Jump to content

Archived

This topic is now archived and is closed to further replies.

Guest daleosmond

User System

Recommended Posts

Guest daleosmond
Hey,
im developing an user system and im going to use session but im stuck on what to do.

option 1;
user signins with correct password and user ----> creates an session with there ip, user-agent and username ---> php checks if there ip and user-agent is the same of the values in the session ----------> user logged in.

option 2;
user signins with correct password and user ----> create session with username, password ----> php gets the users username and password check the database if the detal are correct -----> users loggedin

could anyone please tell me whats best or even tell me a better way?

thanks! [img src=\"style_emoticons/[#EMO_DIR#]/smile.gif\" style=\"vertical-align:middle\" emoid=\":smile:\" border=\"0\" alt=\"smile.gif\" /]

Share this post


Link to post
Share on other sites
#2 is a better way to go.

#1 is dependent on the user always using the same IP (that's going to fail) and also depends on the user-agent (also a very bad idea).

I'm not even sure why you're considering #1.

Share this post


Link to post
Share on other sites
I'm not sure if I'm following you, but why not check the user with a form for password and username as you outlined, then upon successful entry the user is given a session holding, at least, his personal id (the key value for him in the user table). You could put more there too, but I wouldn't put passwords there or other sensitive information. Generally, I think you should put as little as possible, only what you'll know you will need, so definitely the user id and maybe username? Anyway hope that helps, Buyo.

Share this post


Link to post
Share on other sites
Guest daleosmond
but wont #2 create higher server load?

Share this post


Link to post
Share on other sites
Slightly, but it shouldn't be an issue and #1 WILL NOT WORK. Period. If I were to look up the IPs that I've used personally to log into this site, I'd probably find at least 8-10. And I use a variety of web browsers, so the second part of that isn't going to work either.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.