Re: Authentication
- From: "Christopher F. Falzone" <ctiggerf@xxxxxxxxx>
- Date: Wed, 5 Apr 2006 08:33:00 CST
Ok here come my speal about authentification using cookies/database.
Seeining as how your already using SQL in pages this should be rather
easy.
Ok first all of your users have to have a username+password (obvious I
hope). So you need a form to place on all your pages that asks for
those. The form should submit to whatever page is calling it. Here is
some psuedocode for the authentification that will go on each page:
Get username and password and session id from database ($user, $pass,
$ses_id)
Get Authentification string from cookie ($auth_code)
IF $auth_code EQ md5($user.$ses_id) THEN return logged in
Get submitted values from form ($form_user, $form_pass)
IF $user EQ $form_user AND $pass EQ $form_pass THEN {
Generate a session id ($new_ses_id)
Insert $new_ses_id into database
Set the cokkie value to md5($user+$new_sess_id)
Return logged in
} ELSE return not logged in
If you make this a function that returns 1 if logged in and 0 if not
then you can call this on every page page that needs authenticated and
check the return value. If they are logged in display the page,
otherwise display the form.
Not saying that this is the only way, just one of hundreds of ways to
authenticate your users. However I like this way because it gives a
lot of versatility. You could make only parts of your page require a
login (something I'm not sure if you can do with .htaccess). Or you
could add a fields in database that designates roles .. like user,
administrator, ect. and return a value like 0 not logged in, 1 logged
in as user, 2 logged in as administrator, ect.
Well about cookies .. I'm not going to explain them here .. but here is
a reference on cookies done in perl I found in 2 seconds from a google
search:
http://www.comptechdoc.org/independent/web/cgi/perlmanual/perlcookie.html
Hope it helps.
--
PLEASE NOTE: comp.infosystems.www.authoring.cgi is a
SELF-MODERATED newsgroup. aa.net and boutell.com are
NOT the originators of the articles and are NOT responsible
for their content.
HOW TO POST to comp.infosystems.www.authoring.cgi:
http://www.thinkspot.net/ciwac/howtopost.html
.
- Follow-Ups:
- Re: Authentication
- From: Adam Smith
- Re: Authentication
- References:
- Authentication
- From: Adam Smith
- Re: Authentication
- From: Erika Wasser
- Re: Authentication
- From: Adam Smith
- Authentication
- Prev by Date: Re: Authentication
- Next by Date: Re: Authentication
- Previous by thread: Re: Authentication
- Next by thread: Re: Authentication
- Index(es):
