..27213e0
Binary files /dev/null and b/Ch11/paypalcart/images/cart.jpg differ
diff --git a/Ch11/paypalcart/images/dove-1.png b/Ch11/paypalcart/images/dove-1.png
new file mode 100644
index 0000000..69a4410
Binary files /dev/null and b/Ch11/paypalcart/images/dove-1.png differ
diff --git a/Ch11/paypalcart/images/green-grad-800.jpg b/Ch11/paypalcart/images/green-grad-800.jpg
new file mode 100644
index 0000000..696ad2b
Binary files /dev/null and b/Ch11/paypalcart/images/green-grad-800.jpg differ
diff --git a/Ch11/paypalcart/images/home.jpg b/Ch11/paypalcart/images/home.jpg
new file mode 100644
index 0000000..002c2c4
Binary files /dev/null and b/Ch11/paypalcart/images/home.jpg differ
diff --git a/Ch11/paypalcart/images/k-abstract-squares-thumb.jpg b/Ch11/paypalcart/images/k-abstract-squares-thumb.jpg
new file mode 100644
index 0000000..80362b7
Binary files /dev/null and b/Ch11/paypalcart/images/k-abstract-squares-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/k-abstract-thumb.jpg b/Ch11/paypalcart/images/k-abstract-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/paypalcart/images/k-abstract-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/k-copper-kettle-300.jpg b/Ch11/paypalcart/images/k-copper-kettle-300.jpg
new file mode 100644
index 0000000..7bbaf16
Binary files /dev/null and b/Ch11/paypalcart/images/k-copper-kettle-300.jpg differ
diff --git a/Ch11/paypalcart/images/k-copper-kettle-home.jpg b/Ch11/paypalcart/images/k-copper-kettle-home.jpg
new file mode 100644
index 0000000..957e09d
Binary files /dev/null and b/Ch11/paypalcart/images/k-copper-kettle-home.jpg differ
diff --git a/Ch11/paypalcart/images/k-copper-kettle-thumb.jpg b/Ch11/paypalcart/images/k-copper-kettle-thumb.jpg
new file mode 100644
index 0000000..27ca9f7
Binary files /dev/null and b/Ch11/paypalcart/images/k-copper-kettle-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/k-stil-life-2.jpg b/Ch11/paypalcart/images/k-stil-life-2.jpg
new file mode 100644
index 0000000..f22b330
Binary files /dev/null and b/Ch11/paypalcart/images/k-stil-life-2.jpg differ
diff --git a/Ch11/paypalcart/images/k-stil-life-3.jpg b/Ch11/paypalcart/images/k-stil-life-3.jpg
new file mode 100644
index 0000000..7e92b77
Binary files /dev/null and b/Ch11/paypalcart/images/k-stil-life-3.jpg differ
diff --git a/Ch11/paypalcart/images/k-stil-life-thumb.jpg b/Ch11/paypalcart/images/k-stil-life-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/paypalcart/images/k-stil-life-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/k-still-life-thumb.jpg b/Ch11/paypalcart/images/k-still-life-thumb.jpg
new file mode 100644
index 0000000..35ac664
Binary files /dev/null and b/Ch11/paypalcart/images/k-still-life-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/large files/L-looking-back-a-beer.jpg b/Ch11/paypalcart/images/large files/L-looking-back-a-beer.jpg
new file mode 100644
index 0000000..bf6152f
Binary files /dev/null and b/Ch11/paypalcart/images/large files/L-looking-back-a-beer.jpg differ
diff --git a/Ch11/paypalcart/images/large files/L-silver-studded-blue.jpg b/Ch11/paypalcart/images/large files/L-silver-studded-blue.jpg
new file mode 100644
index 0000000..c45da2f
Binary files /dev/null and b/Ch11/paypalcart/images/large files/L-silver-studded-blue.jpg differ
diff --git a/Ch11/paypalcart/images/large files/L-silver-washed=fritillary.jpg b/Ch11/paypalcart/images/large files/L-silver-washed=fritillary.jpg
new file mode 100644
index 0000000..9067c77
Binary files /dev/null and b/Ch11/paypalcart/images/large files/L-silver-washed=fritillary.jpg differ
diff --git a/Ch11/paypalcart/images/large files/Thumbs.db b/Ch11/paypalcart/images/large files/Thumbs.db
new file mode 100644
index 0000000..b80fb46
Binary files /dev/null and b/Ch11/paypalcart/images/large files/Thumbs.db differ
diff --git a/Ch11/paypalcart/images/large files/aw-brown-vessel-200.jpg b/Ch11/paypalcart/images/large files/aw-brown-vessel-200.jpg
new file mode 100644
index 0000000..df6dde2
Binary files /dev/null and b/Ch11/paypalcart/images/large files/aw-brown-vessel-200.jpg differ
diff --git a/Ch11/paypalcart/images/large files/aw-brown-vessel.jpg b/Ch11/paypalcart/images/large files/aw-brown-vessel.jpg
new file mode 100644
index 0000000..8f62c17
Binary files /dev/null and b/Ch11/paypalcart/images/large files/aw-brown-vessel.jpg differ
diff --git a/Ch11/paypalcart/images/large files/aw-white-jug-200.jpg b/Ch11/paypalcart/images/large files/aw-white-jug-200.jpg
new file mode 100644
index 0000000..87f6c8a
Binary files /dev/null and b/Ch11/paypalcart/images/large files/aw-white-jug-200.jpg differ
diff --git a/Ch11/paypalcart/images/large files/aw-white-jug-home.jpg b/Ch11/paypalcart/images/large files/aw-white-jug-home.jpg
new file mode 100644
index 0000000..35425ca
Binary files /dev/null and b/Ch11/paypalcart/images/large files/aw-white-jug-home.jpg differ
diff --git a/Ch11/paypalcart/images/large files/aw-white-jug.jpg b/Ch11/paypalcart/images/large files/aw-white-jug.jpg
new file mode 100644
index 0000000..d0d8f25
Binary files /dev/null and b/Ch11/paypalcart/images/large files/aw-white-jug.jpg differ
diff --git a/Ch11/paypalcart/images/large files/k-copper-kettle-380.jpg b/Ch11/paypalcart/images/large files/k-copper-kettle-380.jpg
new file mode 100644
index 0000000..e1c21f0
Binary files /dev/null and b/Ch11/paypalcart/images/large files/k-copper-kettle-380.jpg differ
diff --git a/Ch11/paypalcart/images/large files/k-stil-life-2.jpg b/Ch11/paypalcart/images/large files/k-stil-life-2.jpg
new file mode 100644
index 0000000..f22b330
Binary files /dev/null and b/Ch11/paypalcart/images/large files/k-stil-life-2.jpg differ
diff --git a/Ch11/paypalcart/images/large files/k-stil-life-3.jpg b/Ch11/paypalcart/images/large files/k-stil-life-3.jpg
new file mode 100644
index 0000000..7e92b77
Binary files /dev/null and b/Ch11/paypalcart/images/large files/k-stil-life-3.jpg differ
diff --git a/Ch11/paypalcart/images/large files/k-stil-life-300.jpg b/Ch11/paypalcart/images/large files/k-stil-life-300.jpg
new file mode 100644
index 0000000..01bbc4f
Binary files /dev/null and b/Ch11/paypalcart/images/large files/k-stil-life-300.jpg differ
diff --git a/Ch11/paypalcart/images/prints.jpg b/Ch11/paypalcart/images/prints.jpg
new file mode 100644
index 0000000..01a7209
Binary files /dev/null and b/Ch11/paypalcart/images/prints.jpg differ
diff --git a/Ch11/paypalcart/images/rsb-beer-thumb.jpg b/Ch11/paypalcart/images/rsb-beer-thumb.jpg
new file mode 100644
index 0000000..196ca9c
Binary files /dev/null and b/Ch11/paypalcart/images/rsb-beer-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/rsb-blue-thumb.jpg b/Ch11/paypalcart/images/rsb-blue-thumb.jpg
new file mode 100644
index 0000000..fe2b0c9
Binary files /dev/null and b/Ch11/paypalcart/images/rsb-blue-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/rsb-fritillary-thumb.jpg b/Ch11/paypalcart/images/rsb-fritillary-thumb.jpg
new file mode 100644
index 0000000..1ea329f
Binary files /dev/null and b/Ch11/paypalcart/images/rsb-fritillary-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/rsb-lyme-thumb.jpg b/Ch11/paypalcart/images/rsb-lyme-thumb.jpg
new file mode 100644
index 0000000..ddb1800
Binary files /dev/null and b/Ch11/paypalcart/images/rsb-lyme-thumb.jpg differ
diff --git a/Ch11/paypalcart/images/title.jpg b/Ch11/paypalcart/images/title.jpg
new file mode 100644
index 0000000..5e38df9
Binary files /dev/null and b/Ch11/paypalcart/images/title.jpg differ
diff --git a/Ch11/paypalcart/images/unavailable.png b/Ch11/paypalcart/images/unavailable.png
new file mode 100644
index 0000000..41374c4
Binary files /dev/null and b/Ch11/paypalcart/images/unavailable.png differ
diff --git a/Ch11/paypalcart/includes/footer.php b/Ch11/paypalcart/includes/footer.php
new file mode 100644
index 0000000..6f56f56
--- /dev/null
+++ b/Ch11/paypalcart/includes/footer.php
@@ -0,0 +1 @@
+<p class="h6 col-sm-12" style="color:black;">Footer goes here</p>
\ No newline at end of file
diff --git a/Ch11/paypalcart/includes/header.php b/Ch11/paypalcart/includes/header.php
new file mode 100644
index 0000000..01b383d
--- /dev/null
+++ b/Ch11/paypalcart/includes/header.php
@@ -0,0 +1,114 @@
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js"></script>
+  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js"></script>
+<div class="col-sm-2" >
+<img class="img-fluid" style="padding-top: 5px; height=200" src="images/dove-1.png" alt="dove"> 
+</div>
+<div class="col-sm-6" style="color :white; padding-top: 5%;">
+ <div class="h1 mb-2 font-bold text-left" >The Dove Gallery</div>
+ <p class='lead text-center'>Affordable Original Paintings</p>
+</div>
+
+<div class="col-sm-4" style="padding-top: 10px; padding-bottom: 10px;">
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu">
+    <span class="navbar-toggler-icon"></span>
+  </button>
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+     
+	<?php
+	 switch ($menu) {
+	case 1: //admin_page.php
+	    ?>
+		 <li class="nav-item">
+         <a class="btn btn-primary" id="buttons" href="admin_page.php" role="button">Add Another</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="admin_add_artist.php" role="button">Add Artist</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="#" role="button">New Password</a>
+		 </li>
+		 <li class="nav-item">
+	     <a class="btn btn-primary" id="buttons" href="Logout.php" role="button">Logout</a>
+		 </li>
+		<?php
+        break;	 	 
+    case 2: // added.php, cart.php, found_pics_cart.php
+	    ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="index.php" role="button">Home Page</a>
+		</li>
+		<form name="_xclick" target="paypal"
+		action="https://www.paypal.com/uk/cgi-bin/webscr" method="post">
+		<input type="hidden" name="cmd" value="_cart">
+		<input type="hidden" name="business" value="me@mybusiness.co.uk">
+		<input type="image" src="https://www.paypal.com/en_GB/i/btn/view_cart.gif" border="0" name="submit" 
+		alt="Make payments with PayPal - it's fast, free and secure!">
+		<input type="hidden" name="display" value="1">
+		</form>
+		<?php
+        break;
+    case 3: //admin_page.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="admin_add_artist.php" role="button">Add Another</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="admin_page.php" role="button">Add Painting</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="#" role="button">New Password</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="Logout.php" role="button">Logout</a>
+		</li>
+		<?php
+        break;
+    case 4: // index.php  case 5 - forgot.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="register.php" role="button">Register</a>
+		</li>
+		<li class="nav-item">
+	    <a class="btn btn-primary" id="buttons" href="Login.php" role="button">Login</a>
+		</li>
+		<?php
+        break;
+	case 7: // login.php user_search_page.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="index.php" role="button">Home</a>
+		</li>
+		For our newletter
+		<?php
+        break;
+	case 8: //; register.php
+        ?> 
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="register.php" role="button">Erase</a>
+		</li>
+		<?php
+        break;
+	case 9: //register_thanks.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="Login.php" role="button">Login</a>
+        </li>	
+		<?php
+        break;
+	case 10: //checkout.php
+        ?>
+		<li class="nav-item">
+        <a class="btn btn-primary" id="buttons" href="logout.php" role="button">Logout</a>
+        </li>	
+		<?php
+        break;
+}
+	?>
+	</ul>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/paypalcart/includes/menu.php b/Ch11/paypalcart/includes/menu.php
new file mode 100644
index 0000000..5f44ec0
--- /dev/null
+++ b/Ch11/paypalcart/includes/menu.php
@@ -0,0 +1,27 @@
+
+
+
+<div style="padding-top: 10px; padding-bottom: 10px; padding-right: 15px;">
+     <nav class="float-right navbar navbar-expand-md navbar-dark">
+	<!--<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleMenu1">
+    <span class="navbar-toggler-icon"></span>
+    </button> 
+    Not activating above code makes menu invisible for small devices
+    -->
+	 <div class="btn-group-vertical btn-group-sm collapse navbar-collapse" id="collapsibleMenu1"  role="group" aria-label="Button Group">
+	 <ul class="navbar-nav flex-column" style="width: 140px;">
+      <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">About Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">FAQs</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="#" role="button">Contact Us</a>
+	 </li>
+	 <li class="nav-item">
+	 <a class="btn btn-primary" id="buttons" href="index.php" role="button">Home Page</a>
+	 </li>
+	 </div>
+    </nav>
+	</div>
\ No newline at end of file
diff --git a/Ch11/paypalcart/index.php b/Ch11/paypalcart/index.php
new file mode 100644
index 0000000..a421afa
--- /dev/null
+++ b/Ch11/paypalcart/index.php
@@ -0,0 +1,96 @@
+<?php
+$menu=7;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>PayPal Cart Index Page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 20px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-6 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of found paintings content-->
+	<form  action="found_paintings.php" method="post">
+<div class="form-group row">
+    <div class="col-sm-10 text-left" 
+	style="padding: 20px; padding-left: 30px;">
+	<h3>Welcome to the Dove Gallery</h3>
+	<h6 style="color: black;">
+	<b>All prices include frames, sales tax, delivery and insurance</b></h6>
+	<h2 class="text-center">Search for a painting</h2>
+	</div>
+    <div class="col-sm-6">
+</div>
+</div>
+	  <div class="form-group row">
+      <label for="type" class="col-sm-3 col-form-label text-right">
+	  Type:</label>
+	  <div class="col-sm-6">
+      <select id="type" name="type" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="still-life">Still Life</option>
+	<option value="nature">Nature</option>
+	<option value="abstract">Abstract</option>
+</select>
+</div>
+
+</div>
+ <div class="form-group row">
+      <label for="price" class="col-sm-3 col-form-label text-right">
+	  Maximum Price:</label>
+	  <div class="col-sm-6">
+      <select id="price" name="price" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="40">&pound;40</option>
+	<option value="80">&pound;80</option>
+	<option value="800">&pound;800</option>
+</select>
+</div>
+</div>
+	 <div class="form-group row">
+
+  <label class="col-sm-3 col-form-label"></label>
+  <div class="col-sm-6">
+<input id="submit" class="btn btn-primary" 
+ type="submit" name="submit" value="Submit">
+</div>
+</div>
+</form><!--End of the search content-->
+</div>
+<div class="col-sm-3 text-center" style="padding:0px; margin-top: 5px;">
+<img alt="Copper Kettle by James Kessell" class="img-fluid float-left" 
+style="margin-top: 20px;" src="images/k-copper-kettle-300.jpg"> 
+</div>
+<aside class="col-sm-3" id="includemenu">
+    <?php include('includes/menu.php'); ?> 
+</aside>
+</div>
+<div class="form-group row">
+<label class="col-sm-4"></label>
+<div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
+
diff --git a/Ch11/paypalcart/login-files/login.php b/Ch11/paypalcart/login-files/login.php
new file mode 100644
index 0000000..640deaf
--- /dev/null
+++ b/Ch11/paypalcart/login-files/login.php
@@ -0,0 +1,47 @@
+<!doctype html>
+<html lang="en">
+<head>
+<title>Login page</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="msgboard.css">
+<style type="text/css">
+h2 { color:navy; }
+/*#tab-navigation ul { margin-left:140px; }*/
+form { padding-left:260px; width:200px;}
+.label { width:120px; float:left; text-align:right;}
+form p { width:280px; }
+p.submit {margin-left:125px; }
+</style>
+</head>
+<body>
+<br>
+<div id='container'>
+<header>
+<?php include ( 'includes/header_login.php' ) ;?>
+</header>
+<?php
+// Display any error messages if present.
+if ( isset( $errors ) AND !empty( $errors ) )
+{
+ echo '<p id="err_msg">A problem occurred:<br>' ;
+ foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
+ echo 'Please try again or <a href="register-page.php">Register</a></p>' ;
+}
+?>
+<!-- Display the login form fields -->
+<h2>Login</h2>
+<form action="process_login.php" method="post">
+<p><label class="label" for="user_name">User Name:</label><input id="user_name" type="text" 
+name="user_name" size="16" maxlength="16" value="<?php if (isset($_POST['user_name']))
+echo $_POST['user_name']; ?>"></p>
+<p><label class="label" for="passcode">Password:</label><input id="passcode" 
+type="password" name="passcode" size="16" maxlength="16" value="<?php if
+(isset($_POST['passcode'])) echo $_POST['passcode']; ?>" ></p>
+<p class="submit"><input type="submit" value="Login" ></p>
+</form>
+<footer>
+<?php include ( 'includes/footer.php' ) ; ?>
+</footer>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/login-files/login_functions.php b/Ch11/paypalcart/login-files/login_functions.php
new file mode 100644
index 0000000..7bc1283
--- /dev/null
+++ b/Ch11/paypalcart/login-files/login_functions.php
@@ -0,0 +1,48 @@
+<?php 
+// Function for loading the URL of pages
+function load( $page = 'login.php' )
+{
+  // The code for setting the page URL
+  $url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[ 'PHP_SELF' ] ) ;
+  // Trim the URL
+  $url = rtrim( $url, '/\\' ) ;
+  $url .= '/' . $page ;
+ //Redirect to the page and exit the script. 
+  header( "Location: $url" ) ; 
+  exit() ;
+}
+// Create a function to check user name and password 
+function validate( $dbcon, $user_name = '', $passcode = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the user name been entered?
+  if ( empty( $user_name ) ) 
+  { $errors[] = 'You forgot to enter your user name' ; 
+  } 
+  else  { $user_name = mysqli_real_escape_string( $dbcon, trim( $user_name ) ) ; 
+  }
+  // Has the password been entered
+  if ( empty( $passcode ) ) 
+  { $errors[] = 'Enter your password.' ; 
+  } 
+  else { $passcode = mysqli_real_escape_string( $dbcon, trim( $passcode ) ) ; 
+  }
+  $hp=password_hash($p, PASSWORD_BCRYPT);
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+    $q = "SELECT member_id, user_name FROM members WHERE user_name='$user_name' AND passcode='$hp')" ;  
+    $result = mysqli_query ( $dbcon, $q ) ;
+    if ( mysqli_num_rows( $result ) == 1 ) 
+    {
+      $row = mysqli_fetch_array ( $result, MYSQLI_ASSOC ) ;
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/paypalcart/login-files/process_login.php b/Ch11/paypalcart/login-files/process_login.php
new file mode 100644
index 0000000..0b895d0
--- /dev/null
+++ b/Ch11/paypalcart/login-files/process_login.php
@@ -0,0 +1,27 @@
+<?php
+// Was the form submitted?
+if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
+{
+// Connect to the database .
+  require ( 'mysqli_connect.php' ) ;
+// Load the validation functions.
+  require ( 'login_functions.php' ) ;
+// Check the login data
+  list ( $check, $data ) = validate ( $dbcon, $_POST[ 'user_name' ], $_POST[ 'passcode' ] ) ;
+// If successful, set session data and display the forum.php page
+  if ( $check )  
+  {
+// Access the session details
+    session_start();
+    $_SESSION[ 'member_id' ] = $data[ 'member_id' ] ;
+    $_SESSION[ 'user_name' ] = $data[ 'user_name' ] ;
+    load ( 'forum.php' ) ;
+  }
+// If it fails, set the error messages
+  else { $errors = $data; } 
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// If it unsuccessful continue to display the login page
+include ( 'login.php' ) ;
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/login.php b/Ch11/paypalcart/login.php
new file mode 100644
index 0000000..1a24a26
--- /dev/null
+++ b/Ch11/paypalcart/login.php
@@ -0,0 +1,107 @@
+<?php
+$menu = 7;
+if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
+//require("cap.php");
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// Display any error messages if present.
+if ( isset( $errors ) && !empty( $errors ) )
+{
+ echo '<p id="err_msg">A problem occurred:<br>' ;
+ foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
+ echo 'Please try again or <a href="register-page.php">Register</a></p>' ;
+}
+?>
+<!-- Display the login form fields -->
+<form  action="process_login.php" method="post">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2 style="margin-top: 10px;">Login</h2>
+</div>
+</div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+	</div>
+<div class="form-group row">
+    <label for="passcode" class="col-sm-4 col-form-label text-right">Password:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="passcode" name="passcode" 
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['passcode'])) 
+		echo htmlspecialchars($_POST['passcode'], ENT_QUOTES); ?>" >
+    </div>
+	</div>
+	<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+	<div class="g-recaptcha" style="padding-left: 50px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+</div>
+</div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <a href="forgot.php">Forgot Password?</a>
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add login content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/login_functions.php b/Ch11/paypalcart/login_functions.php
new file mode 100644
index 0000000..88ee47e
--- /dev/null
+++ b/Ch11/paypalcart/login_functions.php
@@ -0,0 +1,76 @@
+<?php 
+// Create a function to check user name and password 
+function validate( $dbcon, $email = '', $passcode = '')
+{
+  // Initiate the array to hold the error messages 
+  $errors = array() ; 
+  // Has the user name been entered?
+  if ( !empty( $email ) ) 
+  {  $user_name = trim( $email); 
+  }
+  if ( empty( $email ) ) 
+  { $errors[] = 'You forgot to enter your email' ; 
+  } 
+   
+  // Has the password been entered
+  if ( !empty( $passcode ) ) 
+  {  
+  $passcode = trim( $passcode ); 
+  }
+  if ( empty( $passcode ) ) 
+  { $errors[] = 'You forgot to enter your password.' ; 
+  } 
+  
+  // If everything is OK select the member_id and the user name from the members' table
+  if ( empty( $errors ) ) 
+  {
+	  
+	  try {
+ $query = "SELECT user_id, password, user_level FROM users WHERE email=?" ;  
+ 
+      $q = mysqli_stmt_init($dbcon);
+      mysqli_stmt_prepare($q, $query);
+
+        // bind $id to SQL Statement
+	  mysqli_stmt_bind_param($q, "s", $email); 
+
+       // execute query
+	   
+       mysqli_stmt_execute($q);
+
+$result = mysqli_stmt_get_result($q);
+
+$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
+
+if ((mysqli_num_rows($result) == 1) && 
+(password_verify($passcode, $row['password']))) {
+
+      return array( true, $row ) ; 
+    }
+    // If the user name and password do not match the database record, create an error message
+    else { $errors[] = 'The user name and password do not match our records.' ; 
+    }
+	  }
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Login | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Login Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Login Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Login | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Login Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Login Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+  }
+  // Retrieve the error messages
+  return array( false, $errors ) ; 
+}
\ No newline at end of file
diff --git a/Ch11/paypalcart/logout.php b/Ch11/paypalcart/logout.php
new file mode 100644
index 0000000..07c13b0
--- /dev/null
+++ b/Ch11/paypalcart/logout.php
@@ -0,0 +1,12 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+	$_SESSION = array(); // Destroy the variables
+	session_destroy(); // Destroy the session
+	setcookie('PHPSESSID', time()-3600,'/', 0, 0);//Destroy the cookie
+	header("location:index.php");
+	exit();
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/logs/error_log.log b/Ch11/paypalcart/logs/error_log.log
new file mode 100644
index 0000000..0519ecb
--- /dev/null
+++ b/Ch11/paypalcart/logs/error_log.log
@@ -0,0 +1 @@
+ 
\ No newline at end of file
diff --git a/Ch11/paypalcart/logs/exception_log.log b/Ch11/paypalcart/logs/exception_log.log
new file mode 100644
index 0000000..0519ecb
--- /dev/null
+++ b/Ch11/paypalcart/logs/exception_log.log
@@ -0,0 +1 @@
+ 
\ No newline at end of file
diff --git a/Ch11/paypalcart/mysqli_connect.php b/Ch11/paypalcart/mysqli_connect.php
new file mode 100644
index 0000000..83c304b
--- /dev/null
+++ b/Ch11/paypalcart/mysqli_connect.php
@@ -0,0 +1,11 @@
+<?php 
+// Create a connection to the shopperdb database and define the constantst
+DEFINE ('DB_USER', 'colossus');
+DEFINE ('DB_PASSWORD', 'Fstc0mput3r');
+DEFINE ('DB_HOST', 'localhost');
+DEFINE ('DB_NAME', 'paypaldb');
+// Make the connection:
+$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+// Set the encoding...optional but recommended
+mysqli_set_charset($dbcon, 'utf8');
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/paypaldb.sql b/Ch11/paypalcart/paypaldb.sql
new file mode 100644
index 0000000..373474e
--- /dev/null
+++ b/Ch11/paypalcart/paypaldb.sql
@@ -0,0 +1,270 @@
+-- phpMyAdmin SQL Dump
+-- version 4.7.4
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: May 28, 2018 at 08:37 PM
+-- Server version: 10.1.28-MariaDB
+-- PHP Version: 7.1.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `paypaldb`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `art`
+--
+
+CREATE TABLE `art` (
+  `art_id` int(8) UNSIGNED NOT NULL,
+  `thumb` varchar(50) NOT NULL,
+  `type` varchar(50) NOT NULL,
+  `price` decimal(6,2) UNSIGNED NOT NULL,
+  `medium` varchar(50) NOT NULL,
+  `artist` varchar(50) NOT NULL,
+  `mini_descr` varchar(150) NOT NULL,
+  `ppcode` text NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `art`
+--
+
+INSERT INTO `art` (`art_id`, `thumb`, `type`, `price`, `medium`, `artist`, `mini_descr`, `ppcode`) VALUES
+(1, '\"images/aw-brown-vessel-thumb.jpg\"', 'Still-life', '60.00', 'Oil-painting', 'Adrian-W-West', 'First exhibited in Coventry City Art Gallery 1968. Painted on durable tempered hardboard.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(2, '\"images/k-copper-kettle-thumb.jpg\"', 'Still-life', '750.00', 'Oil-painting', 'James-Kessell', 'James Kessell (RA and RABA) painted this on tempered hard board for an appreciative audience. It was exhibited at the Birmingham Art Gallery in 1967.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(3, '\"images/aw-white-jug-thumb.jpg\"', 'Still-life', '70.00', 'Oil-painting', 'Adrian-W-West', 'Painted on tempered hardboard in 1968 and exhibited first at Coventry City Art Gallery in the same year.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(4, '\"images/rsb-beer-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Looking back at Beer beach, South East Devon. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(5, '\"images/rsb-blue-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Roger produces excellent etchings of Devon\'s native butterflies. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(6, '\"images/rsb-fritillary-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'The silver washed fritillary is a less common Devon butterfly.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(7, '\"images/rsb-lyme-thumb.jpg\"', 'Nature', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Lyme Regis is a popular Devon seaside resort with a spectacular sea wall called the Cobb.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(22, '\"images/rsb-lyme-thumb.jpg\"', 'Landscape', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Lyme Regis is a popular Devon seaside resort with a spectacular sea wall called the Cobb.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(23, '\"images/k-abstract-squares-thumb.jpg\"', 'Abstract', '800.00', 'Oil-painting', 'James-Kessell', 'Composition of squares and circles in tasteful pastel colors. Painted on high quality tempered board.', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>'),
+(21, '\"images/rsb-beer-thumb.jpg\"', 'Landscape', '40.00', 'Colored-etching', 'Roger-St-Barbe', 'Looking back at Beer beach, South East Devon. ', '<form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\"> <input name=\"cmd\" value=\"_s-xclick\" type=\"hidden\"> <input name=\"hosted_button_id\" value=\"5159065\" type=\"hidden\"> <p> <input src=\"https://www.paypal.com/en_GB/i/btn/btn_cart_LG.gif\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\" style=\"float: left;\" border=\"0\" type=\"image\"> <img alt=\"\" src=\"https://www.paypal.com/en_GB/i/scr/pixel.gif\" border=\"0\" height=\"1\" width=\"1\"></p> </form>');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `artists`
+--
+
+CREATE TABLE `artists` (
+  `artist_id` int(8) UNSIGNED NOT NULL,
+  `first_name` varchar(30) DEFAULT NULL,
+  `middle_name` varchar(30) DEFAULT NULL,
+  `last_name` varchar(30) NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `artists`
+--
+
+INSERT INTO `artists` (`artist_id`, `first_name`, `middle_name`, `last_name`) VALUES
+(1, 'Adrian', 'W', 'West'),
+(2, 'Roger', 'St.', 'Barbe'),
+(3, 'James', '', 'Kessell'),
+(4, 'Charlie', 'S', 'Farnsbarns');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `orders`
+--
+
+CREATE TABLE `orders` (
+  `order_id` int(8) UNSIGNED NOT NULL,
+  `buyer_id` int(8) UNSIGNED NOT NULL,
+  `total_price` decimal(7,2) NOT NULL,
+  `order_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_contents`
+--
+
+CREATE TABLE `order_contents` (
+  `content_id` int(10) UNSIGNED NOT NULL,
+  `order_id` int(10) UNSIGNED NOT NULL,
+  `art_id` int(10) UNSIGNED NOT NULL,
+  `quantity` int(10) UNSIGNED NOT NULL DEFAULT '1',
+  `price` decimal(4,2) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Dumping data for table `order_contents`
+--
+
+INSERT INTO `order_contents` (`content_id`, `order_id`, `art_id`, `quantity`, `price`) VALUES
+(1, 2, 4, 1, '17.99'),
+(2, 3, 4, 1, '17.99'),
+(3, 4, 2, 1, '14.99'),
+(4, 5, 3, 1, '16.99'),
+(5, 6, 1, 1, '19.99'),
+(6, 7, 1, 1, '60.00'),
+(7, 8, 2, 1, '99.99'),
+(8, 15, 1, 1, '60.00'),
+(9, 16, 1, 1, '60.00');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `order_details`
+--
+
+CREATE TABLE `order_details` (
+  `ord_details_id` int(8) UNSIGNED NOT NULL,
+  `order_id` int(8) UNSIGNED NOT NULL,
+  `art_id` int(8) UNSIGNED NOT NULL,
+  `dispatch_date` datetime NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `user_id` mediumint(6) UNSIGNED NOT NULL,
+  `title` tinytext,
+  `first_name` varchar(30) NOT NULL,
+  `last_name` varchar(40) NOT NULL,
+  `email` varchar(50) NOT NULL,
+  `password` char(60) NOT NULL,
+  `registration_date` datetime NOT NULL,
+  `address1` varchar(50) NOT NULL,
+  `address2` varchar(50) DEFAULT NULL,
+  `city` varchar(50) NOT NULL,
+  `state_country` char(25) NOT NULL,
+  `zcode_pcode` char(10) NOT NULL,
+  `phone` char(15) DEFAULT NULL,
+  `secret` varchar(30) NOT NULL,
+  `user_level` int(1) NOT NULL DEFAULT '0'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`user_id`, `title`, `first_name`, `last_name`, `email`, `password`, `registration_date`, `address1`, `address2`, `city`, `state_country`, `zcode_pcode`, `phone`, `secret`, `user_level`) VALUES
+(1, 'Mr', 'Mike', 'Rosoft', 'miker@myisp.com', '$2y$10$UiiBhmXca.0/bwopveFq8uInuX.EVrecinUQYQG546WjAWwZLJNoe', '2017-12-06 08:43:41', '4 The Street', 'The Village', 'Townsville', 'USA', 'WA', '0123777888', '0', 0),
+(2, 'Mr', 'Jack', 'Smith', 'jsmith@outcook.com', '44fc2837cca3d8994cba9d02d94a15c1fe7b1d66', '2017-12-06 08:47:24', '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '0', 0),
+(4, 'Ms', 'Olive', 'Branch', 'obranch@myisp.co.uk', '$2y$10$5KM8jy5MwHIgfVchsdfE8OvuF1cT2VYqU6mte2CWBw1HjmEv3r.ES', '2017-12-06 12:20:33', '6 The Street', '', 'Townsville', 'UK', 'EX9 9PG', '01234777888', '0', 0),
+(5, 'Mr', 'Patrick', 'O\'Hara', 'pohara@myisp.org.uk', '$2y$10$0nmGDVmHdWusgFJRmVZADeL43Y7HCPViBrHj/Z2betxiMdMx5Y2sC', '2017-12-06 12:27:32', '5 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '0', 0),
+(6, 'Mr', 'Frank', 'Incense', 'fincense@myisp.net', '$2y$10$KCQhEftEJouWPfuOOVoRVOECY/oJTluxHRr85fWlz6nsfN4OHtCie', '2017-12-06 17:02:16', '6 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PS', '', '0', 0),
+(7, 'Miss', 'Annie', 'Versary', 'aversary@myisp.com', '$2y$10$IrQE3TTkWzNm93FP/VYf.O/yMWDJDpIn/.qjrmvN.I97fvakynuza', '2017-12-06 17:11:44', '7 The Street', 'The Village', 'Townsville', 'UK', 'EXP 6PG', '01234777888', '0', 0),
+(8, 'Mrs', 'Rose', 'Bush', 'rbush@myisp.co.uk', '$2y$10$R2auBMKMe/Qw2fFr8D.S8eUEENUz8r.YUth5NHAyskNYupUzBen5O', '2017-12-06 17:18:30', '7 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '0', 0),
+(9, 'Mrs', 'Annie', 'Mossity', 'amossity@myisp.org.uk', '$2y$10$amqmyEfaOfiZ0MkIzdO90uZMPw4Mi/4RR70nNd0nxaZSOlxlr.8DC', '2017-12-06 17:24:42', '4 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '01234777888', '0', 0),
+(10, 'Mr', 'Percy', 'Veer', 'pveer@myisp.com', '$2y$10$Wvdx/YO4cCcOQvyMVVtapO3F/eiz2Ow3yU9VcczGMC.dcgwbgIXMS', '2017-12-06 17:28:53', '7 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PG', '01234777888', '0', 0),
+(11, 'Mr', 'Darrel', 'Doo', 'ddoo@myisp.co.uk', '$2y$10$cTmJVcuUmTpCOIdQJ8MG3uwLmG7M7V3iE8zPXiNW2PQEdDQZMBftO', '2017-12-06 17:39:30', '5 The Street', 'The Village', 'Townsville', 'UK', 'EX7 9PP', '', '0', 0),
+(12, 'Mr', 'Stan', 'Dard', 'sdard@myisp.net', '$2y$10$YUYnU8UvOF/WUJ5h4VK4Qe.I48ZcAbedjPiDekKHlODduqGdJoI9i', '2017-12-06 18:02:04', '3 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '01234777888', '0', 0),
+(13, 'Mrs', 'Nora', 'Bone', 'nbone@myisp.com', '$2y$10$k9sMvE001164jjzJLs.OpOmb9LtluUEbR4GQ4RT5/rvSPNIqbL6gC', '2017-12-07 17:39:34', '6 The Street', '', 'Townsville', 'UK', 'EX7 9PP', '', '0', 0),
+(14, 'Mr', 'Barry', 'Cade', 'bcade@myisp.co.uk', '$2y$10$TOr.IZq/joHIKSk0Oo.jE.yWau48sUSgtC5TzKJ0sl0AoO2Bsk3lW', '2017-12-08 12:16:58', '5 The Street', '', 'Townsville', 'UK', 'EX7 9PG', '01234777888', '0', 0),
+(16, 'Miss', 'Lynn', 'Seed', 'lseed@myisp.com', '$2y$10$nEs3Zhh4V5ZznpcPzGs9gOWupjY2NgV87DPpLu2DjqsdyBNRjf4/C', '2017-12-16 20:03:16', '6 The Street', '', 'Townsville', 'UK', 'EX24 6PG', '01234777888', '0', 0),
+(17, 'Mr', 'Barry', 'Tone', 'btone@myisp.net', '$2y$10$w4zMq7ij7NmVDeBBKDSmbu963EwchZwAHPZmgZmTQAQ8Gha2jTD5W', '2017-12-16 20:16:40', '2 The Street', '', 'Townsville', 'USA', 'CA12345', '', '0', 0),
+(30, 'Mr', 'Terry', 'Fide', 'tfide@myisp.de', '$2y$10$lePdxFz7ZKn/bJ41BS0h/ehWyIL2ZgK123iPQJahNCaRjgxVY3Rfq', '2017-12-29 11:28:43', '2 The Street', 'The Village', 'Townsville', 'Germany', 'BL1234', '', '0', 0),
+(31, 'Miss', 'Dee', 'Jected', 'djected@myisp.org.uk', '$2y$10$ujpV7w4blsTdQFWOsE1fiOFYtj9zN4w0WcK5V4WJ60Pc5HWodWlGC', '2017-12-29 11:48:04', '3 The Street', 'The Village', 'Townsville', 'UK', 'EX3 1TH', '', '0', 0),
+(32, 'Mr', 'James', 'Smith', 'jsmith@myisp.co.uk', '$2y$10$Yu.c/cw/TSFa9vcMBGAfAe5vzyOwp3SZarBVc/9vEksfp.F8BzSiW', '2017-12-29 11:58:51', '2 The Street', '', 'Townsville', 'UK', 'EX24 6PS', '01234777888', '0', 0);
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `art`
+--
+ALTER TABLE `art`
+  ADD PRIMARY KEY (`art_id`),
+  ADD KEY `art_name` (`thumb`,`price`);
+
+--
+-- Indexes for table `artists`
+--
+ALTER TABLE `artists`
+  ADD PRIMARY KEY (`artist_id`);
+
+--
+-- Indexes for table `orders`
+--
+ALTER TABLE `orders`
+  ADD PRIMARY KEY (`order_id`),
+  ADD KEY `buyer_id` (`buyer_id`,`order_date`);
+
+--
+-- Indexes for table `order_contents`
+--
+ALTER TABLE `order_contents`
+  ADD PRIMARY KEY (`content_id`);
+
+--
+-- Indexes for table `order_details`
+--
+ALTER TABLE `order_details`
+  ADD PRIMARY KEY (`ord_details_id`),
+  ADD KEY `order_id` (`order_id`,`art_id`,`dispatch_date`);
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`user_id`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `art`
+--
+ALTER TABLE `art`
+  MODIFY `art_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=36;
+
+--
+-- AUTO_INCREMENT for table `artists`
+--
+ALTER TABLE `artists`
+  MODIFY `artist_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=34;
+
+--
+-- AUTO_INCREMENT for table `orders`
+--
+ALTER TABLE `orders`
+  MODIFY `order_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT for table `order_contents`
+--
+ALTER TABLE `order_contents`
+  MODIFY `content_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=10;
+
+--
+-- AUTO_INCREMENT for table `order_details`
+--
+ALTER TABLE `order_details`
+  MODIFY `ord_details_id` int(8) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `user_id` mediumint(6) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=36;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/Ch11/paypalcart/process_add_painting.php b/Ch11/paypalcart/process_add_painting.php
new file mode 100644
index 0000000..3fa5d8c
--- /dev/null
+++ b/Ch11/paypalcart/process_add_painting.php
@@ -0,0 +1,120 @@
+<?php
+	$errors = array(); // Start an array to contain the error messages 
+// Check if a thumbnail url has been entered
+    $thumbtrim = trim($_POST['thumb']);
+	if ((!empty($thumbtrim)) && (filter_var($thumbtrim, FILTER_VALIDATE_URL))
+		&& (strlen($thumbtrim) <= 50)) {
+		// $thumb = $thumbtrim;
+	}
+	  else
+	  {
+        $errors[] = 'Missing thumbnail url or wrong format. Max 50.';
+	} 
+// Check for a type
+   $typetrim = trim($_POST['type']);
+   if ((!empty($typetrim)) && (preg_match('/[a-z\-\s\.]/i',$typetrim)) &&
+		(strlen($typetrim) <= 50)) {					
+	//Sanitize the trimmed type						
+	$typetrim = (filter_var($typetrim, FILTER_SANITIZE_STRING));					
+	}else{	
+	$errors[] = 'Type missing or not alphabetic, dash, period or space. Max 50.';
+	}
+// Has a price been entered?
+$pricetrim = trim($_POST['price']);		
+if ((!empty($pricetrim)) && (strlen($pricetrim) <= 10)) {					
+	//Sanitize the trimmed price					
+	$pricetrim = (filter_var($pricetrim, FILTER_SANITIZE_NUMBER_INT));
+    $pricetrim = preg_replace('/\D+/', '', ($pricetrim));	
+	}else{	
+	$errors[] = 'Price missing. Must be Numeric. Max ######.##.';
+	}
+// Has the medium been entered?
+ $mediumtrim = trim($_POST['medium']);
+   if ((!empty($mediumtrim)) && (preg_match('/[a-z\-\s\.]/i',$mediumtrim)) &&
+		(strlen($mediumtrim) <= 50)) {					
+	//Sanitize the trimmed medium						
+	$mediumtrim = (filter_var($mediumtrim, FILTER_SANITIZE_STRING));				
+	}else{	
+	$errors[] = 'Medium missing or not alphabetic, dash, period or space. Max 50.';
+	}
+	// Has the artist been entered?
+	$artisttrim = trim($_POST['artist']);
+   if ((!empty($artisttrim)) && (preg_match('/[a-z\-\s\.]/i',$artisttrim)) &&
+		(strlen($artisttrim) <= 50)) {					
+	//Sanitize the trimmed artist						
+	$artisttrim = (filter_var($artisttrim, FILTER_SANITIZE_STRING));				
+	}else{	
+	$errors[] = 'Artist missing or not alphabetic, dash, period or space. Max 50.';
+	}
+// Has a brief description been entered?
+   	$minitrim = trim($_POST['mini_descr']);
+    if ((!empty($minitrim)) && (preg_match('/[a-z\-\s\.]/i',$minitrim)) &&
+		(strlen($minitrim) <= 150)) {					
+	//Sanitize the trimmed artist						
+	$minitrim = (filter_var($minitrim, FILTER_SANITIZE_STRING));			
+	}else{	
+	$errors[] = 'Description missing or not alphabetic, dash, period or space. Max 50.';
+	}
+	 // Has the PPcode been entered?
+	$ppcodetrim = trim($_POST['ppcode']);
+    if ((!empty($ppcodetrim)) && (strlen($ppcodetrim) <= 45)) {					
+	//Sanitize the trimmed ppcode						
+	$ppcodetrim = (filter_var($minitrim, FILTER_SANITIZE_STRING));			
+	}else{	
+	$errors[] = 'PayPal Code missing or not alphabetic, dash, period or space. Max 50.';
+	}
+if (empty($errors)) { // If no errors were encountered
+	// Register the painting in the database
+try {
+		require ('mysqli_connect.php'); // Connect to the database
+		// Make the query:'
+		
+	$query = "INSERT INTO art (art_id, thumb, type, medium, artist, mini_descr, price, ppcode)"; 
+    $query .= "VALUES ";
+	$query .= "(' ', ?,?,?,?,?,?,?)"; 
+    $q = mysqli_stmt_init($dbcon);
+    mysqli_stmt_prepare($q, $query);
+    // use prepared statement to insure that only text is inserted
+    // bind fields to SQL Statement
+    mysqli_stmt_bind_param($q, 'sssssss', $thumbtrim, $typetrim, $mediumtrim, $artisttrim, $minitrim, $pricetrim, $ppcodetrim );
+    // execute query
+    mysqli_stmt_execute($q);
+    if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2 style="margin-left: 60px;">The painting was successfully registered</h2><br>';
+		} else { // If it was not registered
+		// Error message:
+			echo '<h2>System Error</h2>
+			<p class="error">The painting could not be added due to a system error. We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			// echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection.
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Add Painting | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Add Painting Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Add Painting Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Add Painting | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Add Painting Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Add Painting Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+	} else { // Display the errors.
+		echo '<h2>Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Print each error.
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h3>Please try again.</h3><p><br></p>';
+		}// End of if (empty($errors))
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/process_admin_page.php b/Ch11/paypalcart/process_admin_page.php
new file mode 100644
index 0000000..9e83197
--- /dev/null
+++ b/Ch11/paypalcart/process_admin_page.php
@@ -0,0 +1,91 @@
+<?php
+	$errors = array(); // Set an error array.
+// Has an artist's first name been entered?
+// Trim the first name
+    $first_name = trim($_POST['first_name']);
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$first_nametrim = (filter_var($first_name, FILTER_SANITIZE_STRING));
+    $first_nametrim = (filter_var($first_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$first_nametrim = NULL;
+	}
+// Has an artist's middle name been entered?
+    $middle_name = trim($_POST['middle_name']);
+// Strip HTML and apply escaping Is the middle name present? If it is, trim it
+if ((!empty($middle_name)) && (preg_match('/[a-z\s\.]/i',$middle_name)) &&
+		(strlen($middle_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$middle_nametrim = (filter_var($middle_name, FILTER_SANITIZE_STRING));
+    $middle_nametrim = (filter_var($middle_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$middle_nametrim = NULL;
+	}
+// Has the artist's last name been entered?
+    $last_name = trim($_POST['last_name']);
+// Strip HTML and apply escaping Is the last name present? If it is, trim it
+if ((!empty($last_name)) && (preg_match('/[a-z\s]/i',$last_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$last_nametrim = (filter_var($last_name, FILTER_SANITIZE_STRING));
+    $last_nametrim = (filter_var($last_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic and space characters. Max 30';
+	} 
+if (empty($errors)) { // If the wuery ran OK
+	// Register the artist in the database
+	
+	try {
+		require ('mysqli_connect.php'); // Connect to the db.
+		// Make the query:
+		$query = "INSERT INTO artists (artist_id, first_name, middle_name, last_name) ";
+        $query .= "VALUES ";
+	    $query .= "(' ',?,?,?)"; 
+        $q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // use prepared statement to insure that only text is inserted
+        // bind fields to SQL Statement
+        mysqli_stmt_bind_param($q, 'sss', $first_nametrim, $middle_nametrim, $last_nametrim);
+        // execute query
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {		
+		echo '<h2 class="col-sm-12 text-right">The artist was successfully added.</h2>';
+		} else { // If the query failed to run
+		// Message:
+			echo '<h2 class="col-sm-12 text-right" style="color: red;">System Error</h2>
+			<p class="error">The artist could not be added due to a system error. ';
+			echo 'We apologize for any inconvenience.</p>'; 
+			// Debugging message:
+			//echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' . $q . '</p>';
+		} // End of if ($result)
+		mysqli_close($dbcon); // Close the database connection
+	}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Admin Page | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Admin Page Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Admin Page Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Admin Page | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Admin Page Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Admin Page Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+	} else { // Display any errors
+		echo '<h2 class="col-sm-12 text-right" style="color: red;">Error!</h2>
+		<p class="error">The following error(s) occurred:<br>';
+		foreach ($errors as $msg) { // Display any errors
+			echo " - $msg<br>\n";
+		}
+		echo '</p><h6>Please try again.</h6><p><br></p>';
+		}// End of if error checks
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/process_forgot.php b/Ch11/paypalcart/process_forgot.php
new file mode 100644
index 0000000..a9cd4a7
--- /dev/null
+++ b/Ch11/paypalcart/process_forgot.php
@@ -0,0 +1,77 @@
+<?php
+	try {
+	require ('mysqli_connect.php');
+	// Assign the value FALSe to the variable $buyid 
+	$buyid = FALSE;
+// Validate the email address...
+if (!empty($_POST['email'])) {
+// Does that email address exist in the database?
+		$query = 'SELECT user_id, user_level, secret FROM users WHERE email=?';	
+		$q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+		$email = htmlspecialchars($_POST['email'], ENT_QUOTES);
+	    mysqli_stmt_bind_param($q, "s", $email); 
+       // execute query 
+        mysqli_stmt_execute($q);
+       $result = mysqli_stmt_get_result($q);
+       $row = mysqli_fetch_array($result, MYSQLI_NUM);
+	   $secret = htmlspecialchars($_POST['secret'], ENT_QUOTES);
+       if ((mysqli_num_rows($result) == 1) && ($row[1] == 0) &&
+	       ($row[2] == $secret ))
+	   {
+		$buyid = $row[0];
+		} else { // If the buyid for the email address was not retrieved
+			echo '<h6 style="padding-left:80px; padding-top: 20px;">If your e-mail and secret are correct, you will recieve an e-mail</h6>';
+		}
+		} 
+	if ($buyid) { // If buyid for the email address was retrieved, create a random password
+		$password = substr ( md5(uniqid(random_int(), true)), 5, 10);
+// Update the database table
+        $hassed_password = password_hash($password, PASSWORD_DEFAULT);			
+        $query = "UPDATE users SET password=? WHERE user_id=?";
+        $q = mysqli_stmt_init($dbcon);
+        mysqli_stmt_prepare($q, $query);
+        // bind $id to SQL Statement
+	    mysqli_stmt_bind_param($q, "si", $hassed_password, $buyid); 
+       // execute query 
+        mysqli_stmt_execute($q);
+        if (mysqli_stmt_affected_rows($q) == 1) {		   
+// Send an email to the buyer
+		$body = "Your password has been changed to '" . $password;
+		$body .= "'. Please login as soon as possible using the new password. ";
+		$body .= "Then change it immediately. otherwise, if a hacker has intercepted ";
+		$body .= "this email they will know your login details.";
+		mail ($email, 'Your new password.', $body, 'From: admin@thedovegallery.co.uk');
+// Echo a message and exit the code
+		echo '<h6 style="padding-left:80px; padding-top: 20px;">Your password has been changed. ';
+		echo 'You will shortly receive the new temporary password by email.</h6>';
+		mysqli_close($dbcon);
+		include ('includes/footer.php');
+		exit(); // Stop the script.
+		} else { // If the query failed to run
+			echo '<p class="error">Due to a system error, your password could not be changed. We apologize for any inconvenience.</p>'; 
+		}
+		} 
+	mysqli_close($dbcon);
+	}
+	catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Forgot Password | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Forgot Password Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Forgot Password Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Forgot Password | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Forgot Password Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Forgot Password Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/process_found_pics.php b/Ch11/paypalcart/process_found_pics.php
new file mode 100644
index 0000000..063fbf9
--- /dev/null
+++ b/Ch11/paypalcart/process_found_pics.php
@@ -0,0 +1,84 @@
+<?php
+//Connect to the database
+try {
+require ( 'mysqli_connect.php' ) ;
+// Select the first thre items items from the art table
+//$q = "SELECT * FROM art LIMIT 3";
+$type = htmlspecialchars($SESSION['type'], ENT_QUOTES);
+$price = htmlspecialchars($row['price'], ENT_QUOTES);
+$query = 
+"SELECT art_id, thumb, type, price, medium, artist, mini_descr, ppcode ";
+$query .= "FROM art WHERE type= ? AND price <= ? ORDER BY price DESC LIMIT 3";		
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// bind $id to SQL Statement
+mysqli_stmt_bind_param($q, "si", $type, $price); 
+// execute query 
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+//  $row = mysqli_fetch_array($result, MYSQLI_NUM);
+if (mysqli_num_rows($result) > 0) {
+
+//$result = mysqli_query( $dbcon, $q ) ;
+//if ( mysqli_num_rows( $result ) > 0 )
+//{
+// Table header
+?>
+<table class="table table-responsive table-striped" style="background: white;">
+<tr><th scope="col">Thumb</th>
+<th scope="col"><b>Type</b></th>
+<th scope="col"><b>Medium</b></th>
+<th scope="col"><b>Artist</b></th>
+<th scope="col"><b>Details</b></th>
+<th scope="col"><b>Price &pound;</b></th>
+<th scope="col"><b>Add to Cart</b></th>
+</tr>
+<?php	
+// Fetch the matching records and populate the table display
+while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+	$thumb = htmlspecialchars($row['thumb'], ENT_QUOTES);
+	$medium = htmlspecialchars($row['medium'], ENT_QUOTES);
+	$artist = htmlspecialchars($row['artist'], ENT_QUOTES);
+	$mini_descr = htmlspecialchars($row['mini_descr'], ENT_QUOTES);
+	$price = htmlspecialchars($row['price'], ENT_QUOTES);
+	$type = htmlspecialchars($row['type'], ENT_QUOTES);
+	$art_id = htmlspecialchars($row['art_id'], ENT_QUOTES);
+	echo '<tr>
+	<td><img src='.$thumb . '></td>
+	<td>' . $type . '</td>
+	<td>' . $medium . '</td>
+	<td>' . $artist . '</td>
+	<td>' . $mini_descr . '</td>
+	<td>' . $price . 
+	'<br><a href="added.php?id=' . $art_id . '">Add to Cart</a></td>
+	</tr>';
+	}
+?>
+</table>
+<?php
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// Or notify the user that no matching paintings were found
+else { echo '<p>There are currently no items matching your search criteria.</p>' ; }
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Found Pics | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Found Pics Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Found Pics Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Found Pics | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Found Pics Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Found Pics Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/process_login.php b/Ch11/paypalcart/process_login.php
new file mode 100644
index 0000000..d9ebc34
--- /dev/null
+++ b/Ch11/paypalcart/process_login.php
@@ -0,0 +1,32 @@
+<?php
+// Was the form submitted?
+if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
+{
+// Connect to the database .
+  require ( 'mysqli_connect.php' ) ;
+// Load the validation functions.
+  require ( 'login_functions.php' ) ;
+// Check the login data
+  list ( $check, $data ) = validate ( $dbcon, $_POST[ 'email' ], $_POST[ 'passcode' ] ) ;
+// If successful, set session data and display the forum.php page
+  if ( $check )  
+  {
+// Access the session details
+    session_start();
+    $_SESSION[ 'user_id' ] = $data[ 'user_id'];
+    $_SESSION[ 'email' ] = $data[ 'email' ] ;
+	$_SESSION[ 'user_level' ] = $data[ 'user_level' ];
+	if ($data[ 'user_level'] == 1) {
+    header ( 'Location: admin_page.php' ) ;
+	} else {
+	header ( 'Location: index.php' );
+  }
+  }
+// If it fails, set the error messages
+  else { $errors = $data; } 
+// Close the database connection.
+  mysqli_close( $dbcon ) ; 
+}
+// If it unsuccessful continue to display the login page
+include ( 'login.php' ) ;
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/process_register.php b/Ch11/paypalcart/process_register.php
new file mode 100644
index 0000000..e0cbaaf
--- /dev/null
+++ b/Ch11/paypalcart/process_register.php
@@ -0,0 +1,197 @@
+<?php
+// Has the form been submitted?
+try {
+require ('mysqli_connect.php'); // Connect to the database
+$errors = array(); // Initialize an error array.
+// --------------------check the entries-------------
+//Is the title present? If it is, trim it 
+    $title = trim($_POST['title']);			                                
+	if ((!empty($title)) && (preg_match('/[a-z\.\s]/i',$title)) &&
+		(strlen($title) <= 12)) {
+	//Sanitize the trimmed title						
+	$titletrim = (filter_var($title, FILTER_SANITIZE_STRING));							
+	}else{	
+	$titletrim = NULL; // Title is optional
+	}
+// Trim the first name
+    $first_name = trim($_POST['first_name']);
+// Strip HTML and apply escaping//	Is the first name present? If it is, trim it
+if ((!empty($first_name)) && (preg_match('/[a-z\s]/i',$first_name)) &&
+		(strlen($first_name) <= 30)) {				
+	//Sanitize the trimmed first name						
+	$first_nametrim = (filter_var($first_name, FILTER_SANITIZE_STRING));
+    $first_nametrim = (filter_var($first_nametrim, FILTER_SANITIZE_STRIPPED));	
+	}else{	
+	$errors[] = 'First name missing or not alphabetic and space characters. Max 30';
+	}
+	//Is the last name present? If it is, trim it and sanitize it
+	$last_name = trim($_POST['last_name']);		
+if ((!empty($last_name)) && (preg_match('/[a-z\-\s\']/i',$last_name)) &&
+		(strlen($last_name) <= 30)) {					
+	//Sanitize the trimmed last name						
+	$last_nametrim = (filter_var($last_name, FILTER_SANITIZE_STRING));	
+	$last_nametrim = (filter_var($last_nametrim, FILTER_SANITIZE_STRIPPED));				
+	}else{	
+	$errors[] = 'Last name missing or not alphabetic, dash, quote or space. Max 30.';
+	}
+// Set the email alias as false and check for an email address:
+//$e = FALSE;	                                                                #1								
+// Check that an email address has been entered				
+  $emailtrim = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL);	
+	if  ((empty($emailtrim)) || (!filter_var($emailtrim, FILTER_VALIDATE_EMAIL))) {
+		$errors[] = 'You forgot to enter your email address';
+		$errors[] = ' or the e-mail format is incorrect.';
+	}
+// Check for a password and match against the confirmed password:
+$password1trim = trim($_POST['password1']);	
+if (empty($password1trim)){   //                                             #7
+$errors[] ='Please enter a valid password';
+}
+else {
+if(!preg_match( '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$@!%&*?])[A-Za-z\d#$@!%&*?]{8,12}$/', 
+$password1trim)) {  //                        #8
+$errors[] = 'Invalid password,8 to 12 chars, one upper, one lower, one number, one special.';
+} else
+{
+$password2trim = trim($_POST['password2']);	
+if($password1trim === $password2trim) { //                                 #9
+$password = $password1trim;
+}else{
+$errors[] = 'Your two password do not match.';
+$errors[] = 'Please try again';
+}
+}
+}
+//Is the 1st address present? If it is, trim it and sanitize it
+$address1trim = trim($_POST['address1']);		
+if ((!empty($address1trim)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address1trim)) &&
+  (strlen($address1trim) <= 30)) {					
+	//Sanitize the trimmed 1st address						
+	$address1trim = (filter_var($address1trim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing address. Only alphabetic, number, period, comma, dash and space. Max 30.';
+	}
+//If the 2nd address is present? If it is, trim it and sanitize it          #10
+$address2trim = trim($_POST['address2']);		
+if ((!empty($address2trim)) && (preg_match('/[a-z0-9\.\s\,\-]/i', $address2trim)) &&
+  (strlen($address2trim) <= 30)) {				
+	//Sanitize the trimmed 2nd address						
+	$address2trim = (filter_var($address2trim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$address2trim = NULL;
+	}
+//Is the city present? If it is, trim it and sanitize it
+$citytrim = trim($_POST['city']);		
+if ((!empty($citytrim)) && (preg_match('/[a-z\.\s]/i', $citytrim)) &&
+  (strlen($citytrim) <= 30)) {					
+	//Sanitize the trimmed city						
+	$citytrim = (filter_var($citytrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period and space. Max 30.';
+	}
+//Is the state or country present? If it is, trim it and sanitize it
+$state_countrytrim = trim($_POST['state_country']);		
+if ((!empty($state_countrytrim)) && (preg_match('/[a-z\.\s]/i', $state_countrytrim)) &&
+    (strlen($state_countrytrim) <= 30))	 {				
+	//Sanitize the trimmed state or country						
+	$state_countrytrim = (filter_var($state_countrytrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing state/country. Only alphabetic, period and space. Max 30.';
+	}
+//Is the zip code or post code present? If it is, trim it and sanitize it
+$zcode_pcodetrim = trim($_POST['zcode_pcode']);		
+if ((!empty($zcode_pcodetrim)) && (preg_match('/[a-z0-9\s]/i', $zcode_pcodetrim)) &&
+    (strlen($citytrim) <= 30)) {						
+	//Sanitize the trimmed zcode_pcode						
+	$zcode_pcodetrim = (filter_var($zcode_pcodetrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing zip code or post code. Alphabetic, numeric, space only max 30 characters';
+	}
+//Is the secret present? If it is, trim it and sanitize it
+$secrettrim = trim($_POST['secret']);		
+if ((!empty($secrettrim)) && (preg_match('/[a-z\.\s\,\-]/i', $secrettrim)) &&
+  (strlen($secrettrim) <= 30)) {					
+	//Sanitize the trimmed city						
+	$secrettrim = (filter_var($secrettrim, FILTER_SANITIZE_STRING));						
+	}else{	
+	$errors[] = 'Missing city. Only alphabetic, period, comma, dash and space. Max 30.';
+	}
+//Is the phone number present? If it is, trim it and sanitize it     
+$phonetrim = trim($_POST['phone']);		
+if ((!empty($phonetrim)) && (strlen($phonetrim) <= 30)) {					
+	//Sanitize the trimmed phone number	
+	$phonetrim = (filter_var($phonetrim, FILTER_SANITIZE_NUMBER_INT));
+    $phonetrim = preg_replace('/[^0-9]/', '', $phonetrim);		
+	}else{	
+	$phonetrim = NULL;
+	}
+if (empty($errors)) { // If everything's OK.
+// If no problems encountered, register user in the database
+//Determine whether the email address has already been registered                         
+$query = "SELECT user_id FROM users WHERE email = ? ";
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+mysqli_stmt_bind_param($q,'s', $e);
+mysqli_stmt_execute($q);
+$result = mysqli_stmt_get_result($q);
+
+if (mysqli_num_rows($result) == 0){//The email address has not been registered
+//already therefore register the user in the users table
+	//-------------Valid Entries - Save to database -----
+	//Start of the SUCCESSFUL SECTION. i.e all the required fields were filled out
+	$hashed_password = password_hash($password, PASSWORD_DEFAULT);			
+	// Register the user in the database...
+	$query = "INSERT INTO users (user_id, title, first_name, last_name, email, password,"; 
+    $query .= "address1, address2, city, state_country, zcode_pcode, phone, secret, registration_date) ";
+    $query .= "VALUES ";
+	$query .= "(' ',?,?,?,?,?,?,?,?,?,?,?,?,NOW())"; 
+$q = mysqli_stmt_init($dbcon);
+mysqli_stmt_prepare($q, $query);
+// use prepared statement to insure that only text is inserted
+// bind fields to SQL Statement
+mysqli_stmt_bind_param($q, 'ssssssssssss', 
+	$titletrim, $first_nametrim, $last_nametrim, $emailtrim, $hashed_password, $address1trim, $address2trim, 
+	$citytrim, $state_countrytrim, $zcode_pcodetrim, $phonetrim, $secrettrim);
+// execute query
+mysqli_stmt_execute($q);
+if (mysqli_stmt_affected_rows($q) == 1) {			
+	header ("location: register_thanks.php"); 					
+	} else {
+	echo 'Invalid query:' . $dbcon->error; 
+// change to generic message in production
+	}
+	}else{//The email address is already registered                         
+echo '<p class="error">The email address is already registered</p>';
+}
+	} else {//End of SUCCESSFUL SECTION 
+// ---------------Process User Errors---------------
+// Display the users entry errors
+echo '<h2>Error!</h2>
+<p class="error">The following error(s) occurred:<br>';
+foreach ($errors as $msg) { // Print each error.				
+echo " - $msg<br>\n";
+    }
+echo '</p><h3>Please try again.</h3><p><br></p>';
+    }// End of if (empty($errors)) IF.
+mysqli_close($dbcon);
+}
+catch(Exception $e)
+{
+	print "The system is busy, please try later";
+	$error_string = date('mdYhis') . " | Registration | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/exception_log.log"); 
+	//error_log("Exception in Register Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Register Exception" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Exception occurred. Message: " . $e->getMessage();
+}catch(Error $e)
+{
+	print "The system is busy, please come back later";
+	$error_string = date('mdYhis') . " | Registration | " . $e-getMessage() . "\n";
+	error_log($error_string,3,"/logs/error_log.log"); 
+	//error_log("Error in Register Program. Check log for details", 1, "noone@nowhere.com", 
+	//	"Subject: Register Error" . "\r\n");
+	// You can turn off display of errors in php.ini display_errors = Off
+    //print "An Error occurred. Message: " . $e->getMessage();
+} 
+?>
\ No newline at end of file
diff --git a/Ch11/paypalcart/register.php b/Ch11/paypalcart/register.php
new file mode 100644
index 0000000..4f2e901
--- /dev/null
+++ b/Ch11/paypalcart/register.php
@@ -0,0 +1,243 @@
+<?php
+$menu = 8;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+   <script src="verify.js"></script> 
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<script src='https://www.google.com/recaptcha/api.js'></script>
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-8 text-center" style="padding:0px; margin-top: 5px;">
+	<!--Start of admin add paintings content-->
+<?php
+// This code is a query that INSERTs a paintings in the art table
+// Confirm that form has been submitted
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require("process_register.php"); }
+?>
+<form  action="register.php" method="post" onsubmit="return checked();">
+<div class="form-group row">
+    <label class="col-sm-4 col-form-label"></label>
+    <div class="col-sm-8">
+<h2>Account Registration</h2>
+<h6>Items marked with an asterisk * are essential</h6>
+</div>
+</div>
+<div class="form-group row">
+    <label for="title" class="col-sm-4 col-form-label text-right">Title:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="title" name="title" 
+	  placeholder="Title" maxlength="12"
+	  pattern='[a-zA-Z][a-zA-Z\s\.]*' 
+	  title="Alphabetic, period and space max 12 characters"
+	  value=
+		"<?php if (isset($_POST['title'])) 
+		echo htmlspecialchars($_POST['title'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="first_name" class="col-sm-4 col-form-label text-right">First Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="first_name" name="first_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s]*" title="Alphabetic and space only max of 30 characters"
+	  placeholder="First Name" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['first_name'])) 
+		echo htmlspecialchars($_POST['first_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+    <label for="last_name" class="col-sm-4 col-form-label text-right">Last Name*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="last_name" name="last_name" 
+	  pattern="[a-zA-Z][a-zA-Z\s\-\']*" 
+	  title="Alphabetic, dash, quote and space only max of 40 characters"
+	  placeholder="Last Name" maxlength="40" required
+	  value=
+		"<?php if (isset($_POST['last_name'])) 
+		echo htmlspecialchars($_POST['last_name'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="email" class="col-sm-4 col-form-label text-right">E-mail*:</label>
+    <div class="col-sm-8">
+      <input type="email" class="form-control" id="email" name="email" 
+	  placeholder="E-mail" maxlength="60" required
+	  value=
+		"<?php if (isset($_POST['email'])) 
+		echo htmlspecialchars($_POST['email'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password1" class="col-sm-4 col-form-label text-right">Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password1" name="password1" 
+	  pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one upper, one lower, one special, with 8 to 12 characters"
+	  placeholder="Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password1'])) 
+		echo htmlspecialchars($_POST['password1'], ENT_QUOTES); ?>" >
+	  <span id='message'>Between 8 and 12 characters.</span>
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="password2" class="col-sm-4 col-form-label text-right">Confirm Password*:</label>
+    <div class="col-sm-8">
+      <input type="password" class="form-control" id="password2" name="password2"
+      pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}" 
+	  title="One number, one uppercase, one lowercase letter, with 8 to 12 characters"
+	  placeholder="Confirm Password" minlength="8" maxlength="12" required
+	  value=
+		"<?php if (isset($_POST['password2'])) 
+		echo htmlspecialchars($_POST['password2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address1" class="col-sm-4 col-form-label text-right">Address*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address1" name="address1" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['address1'])) 
+		echo htmlspecialchars($_POST['address1'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="address2" class="col-sm-4 col-form-label text-right">Address:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="address2" name="address2" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Address" maxlength="30"
+	  value=
+		"<?php if (isset($_POST['address2'])) 
+		echo htmlspecialchars($_POST['address2'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="city" class="col-sm-4 col-form-label text-right">City*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="city" name="city" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="City" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['city'])) 
+		echo htmlspecialchars($_POST['city'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+<div class="form-group row">
+    <label for="state_country" class="col-sm-4 col-form-label text-right">
+	Country/state*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="state_country" name="state_country"
+      pattern="[a-zA-Z][a-zA-Z\s\.]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="State or Country" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['state_country'])) 
+		echo htmlspecialchars($_POST['state_country'], ENT_QUOTES); ?>" >
+    </div>
+  </div>	
+<div class="form-group row">
+    <label for="zcode_pcode" class="col-sm-4 col-form-label text-right">
+	Zip/Postal Code*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="zcode_pcode" name="zcode_pcode" 
+	  pattern="[a-zA-Z0-9][a-zA-Z0-9\s]*" 
+	  title="Alphabetic, period and space only max of 30 characters" 
+	  placeholder="Zip or Postal Code" minlength="5" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['zcode_pcode'])) 
+		echo htmlspecialchars($_POST['zcode_pcode'], ENT_QUOTES); ?>" >
+    </div>
+  </div>		
+<div class="form-group row">
+    <label for="phone" class="col-sm-4 col-form-label text-right">Telephone:</label>
+    <div class="col-sm-8">
+      <input type="tel" class="form-control" id="phone" name="phone" 
+	  placeholder="Phone Number" maxlength="30"
+	  value=
+		"<?php if (isset($_POST['phone'])) 
+		echo htmlspecialchars($_POST['phone'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+      <label for="question" class="col-sm-4 col-form-label text-right">
+	  Secret Question*:</label>
+	  <div class="col-sm-8">
+      <select id="question" class="form-control">
+        <option selected value="">- Select -</option>
+	<option value="Maiden">Mother's Maiden Name</option>
+	<option value="Pet">Pet's Name</option>
+	<option value="School">High School</option>
+	<option value="Spot">Favorite Vacation Spot</option>
+	</select>
+	</div>
+	</div>  
+	<div class="form-group row">
+    <label for="secret" class="col-sm-4 col-form-label text-right">Answer*:</label>
+    <div class="col-sm-8">
+      <input type="text" class="form-control" id="secret" name="secret" 
+	  pattern="[a-zA-Z][a-zA-Z\s\.\,\-]*" 
+	  title="Alphabetic, period, comma, dash and space only max of 30 characters" 
+	  placeholder="Secret Answer" maxlength="30" required
+	  value=
+		"<?php if (isset($_POST['secret'])) 
+		echo htmlspecialchars($_POST['secret'], ENT_QUOTES); ?>" >
+    </div>
+  </div>
+  <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+  <div class="g-recaptcha" style="padding-left: 50px;" data-sitekey="6LcrQ1wUAAAAAPxlrAkLuPdpY5qwS9rXF1j46fhq"></div>
+  </div>
+  </div>
+ <div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<input id="submit" class="btn btn-primary" 
+type="submit" name="submit" value="Submit">
+</div>
+</div>
+<div class="form-group row">
+  <label class="col-sm-4 col-form-label"></label>
+  <div class="col-sm-8">
+<footer class="jumbotron row" id="includefooter">
+  <?php include('includes/footer.php'); ?>
+</footer>
+</div>
+</div>
+</form><!--End of the add a painting content-->
+</div>
+<!-- Right-side Column Content Section -->
+	<aside class="col-sm-4" id="includemenu">
+      <?php include('includes/menu.php'); ?> 
+	</aside>
+	</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/register_thanks.php b/Ch11/paypalcart/register_thanks.php
new file mode 100644
index 0000000..2737ead
--- /dev/null
+++ b/Ch11/paypalcart/register_thanks.php
@@ -0,0 +1,40 @@
+<?php
+$menu=9;
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Template for an interactive web page</title>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS File -->
+  <link rel="stylesheet" 
+  href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css" 
+  integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" 
+  crossorigin="anonymous">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+</head>
+<body>
+<div class="container" style="margin-top:10px">
+<!-- Header Section -->
+<header class="jumbotron text-center row mx-auto" id="includeheader"> 
+<?php include('includes/header.php'); ?>
+</header>
+<!-- Body Section -->
+<div class="content mx-auto" id="contents">
+  <div class="row mx-auto" style="padding-left: 0px; height: auto;">
+<!-- Center Column Content Section -->
+  <div class="col-sm-14 text-center mx-auto" style="padding:20px; margin-top: 5px; color:white;">
+<h2>Thank you for registering</h2>
+<h6>You will now be able to login, search for, and view the paintings.
+Even without logging in you can view and search the gallery,
+but if you login you can see an enlarged version of each painting </h6>
+<footer>
+<?php include("includes/footer.php"); ?>
+</footer>
+</div>
+</div>
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/Ch11/paypalcart/transparent.css b/Ch11/paypalcart/transparent.css
new file mode 100644
index 0000000..a21422c
--- /dev/null
+++ b/Ch11/paypalcart/transparent.css
@@ -0,0 +1,15 @@
+body { background:#68CE53; font-family:arial; font-size: 100%;
+}
+header {border:10px white solid;}
+#container {
+	margin:auto;
+}
+h2 { margin-top: 20px; }
+label { color: black; }
+#submit {margin: 0px; background:#559a55; border: 5px outset #559a55; width: 140px;}
+#includemenu {padding-top: 10px; padding-bottom: 10px; padding-right: 0px;}
+#includefooter {background:#68CE53; padding-top: 5px; padding-bottom: 5px; margin: 0px;}
+#includeheader {width:90%; height:auto; background:#95b522; margin-bottom: 0px; padding:0px;}
+#contents {background-color:transparent ;margin-top: -17px; border:10px white solid; color: white; width: 90%; }
+#buttons {background:#559a55; border: 5px outset #559a55;}
+
diff --git a/Ch11/paypalcart/users_search_page.php b/Ch11/paypalcart/users_search_page.php
new file mode 100644
index 0000000..564010d
--- /dev/null
+++ b/Ch11/paypalcart/users_search_page.php
@@ -0,0 +1,69 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])){
+header('location:login.php');
+exit();
+}
+?>
+<!doctype html>
+<html lang="en">
+<head>
+<title>The registered user's search page, custom cart version</title>
+<meta charset="utf-8">
+<link rel="stylesheet" type="text/css" href="transparent.css">
+<style type="text/css">
+p { font-size:110%; }
+#midcol h2 { width:400px; }
+#mid-left-col h3 {font-size:150%; text-align:left; }
+select { width:130px; }
+form { margin-left:150px; }
+.search { margin:0 0 0 120px; font-weight:bold; font-size:130%; color:white; }
+#submit { width:70px; margin-left:0; }
+</style>
+</head>
+<body>
+<div id="container">
+<header>
+<?php include('includes/header_forgot.inc'); ?>
+</header>
+<div id="content"><!--Start of users' search page content-->
+<div id="rightcol">
+	<nav>
+	<?php include('includes/menu.inc'); ?>
+	</nav>
+</div>
+<div id="midcol">
+<div id="mid-left-col">
+	<h3><b>Welcome to the Dove Gallery</b></h3>
+	<p><b>All prices include frames, sales tax, delivery and insurance</b></p>
+	<p class="search"><strong>Search for a painting</strong></p>
+<form action="found_paintings.php" method="post">
+	<strong>Type</strong><br>
+	<select name="type">
+	<option value="">- Select -</option>
+	<option value="still-life">Still Life</option>
+	<option value="nature">Nature</option>
+	<option value="abstract">Abstract</option>
+	</select><br>
+	<strong>Maximum Price</strong><br>
+	<select name="price">
+	<option value="">- Select -</option>
+	<option value="40">&pound;40</option>
+	<option value="80">&pound;80</option>
+	<option value="800">&pound;800</option>
+	</select><br>
+	<p><input id="submit" type="submit" name="submit" value="Search"></p>
+</form>
+</div>
+<div id="mid-right-col">
+<p><img alt="Copper Kettle by James Kessell" height="254" src="images/k-copper-kettle-
+300.jpg" width="300">&nbsp;</p>
+</div>
+<br class="clear">
+</div>
+<footer>
+<?php include ('includes/footer.inc'); ?>
+</footer></div>
+</div>
+</body>
+</html>
diff --git a/Contributing.md b/Contributing.md
new file mode 100644
index 0000000..f6005ad
--- /dev/null
+++ b/Contributing.md
@@ -0,0 +1,14 @@
+# Contributing to Apress Source Code
+
+Copyright for Apress source code belongs to the author(s). However, under fair use you are encouraged to fork and contribute minor corrections and updates for the benefit of the author(s) and other readers.
+
+## How to Contribute
+
+1. Make sure you have a GitHub account.
+2. Fork the repository for the relevant book.
+3. Create a new branch on which to make your change, e.g. 
+`git checkout -b my_code_contribution`
+4. Commit your change. Include a commit message describing the correction. Please note that if your commit message is not clear, the correction will not be accepted.
+5. Submit a pull request.
+
+Thank you for your contribution!
\ No newline at end of file
diff --git a/LICENSE.txt b/LICENSE.txt
new file mode 100644
index 0000000..dbf0a0a
--- /dev/null
+++ b/LICENSE.txt
@@ -0,0 +1,27 @@
+Freeware License, some rights reserved
+
+Copyright (c) 2018 Adrian West and Steve Prettyman
+
+Permission is hereby granted, free of charge, to anyone obtaining a copy 
+of this software and associated documentation files (the "Software"), 
+to work with the Software within the limits of freeware distribution and fair use. 
+This includes the rights to use, copy, and modify the Software for personal use. 
+Users are also allowed and encouraged to submit corrections and modifications 
+to the Software for the benefit of other users.
+
+It is not allowed to reuse,  modify, or redistribute the Software for 
+commercial use in any way, or for a user’s educational materials such as books 
+or blog articles without prior permission from the copyright holder. 
+
+The above copyright notice and this permission notice need to be included 
+in all copies or substantial portions of the software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS OR APRESS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..8d07d5c
--- /dev/null
+++ b/README.md
@@ -0,0 +1,16 @@
+# Apress Source Code
+
+This repository accompanies [*Practical PHP 7, MySQL 8, and MariaDB Website Databases*](https://www.apress.com/9781484238424) by Adrian West and Steve Prettyman (Apress, 2018).
+
+[comment]: #cover
+![Cover image](9781484238424.jpg)
+
+Download the files as a zip using the green button, or clone the repository to your machine using Git.
+
+## Releases
+
+Release v1.0 corresponds to the code in the published book, without corrections or updates.
+
+## Contributions
+
+See the file Contributing.md for more information on how you can contribute to this repository.
\ No newline at end of file
diff --git a/errata.md b/errata.md
new file mode 100644
index 0000000..11e10af
--- /dev/null
+++ b/errata.md
@@ -0,0 +1,13 @@
+# Errata for *Book Title*
+
+On **page xx** [Summary of error]:
+ 
+Details of error here. Highlight key pieces in **bold**.
+
+***
+
+On **page xx** [Summary of error]:
+ 
+Details of error here. Highlight key pieces in **bold**.
+
+***
\ No newline at end of file