Jump to content

  •  

  • iBotModz CBox


    Photo

    User Authentication and PHP Sessions


    • Please log in to reply
    3 replies to this topic

    #1 360

    360

      Sergeant Grade 2

    • Donors

    • 373 posts
    • Joined: 28-June 09
    • Gender:Male

    Posted 04 November 2009 - 05:00 PM

    I'm currently working on a course project that involves a database-driven PHP script with user access features. I've never worked with PHP before and I'm currently working on the basics of the user authentication system. Can anyone guide me in the right direction in terms of how to process a login form to:

    - Check the details in the database
    - Create a session
    - Load certain values from the user table and store them as variables (one namely "user_type" which defines the privleges the user has)
    - Load content appropriate to that user type

    I current have in mind three different user types; an admin, staff and client. I want different content to be displayed on the page for each type. For example, I want the admin to have options to add and edit users and content for clients, while clients can only view and download the content given to them etc.

    #2 iBotPeaches

    iBotPeaches

      General Grade 6

    • Owner

    • 6,570 posts
    • Joined: 29-July 07
    • Gender:Male
    • Location:Kansas

    Posted 04 November 2009 - 07:40 PM

    Learn the basic if and switch statements in php. That should help cover displaying the right content to the user. As for checking details, it really can't be explained by me. You have to clean the incoming variable (for malicious code) then check that against the database.

    Its complicated if your starting from fresh. If you know nothing, I think Adobe Dreamweaver does that database thing for you. However, only do that to learn because its security and other features suck.

    #3 360

    360

      Sergeant Grade 2

    • Donors

    • 373 posts
    • Joined: 28-June 09
    • Gender:Male

    Posted 04 November 2009 - 08:12 PM

    Learn the basic if and switch statements in php. That should help cover displaying the right content to the user. As for checking details, it really can't be explained by me. You have to clean the incoming variable (for malicious code) then check that against the database.

    Its complicated if your starting from fresh. If you know nothing, I think Adobe Dreamweaver does that database thing for you. However, only do that to learn because its security and other features suck.



    Alright, Thanks.

    #4 Dark Slipstream

    Dark Slipstream

      Blue Shadowz Owner

    • Members+

    • 2,829 posts
    • Joined: 19-April 08
    • Gender:Male
    • Location:Canada, ON

    Posted 05 November 2009 - 08:02 AM

    <?php
    
        if (!$_SESSION) {
            session_start();
            session_register('loggedin');
        }
    
    ?>

    That code initiates a session properly. You need to put this in a PHP file where you output a form to input login data. Use the post method to send the data to another php file to validate the login, then set loggedin = 1 or something.