iBotModz CBox
User Authentication and PHP Sessions
Started by 360, Nov 04 2009 05:00 PM
3 replies to this topic
#1
Posted 04 November 2009 - 05:00 PM
I'm currently working on a course project that involves a database-driven PHP script with user access features. I've never worked with PHP before and I'm currently working on the basics of the user authentication system. Can anyone guide me in the right direction in terms of how to process a login form to:
- Check the details in the database
- Create a session
- Load certain values from the user table and store them as variables (one namely "user_type" which defines the privleges the user has)
- Load content appropriate to that user type
I current have in mind three different user types; an admin, staff and client. I want different content to be displayed on the page for each type. For example, I want the admin to have options to add and edit users and content for clients, while clients can only view and download the content given to them etc.
- Check the details in the database
- Create a session
- Load certain values from the user table and store them as variables (one namely "user_type" which defines the privleges the user has)
- Load content appropriate to that user type
I current have in mind three different user types; an admin, staff and client. I want different content to be displayed on the page for each type. For example, I want the admin to have options to add and edit users and content for clients, while clients can only view and download the content given to them etc.
- lordpiope likes this
#2
Posted 04 November 2009 - 07:40 PM
Learn the basic if and switch statements in php. That should help cover displaying the right content to the user. As for checking details, it really can't be explained by me. You have to clean the incoming variable (for malicious code) then check that against the database.
Its complicated if your starting from fresh. If you know nothing, I think Adobe Dreamweaver does that database thing for you. However, only do that to learn because its security and other features suck.
Its complicated if your starting from fresh. If you know nothing, I think Adobe Dreamweaver does that database thing for you. However, only do that to learn because its security and other features suck.
#3
Posted 04 November 2009 - 08:12 PM
Learn the basic if and switch statements in php. That should help cover displaying the right content to the user. As for checking details, it really can't be explained by me. You have to clean the incoming variable (for malicious code) then check that against the database.
Its complicated if your starting from fresh. If you know nothing, I think Adobe Dreamweaver does that database thing for you. However, only do that to learn because its security and other features suck.
Alright, Thanks.
#4
Posted 05 November 2009 - 08:02 AM
<?php if (!$_SESSION) { session_start(); session_register('loggedin'); } ?>
That code initiates a session properly. You need to put this in a PHP file where you output a form to input login data. Use the post method to send the data to another php file to validate the login, then set loggedin = 1 or something.