Thread: PHP: Custom user authentication
View Single Post
Old 12-14-2006, 01:28 PM   #2 (permalink)
johnboulder
Administrator
Enthusiast
 
johnboulder's Avatar
 
Join Date: Mar 2003
Posts: 97
johnboulder is just really nicejohnboulder is just really nice
Send a message via MSN to johnboulder Send a message via Yahoo to johnboulder Send a message via Skype™ to johnboulder
Default Re: PHP: Custom user authentication
Registration and form validation is probably the most tedious part of creating a user authentication system - authentication is much asier, and can generally be accomplished with less than 20 lines of code.

As I usually recommend that passwords are stored as a hash, the way you find out if a user is valid, and has supplied the right password - you just need 1 SQL statement - if it returns values, then log the user in, if it doesn't - they dont have a valid acccount, or have not supplied the correct information.

Code:
SELECT * FROM users u
  WHERE u.email LIKE '{$_POST[email]}'
  AND u.password = MD5({$_POST[password]})
  AND u.verified = '1'
To note a login, it's always easy to use a session.

Set $_SESSION['activeuser'] to your user record, then logging out is simply a matter of clearing the session item.

Regards
__________________
Sean Johnstone

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Tutorials:

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
- Tutorial on creating navigation tabs using CSS

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
- Tutorial on PHP custom user authentication
johnboulder is offline   Reply With Quote