User Authenication System (Design) (How did you do yours?)
Posted 21 October 2006 - 08:08 AM
Posted 21 October 2006 - 08:43 AM
For an explanation of what PEAR is check this link
Visit : http://pear.php.net/
You will be particualrly interested in the packages list. Go there and check the Authentication package
Visit : http://pear.php.net/...=Authentication
This should help you on your way
Posted 21 October 2006 - 09:10 AM
[A] When a user logs in do you create a cookie for the username and password? Or just one?
[B] When a user logs in how exaclty does the script go?
- Thanks, Daniel
Posted 21 October 2006 - 09:59 AM
there are a few options,
when you login;
1.) the script creates a $_SESSION value that will be checked every page the user requests.
if the $_SESSION value isn't found, the page will not be opened. (the user will be redirected.)
A session can either result in a cookie or some header code.
2.) The script inserts a value to the databse, and uses the url, some hidden value or a cookie to let the user pass the value back to the script.
If the value for that ip matches the value from the database, it passes the validation.
Some problems occur when more then one user logsin from the same ip.
Solutions are there, just an example.
*) lots of other options.
just make sure login pages are going trough ssl and you're safe to go.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users