Drezard Posted October 21, 2006 Share Posted October 21, 2006 I want to make a User Authenication System, (You know, Login/Logout sort of thing). Im not sure how to do it though... Is it better to use cookies or sessions? Can someone give me an idea. I tried making one before but i failed miseriable.Thanks, Daniel Quote Link to comment Share on other sites More sharing options...
manichean Posted October 21, 2006 Share Posted October 21, 2006 The best information I can give you without going into a massive explanation is pointing you to PEAR, if you dont know about it you do now.For an explanation of what PEAR is check this linkVisit : http://pear.php.net/You will be particualrly interested in the packages list. Go there and check the Authentication packageVisit : http://pear.php.net/packages.php?catpid=1&catname=AuthenticationThis should help you on your way ;) Quote Link to comment Share on other sites More sharing options...
Drezard Posted October 21, 2006 Author Share Posted October 21, 2006 I just need these questions answered then:[A] When a user logs in do you create a cookie for the username and password? Or just one?[B] When a user logs in how exaclty does the script go? - Thanks, Daniel Quote Link to comment Share on other sites More sharing options...
swap Posted October 21, 2006 Share Posted October 21, 2006 It's p[retty simple,there are a few options,when you login;1.) the script creates a $_SESSION value that will be checked every page the user requests. if the $_SESSION value isn't found, the page will not be opened. (the user will be redirected.) A session can either result in a cookie or some header code.2.) The script inserts a value to the databse, and uses the url, some hidden value or a cookie to let the user pass the value back to the script. If the value for that ip matches the value from the database, it passes the validation. Some problems occur when more then one user logsin from the same ip. Solutions are there, just an example.*) lots of other options.just make sure login pages are going trough ssl and you're safe to go.GL Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.