Page 1 of 1

Need help with a project - user database and stuff like that

Posted: Mon Apr 27, 2009 4:24 pm
by JKM
Hi there,

I've been doing some basic PHP for a while and I was thinking about trying something new. So I want to try to make a basic login system that remembers IP's (auto-login) and maybe access levels (that limits what the users can see and not).

So does anyone got some tips for me? Maybe some guides good documentation for projects like this? :)

Thanks for any help.

Re: Need help with a project - user database and stuff like that

Posted: Mon Apr 27, 2009 5:41 pm
by requinix
Remembering users by IP address is a bad design - many people can have the same IP.

Re: Need help with a project - user database and stuff like that

Posted: Mon Apr 27, 2009 10:21 pm
by califdon
tasairis wrote:Remembering users by IP address is a bad design - many people can have the same IP.
And likewise, the same person can have different IPs, like when they're at work or on vacation.

Re: Need help with a project - user database and stuff like that

Posted: Tue Apr 28, 2009 5:12 am
by JKM
How should the page remember them, then?

Re: Need help with a project - user database and stuff like that

Posted: Tue Apr 28, 2009 5:25 am
by user___
One common approach is just like it is done here, in that forum. By using a cookie, but I do no recommend it, because it is insecure.

Re: Need help with a project - user database and stuff like that

Posted: Tue Apr 28, 2009 5:59 am
by JKM
It doesn't have to be 100% secure, because I could always add htaccess protection. It's more the access level and stuff like that I want to get out from this site.

I was looking at this guide. It doesn't have the "remember me"-thingy, and I could fix the access level thing with adding classes in the database. Any other guides etc. I should read?

Thanks for the help! :)

Re: Need help with a project - user database and stuff like that

Posted: Tue Apr 28, 2009 10:50 am
by user___
Look, the common way is to set a cookie that will remember the user for a period of time, but it can be easily hijacked. You should read that: http://php-mag.net/itr/online_artikel/p ... d,114.html This is about how you can secure your sessions better.

Re: Need help with a project - user database and stuff like that

Posted: Tue Apr 28, 2009 12:33 pm
by JKM
Does anyone have an example of a login page, restrict pages to logged in users and how to return the logged in user's username?