Jump to content


User System


  • Please log in to reply
4 replies to this topic

#1 Guest_daleosmond_*

Guest_daleosmond_*
  • Guests

Posted 10 May 2006 - 05:29 PM

Hey,
im developing an user system and im going to use session but im stuck on what to do.

option 1;
user signins with correct password and user ----> creates an session with there ip, user-agent and username ---> php checks if there ip and user-agent is the same of the values in the session ----------> user logged in.

option 2;
user signins with correct password and user ----> create session with username, password ----> php gets the users username and password check the database if the detal are correct -----> users loggedin

could anyone please tell me whats best or even tell me a better way?

thanks! [img src=\"style_emoticons/[#EMO_DIR#]/smile.gif\" style=\"vertical-align:middle\" emoid=\":smile:\" border=\"0\" alt=\"smile.gif\" /]

#2 ober

ober
  • Staff Alumni
  • Advanced Member
  • 5,337 posts
  • LocationEast Coast, USA

Posted 10 May 2006 - 05:36 PM

#2 is a better way to go.

#1 is dependent on the user always using the same IP (that's going to fail) and also depends on the user-agent (also a very bad idea).

I'm not even sure why you're considering #1.

Info: PHP Manual


#3 Buyocat

Buyocat
  • Members
  • PipPipPip
  • Advanced Member
  • 267 posts

Posted 10 May 2006 - 05:36 PM

I'm not sure if I'm following you, but why not check the user with a form for password and username as you outlined, then upon successful entry the user is given a session holding, at least, his personal id (the key value for him in the user table). You could put more there too, but I wouldn't put passwords there or other sensitive information. Generally, I think you should put as little as possible, only what you'll know you will need, so definitely the user id and maybe username? Anyway hope that helps, Buyo.
Looking for some easy-to-use tools?  Try these, https://sourceforge....jects/utils-php -- I made them myself.  They're distinct tools which are easy to understand and use.  See some examples uses at http://www.anotherearlymorning.com

#4 Guest_daleosmond_*

Guest_daleosmond_*
  • Guests

Posted 10 May 2006 - 05:42 PM

but wont #2 create higher server load?

#5 ober

ober
  • Staff Alumni
  • Advanced Member
  • 5,337 posts
  • LocationEast Coast, USA

Posted 10 May 2006 - 05:45 PM

Slightly, but it shouldn't be an issue and #1 WILL NOT WORK. Period. If I were to look up the IPs that I've used personally to log into this site, I'd probably find at least 8-10. And I use a variety of web browsers, so the second part of that isn't going to work either.

Info: PHP Manual





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users