PHP User Management (suggestions?)
Kyle
Lafayette, LA New
I've started looking for a pre-written script to handle user management on a site I'm starting. I wanted to ask you guys if you've tried any before and had a preference or recommendations.
Here's what I'm doing:
The site is basically a "RateMyWhatever"-like voting website where guests can view content and give it a rating and registered users can post content and leave comments. That's about all the functionality I'm looking for right now. All I want out of a prewritten script is something that handles the user login/logout/account creation and validates email addresses (confirmation link).
Any suggestions?
Oh I'm using PHP 4.4.1 and MySQL
Here's what I'm doing:
The site is basically a "RateMyWhatever"-like voting website where guests can view content and give it a rating and registered users can post content and leave comments. That's about all the functionality I'm looking for right now. All I want out of a prewritten script is something that handles the user login/logout/account creation and validates email addresses (confirmation link).
Any suggestions?
Oh I'm using PHP 4.4.1 and MySQL
0
Comments
Check out http://www.phpizabi.net
It's free and theres a lot of support for it.
The problem with API based user systems are that they never quite give you what you want. Try building your own.. makes a great way of learning PHP
basically you are going to have to have database with some fields that include: username, password, usergroup, and then permissions if you want to grant permissions outside the usergroup.
If you want your site to be really secure, you should encrypt the passwords, and then the encrypted password would be stored in the password field of the entry for the use. The way I understand how they work, is that the same phrase is enrypted, but the password the user provides is the key, so that way, the passwords are still secure, but provide a way for authentication also. because when he goes to login, whatever is in the password field is encrypted and checked against what is in the database. i believe. you could also use a public key system, where the key is always the same, but the word is different. which is really less secure in my mind. because if a hacker breaks into the database, and figures out/knows the key, then he can get any password he wants, where as in a private key system, each key is different but the word is the same. I believe. I am a certain noob at cryptography and all that good stuff. but I have thought about it and written stuff out on paper about how I thought it could be made more secure with the least effort. Im sure their are a whole lot better ways, and Im sure shorty has a few tricks also.
The reason for the lack of pre-written systems is because it will require a complete rewrite to suit your website / application.
Take a little time to learn PHP, it's not that hard honestly. It's a great starter language (in comparison to throwing yourself into something like ASP.net).
Once you have got it nailed, step it up a little. Get into classes, objects and so on. Then you churn out some really killer code
Take it as a challenge and you can with time.. do the almost impossible