php authentication - any experiences/recommendations?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I'm looking for a php authentication library/class to control access to
certain web pages on a web site. (Access controlled by username/pwd...)

There's several I've seen out there, like / /

... I'm just wondering if anyone has any particular recommendations or
unrecommendations.... I don't have a huge list of technical
requirements, although it being able to work with a standard php setup
would be nice (version 4 or 5) (i.e. avoid recompiling etc.)

(Btw, requirements currently are that users don't have to be able to
register themselves on the site; admin will make new accounts for now,
although it would maybe be handy to do that later.)


Re: php authentication - any experiences/recommendations?

Alex Hunsley wrote:
Quoted text here. Click to load it

p.s. there will be a MySQL database available as well for storing
credentials, if necessary...


Re: php authentication - any experiences/recommendations?

Quoted text here. Click to load it

Authentication is easy. In most cases, it is just a matter of comparing a
login name and password against what's stored in the database,

The trickier part is authorization, that is, determining who can do what.

I would say that it is better to implement the authentication mechanism
yoursef, given that it's such an integrated part of your application.

Re: php authentication - any experiences/recommendations?

Quoted text here. Click to load it

My package might work for you, it's free with an ad link, but you can take
that off if you donate (or have donated in the past) to the tsunami
relief efforts.

Thats it's only requirements. I've never asked anyone to supply proof, so if
you lost the receipt, it's OK. I figure there will be a few that "cheat", but
most people won't and that's good enough for me. :-) )

It's at /

I wouldn't use it in a high security area, for instance, it's not suitable
for use in bank accounts and such because it has a "send password" feature
that could be intercepted through email.

Suitable for basic membership sites though, it's designed with a "Login API"
for applications to use, it also works with vanilla HTTP authentication.  

--                     Custom web programming
guhzo_42@lnubb.pbz (rot13)                User Management Solutions

Site Timeline