1. If you're receiving a message that you are banned from the Current Events or Politics forums, it's not you specifically: those forums have been hidden for all users. For more info, see here.
    Dismiss Notice

Another HTML question..

Discussion in 'Programming & Software Development' started by zeuss, Oct 3, 2002.

  1. zeuss

    zeuss Member

    Joined:
    Jul 1, 2001
    Messages:
    275
    Location:
    Hawthorn East, Melbourne
    Hi all,

    I've been looking around on the net for an answer to this HTML question but I think I've found a little too much information, so I thought I'd ask here.

    I'm building a web site for a project at Uni. The site uses CGI(Perl), PHP, an Oracle DB, HTML and some JavaScript. Registered users should be able to log into the site to gain access to the range of features offered. My question has to do with the login and validation system (The actual features have already been built).

    Can anyone recommend a simple way to have a user log into the web site (via a form) and then be able to access custom content based on their username/password? I've thought about using cookies, however when the user exits the browser they need to be automatically, instantly logged out, and i don't think cookies allow this. I also want the user to be able to log out manually, and I think the username/password should be transparently checked on each page the user visits to ensure they're a registered user. Any suggestions for a good way to do this?

    Thanks for your help,
    ZeUSS.
     
  2. amobea

    amobea Member

    Joined:
    Jun 18, 2002
    Messages:
    489
    Location:
    Adelaide
    My crappy phpskills suggest this

    session_start();

    if (!session_is_registered("counted"))
    {
    session_register("counted");
    }

    That should handle the session so it logs out automatically
    Manual log out i'm sure you could do with similar code

    as for access level

    add an access level field to where your storing the userlist

    call the access level
    set a variable to it

    $load = accesslevel;
    include "$load.inc";

    where there is a accesslevel.inc file containing the custom content for each access level

    i'm not great at php - only started a week ago

    but thats how i'd do it...
     
  3. DRILL SGT

    DRILL SGT Member

    Joined:
    Feb 21, 2002
    Messages:
    508
    Location:
    Brisbane
    For the user to have security I suggest using PHP validation system, although don't get me wrong Server Side scripters, CLIENT SIDE STILL OWNZ J00 :D
     
  4. Tanus

    Tanus Member

    Joined:
    Jun 27, 2001
    Messages:
    923
    Location:
    Melbourne
    Use sessions.

    When you get the password for someone out of the database, also get their access level (ie store their access in the password with their username/password).

    My user system works basically like the following

    PHP:

    $access 
    Authenticate($user$pass)
    if( 
    $access ) {
        
    let user do something
    }
    if( 
    $access ) {
        
    let them do something else
    }

    function 
    Authenticate($user$pass)
    {
        
    $query "SELECT access FROM users WHERE password='$pass' AND username='$user'";
        
    $result mysql_query($query);

        
    fix up the result to get the record
        
    if($result == NULL) {
            return 
    0;
        }
        else return 
    $result;
    }
     

Share This Page

Advertisement: