Hello Dev Network:
I'm working on an authentication script (and possible admin area) for my design website. I'm envisioning a login for my customers, so they can preview their websites without my having to turn them loose in the wild. It's easier to collect the money due when you still have control of the files...
I'm thinking of the problem like the Amazon model. When I log in, it takes me to my own "area", with my specific wish lists and information. That's what I'd like to do with my customers. When they log in, it redirects them to their own area, and lets them view their files only.
I understand the login and admin scripts I'm looking at, but this part I'm a little stumped on.
Thank you,
Trevor
Keeping logged-in users in their own directory
Moderator: General Moderators
when they log in you'll assign a session variable to them that contains an id unique to them. you could do this a couple different ways....one you could create a new folder for all of their 'personal files' and check all of the files in there against their unique id to make sure they're not crossing into someone else's folder. or you could build a database control to check the unique id against items in the database (this is the way I'd do it).
Pegleg:
Thank you for the advise, I've at least got a rough idea now. When a user is added to the database, she or he is given a unique ID, and that could be used to make sure they're in the right folder, correct?
IE, if User A's ID is 1, then write a comparision script in the pages that compares the logged in user's ID with the Unique ID number assigned to that folder. If they're not equal, the user is redirected to the login page.
Anyone reading, please jump in and correct/chastise/beat about the head and shoulders if I'm way off base. I've been using PHP for about six or seven months, and this is just at the far reach of my understanding.
Thank you for the advise, I've at least got a rough idea now. When a user is added to the database, she or he is given a unique ID, and that could be used to make sure they're in the right folder, correct?
IE, if User A's ID is 1, then write a comparision script in the pages that compares the logged in user's ID with the Unique ID number assigned to that folder. If they're not equal, the user is redirected to the login page.
Anyone reading, please jump in and correct/chastise/beat about the head and shoulders if I'm way off base. I've been using PHP for about six or seven months, and this is just at the far reach of my understanding.