authentication with email verification & lost password help - reinvent wheel?

[joshmeyer]

Before I build my authentication system with PEAR::Auth, I'd like to avoid reinventing the wheel.  What I need is:

1.) a way to verify that a user owns a particular email account by sending a test message to that account with a link to follow.
2.) a way to handle forgotten passwords
3.) works in MySQL
4.) login page is SSL enabled
5.) users can be flagged as regular users or privileged users

A thorough google search turned up nothing.  I would have thought there'd be a very standard way to do this and perhaps demo code out there.

Do I need to reinvent the wheel?

Josh

[keeB]

No need to reinvent the wheel, however...

1. mail() and md5(username+email+password?)
2. just like any other form
3. ok
4. SSL is a protocol, not PHP related
5. There's a membership system tutorial in this site. Take a look at the tutorial section.