PHP User Management (suggestions?)

KyleKyle Lafayette, LA New
edited June 2006 in Internet & Media
I've started looking for a pre-written script to handle user management on a site I'm starting. I wanted to ask you guys if you've tried any before and had a preference or recommendations.

Here's what I'm doing:
The site is basically a "RateMyWhatever"-like voting website where guests can view content and give it a rating and registered users can post content and leave comments. That's about all the functionality I'm looking for right now. All I want out of a prewritten script is something that handles the user login/logout/account creation and validates email addresses (confirmation link).

Any suggestions?

Oh I'm using PHP 4.4.1 and MySQL

Comments

  • slipxawayslipxaway
    edited June 2006
    I'm not sure if this is what you have in mind exactly, but it definitely has features for that. It's more of a social networking script, but I think given your description of the site, it will probably go that way.

    Check out http://www.phpizabi.net

    It's free and theres a lot of support for it.
  • KyleKyle Lafayette, LA New
    edited June 2006
    Thanks for the suggestion, but that's a lot more than I'm looking for and I really have no plans of the site being a social networking/dating site.
  • ShortyShorty Manchester, UK Icrontian
    edited June 2006
    I did look alot into that when I was writing the code here. No real authentication system frameworks exist that I have found (from looking at hotscripts and other scripting sites).

    The problem with API based user systems are that they never quite give you what you want. Try building your own.. makes a great way of learning PHP :D
  • airbornflghtairbornflght Houston, TX Icrontian
    edited June 2006
    hey shorty, you should release all your (heavily commented) code snippets that you made for sm, so that I can study them and learn.:D because all the programming that I've learned so far has been easy stuff to me. I have been looking at code lately and looking at it. stuff that I never would have thought of. but this year I am taking ap CS and we are studing java all year long, so hopefully I learn some good stuff.
  • KyleKyle Lafayette, LA New
    edited June 2006
    Well I've never written a line of PHP. I figured that the base of the site would start out with simple user authentication with the database and I would build from there (learning the language as I added to it). I'd rather not waste time re-inventing the wheel when there HAS to be some script out there that covers the basics of what I need.
  • airbornflghtairbornflght Houston, TX Icrontian
    edited June 2006
    well. there really isnt any. I guess you could steal the user management from an open source buletin board if the license allows it. or at least see what makes it tick.

    basically you are going to have to have database with some fields that include: username, password, usergroup, and then permissions if you want to grant permissions outside the usergroup.

    If you want your site to be really secure, you should encrypt the passwords, and then the encrypted password would be stored in the password field of the entry for the use. The way I understand how they work, is that the same phrase is enrypted, but the password the user provides is the key, so that way, the passwords are still secure, but provide a way for authentication also. because when he goes to login, whatever is in the password field is encrypted and checked against what is in the database. i believe. you could also use a public key system, where the key is always the same, but the word is different. which is really less secure in my mind. because if a hacker breaks into the database, and figures out/knows the key, then he can get any password he wants, where as in a private key system, each key is different but the word is the same. I believe. I am a certain noob at cryptography and all that good stuff. but I have thought about it and written stuff out on paper about how I thought it could be made more secure with the least effort. Im sure their are a whole lot better ways, and Im sure shorty has a few tricks also.:tongue:
  • EnverexEnverex Worcester, UK Icrontian
    edited June 2006
    To be honest you're better off learning PHP. Learning it would be like trying to swim with water wings on in the kiddie pool. Downloading a pre-made system and altering that (and don't kid yourself, it WILL require lots of alteration) would be like trying to compete in the Olympic Swimming games.
  • ShortyShorty Manchester, UK Icrontian
    edited June 2006
    Enverex nailed it right there ^^^^^^^^

    The reason for the lack of pre-written systems is because it will require a complete rewrite to suit your website / application.

    Take a little time to learn PHP, it's not that hard honestly. It's a great starter language (in comparison to throwing yourself into something like ASP.net).

    Once you have got it nailed, step it up a little. Get into classes, objects and so on. Then you churn out some really killer code :cool:

    Take it as a challenge and you can with time.. do the almost impossible :D
  • GHoosdumGHoosdum Icrontian
    edited June 2006
    These three fellows are absolutely correct. Learn just a little PHP, and writing user authentication is a piece of cake - a non-encrypted logon will take you literally 15 minutes to write.
Sign In or Register to comment.