I am in need of a good, free password authentication system for PHP, or failing that, some good instructions on how to make my own. All I need is a way to make you log in to view certain pages, a way to distinguish admins from regular users (for the purpose of password creation), and a way to create/modify/remove users/passwords. A logout function would be nice, but it's not a neccessity. Non-authenticated users should not be able to access protected pages.

I've done a little bit, and got something that kind of works, but it's bulky, and poor quality, but this is going to be on a production system so I need something better.

Thanks

------------------
Despite the high cost of living, it remains popular.

http://www.devshed.com/ClipScripts/results/l_2/c_11/

You may be able to use one of these, however, I do not know whether they are too complicated for your level of experience or not.

Originally posted by Sketch:
I am in need of a good, free password authentication system for PHP, or failing that, some good instructions on how to make my own. All I need is a way to make you log in to view certain pages, a way to distinguish admins from regular users (for the purpose of password creation), and a way to create/modify/remove users/passwords. A logout function would be nice, but it's not a neccessity. Non-authenticated users should not be able to access protected pages.

I've done a little bit, and got something that kind of works, but it's bulky, and poor quality, but this is going to be on a production system so I need something better.

Thanks




Not sure how to accomplish this in PHP, but I do know how to do this in ASP. Do a search at www.google.com (http://www.google.com) for '+Session +Variables +PHP'. You'll definitly need to use session variables so that the user can glide through each protected web page with ease. Another crude way of doing it would be to pass hidden forms from one page to another. Don't do that! I'm imagining that thats not a very safe way(security) of doing it, not to mention tons of overhead. btw, be sure to have an if statement at the top of each web page to make sure the user can enter the page. You wouldnt want someone typing in the url that is located inside of your protected web pages. I really don't think that you need to get someone else's software to do this. This is a relatively easy task(depending on your experience I guess) that is well worth doing yourself.

As a side note, Application variables are neat feature for a web site. For example, you can count how many people are actually looking at your web site at this very moment. I'm sure you can do tons of other stuff with Application variables, but I havn't messed around with them much.


------------------
- jeste®

How could tomorrow ever follow today?

[This message has been edited by jester (edited January 11, 2001).]

Thanks guys. I found one at PHPBuilder that's going to work for me with some modification.

------------------
Despite the high cost of living, it remains popular.