Need some directions creating a multi-user site

[Idefix99]

Hi all,

 

I'm working on a hobby project to improve my skills and learn PHP and MySQL. Don't know if this is the right place to ask this question, so please let me know if it isn't.

 

I already created a single user site. It has a simple PHP login and after login information (like personal information and messages) is pulled from the database and shown. The personal information is stored in a table called settings and the messages are stored in a table called messages.

 

I like to go to the next level and create a multi-user login, but I have no idea were to start. I think I have to switch to another login type were both PHP and MySQL are used. How has the database be designed? Can I use the same structure as in the single user site I created? How can the right (belonging to the user) information be retrieved from the database?

 

Thanks in advance !

 

 

[hansford]

After your users register and the information is stored in the database, when a user attempts to log-in, your code will try to match the username and password with the log-in information they provided. If they match, the user gets access. If they don't then they will get a message stating that the "Username and/or Password are not valid". Never clue them in as to which was incorrect. You will also need to store a "salt" in the database. This will be some hash that you will add to the users password. Read up on "Salting passwords". You will have to get familiar with sessions and cookies so you can keep track of your guests as they move around in your site while they are logged in. Maybe someone can chime in here with some additional advice and point you to a good tutorial to get you started. You will learn a lot while creating a robust and secure log-in system.  

Edited December 7, 2014 by hansford

[IlaminiAyebatonyeDagogo]

good day i think what you need is a tutorial on how to do this. A video tutorial will do the magic just copy this link

 

 

This other part is an advance tutorial from tutorialzine

 

Advance tutorial From tutorialZine

 

Hope this helps

Edited December 8, 2014 by IlaminiAyebatonyeDagogo

[IlaminiAyebatonyeDagogo]

ohh can also use google as well to get more tutorials

Edited December 8, 2014 by IlaminiAyebatonyeDagogo

[Idefix99]

Thank you for all the ideas. I started with the tutorials and I think this will enable to make some progress. I think I have to get familiar with a secure login system first and tackle the other problems later. Most likely those problems will disappear when I'm familiar with how a login system works. 

[Jacques1]

I'd be very careful with random “tutorials” you found somewhere on the Internet. A lot of those people have absolutely no idea what they're doing and will teach you dangerous nonsense.which can actually compromise your entire server.

 

To be honest, I think the whole concept of programming-by-numbers is a bad idea. You don't learn a lot, and there's a huge risk of adopting all those bad practices that have been around for years.

 

My personal strategy for learning is this:

• I learn the basics (like accessing an SQL database with PHP).
• I use the manual a lot, because that's where you get first-hand information.
• I read up on best practices (like properly hashing a password).
• I think about what I've learned: Do I agree or disagree? Is there maybe a better way?
• I write my own code.
• I check what other people have to say.

In my experience, this works very well. It leads to a high code quality at an early stage and an actual understanding of the concepts behind PHP.