Jump to content

Archived

This topic is now archived and is closed to further replies.

BlueCoder

PHP Framework for making a login page/website

Recommended Posts

Hello,

I am currently a asp.net developer but am moving away from it and into php + MySQL. I have actually coded in PHP/MySQL before doing asp.net but due to work requirements, have ended up using mostly asp.net webforms.

 

Now I am turning coats and moving back to PHP/MySQL. I understand the code and OOP of PHP as well as Database design with SQL quite well. However, what I am unsure of is where to get started in frameworks.

 

Specifically, I want to create a login website that allows users to register (with different roles), login, change their password, have a profile page, etc. using PHP/MySQL.

 

I was looking at tutorials on how to do this and the best I have found so far is: http://www.wikihow.com/Create-a-Secure-Login-Script-in-PHP-and-MySQL. I understand all the code there, but I think it is probably a bad idea to create your own login website because there could always be things that are insecure that you don't know about in the future.

 

Thus, the best solution would be to use a framework to do the hard work for you - and then you can just learn the framework. 

 

My question is, what is the best framework to use to be able to create a login website that you can fully customize yourself? I know this is a highly subjective question but I was considering learning Laravel. There are a lot of frameworks out there and I don't want to use one that is over-kill. I just want it simple and secure so I can make many different types of login pages for different clients.

 

For those of you who have experience making login websites with php/mysql, what solution do you use?

 

Thank you!!!

Share this post


Link to post
Share on other sites

Laravel isn't a bad choice for you really.

 

I use a combination of password_hash and sessions through a process script

register and login forms

 

everything passes through process.php which is a class

process.php includes a sessions.php with various functions for determining admin, login, logout ,register, account editing actions, setting cookies and so on

process script handles all header redirects, email validation, spam ip checks, forgot password,

I'm sure can make a single script to do it all, is how I happened to make it.

 

user log in levels 1-10

user names always lower cased and checked to ensure is just one

session values retain the users name and level

 

incorporated user logged in tracking, last logged in times

guest versus user tracking using ip, useful for visitors, email registration confirmations ,ddos or mass registration attempts and so on

 

profile page is simple enough by making a profile.php script using their name for the variable, or id if that suits your needs better...or both

/profile.php?user=bobby

/profile.php?id=234

 

I stick to using their username for everything since I have them stored in session as that, so is simple to incorporate a "my page" using their logged in session name or for whatever other action need to do for that user

user edit script would be included and work just for that user...again checking against logged in session for any actions

 

could even do on the fly wildcard subdomains, parse the domain and use the users name from it to collect their data from mysql

 

once you have a working login system can get as advanced as want with it

 

I like sqlite, but I would probably only use it for a per user data like preferences or something, the file locking isn't that elegant across a large site.

Share this post


Link to post
Share on other sites

Laravel isn't a bad choice for you really.

 

I use a combination of password_hash and sessions through a process script

register and login forms

 

everything passes through process.php which is a class

process.php includes a sessions.php with various functions for determining admin, login, logout ,register, account editing actions, setting cookies and so on

process script handles all header redirects, email validation, spam ip checks, forgot password,

I'm sure can make a single script to do it all, is how I happened to make it.

 

user log in levels 1-10

user names always lower cased and checked to ensure is just one

session values retain the users name and level

 

incorporated user logged in tracking, last logged in times

guest versus user tracking using ip, useful for visitors, email registration confirmations ,ddos or mass registration attempts and so on

 

profile page is simple enough by making a profile.php script using their name for the variable, or id if that suits your needs better...or both

/profile.php?user=bobby

/profile.php?id=234

 

I stick to using their username for everything since I have them stored in session as that, so is simple to incorporate a "my page" using their logged in session name or for whatever other action need to do for that user

user edit script would be included and work just for that user...again checking against logged in session for any actions

 

could even do on the fly wildcard subdomains, parse the domain and use the users name from it to collect their data from mysql

 

once you have a working login system can get as advanced as want with it

 

I like sqlite, but I would probably only use it for a per user data like preferences or something, the file locking isn't that elegant across a large site.

 

Thanks for the reply. So it sounds like you are recommending to not use a framework but to create your own login system? 

Share this post


Link to post
Share on other sites

Not recommending anything, if use a framework then use their login along with it, if want something custom go with your own.

 

Sounds like are making own cms which wouldn't seem to be any bloat by using the framework.

If you are going to be doing projects as a developer might as well learn laravel and have that in your arsenal.

Kinda goes like this, keep learning frameworks or upgrade your own custom codes as needed.

I'm not a person who relies on frameworks and do all my own, stopped freelancing years ago, but if I did I would make sure I knew the ins and outs the latest popular frameworks.

 

Which is easier or better suited for your needs?

 

Here is some cms made with laravel you can look over, see their code and such.

http://maxoffsky.com/code-blog/list-cmss-built-laravel/

 

angularjs may be something of interest to you as well

https://github.com/mrgamer/angular-login-example

Share this post


Link to post
Share on other sites

If you use the advanced template with Yii2, it creates a login, registration, and forgotten password function for you.

www.yiiframework.com/download/

Share this post


Link to post
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.