I'm looking to implement user login onto my site for the first time. I'm happy to either build my own solution, or implement something open source, however no package has been an obvious choice in my search so far. Equally, I'm fully aware that as an intermediate php programmer at best, I am highly likely to miss something obvious if I roll my own solution, and leave the doors well and truly open.
Any suggestions? We're not talking super sensitive or payment data here, but equally, I'm keen not to have people mess up my site!
requirements are - php based - simple as possible, not need for fancy bells and whistles - not Zend framework, since i've now rolled my own very basic frameworkthanks to this post
Thanks for your input.
This typically involves a simple username and password check. Thus, a user who is logged in is an authenticated user. Authorization, often called access control, is how you guard access to protected resources and determine whether a user is authorized to access a particular resource.
Once the user has filled in a username and a password, the URL containing the PHP script will be called again with the predefined variables PHP_AUTH_USER , PHP_AUTH_PW , and AUTH_TYPE set to the user name, password and authentication type respectively. These predefined variables are found in the $_SERVER array.
A few good security gotcha's are
I found these article very helpful in building login systems with cookies:
"You'll put your eye out kid."
Security is hard. I hate to say this, but the odds of you making a simple authorization scheme that is secure are quite slim. There is no easy mode here. So you might want to start by reading through a bunch of authentication code in the various frameworks/cmses, and other places where you can see how others have done it, and begin researching.
Here are some links: http://www.topmost.se/personal/articles/casual-cryptography-for-web-developers.htm http://pear.php.net/packages.php?catpid=1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With