1

im currently setting up a website which will allow clients to log in, upload, respond to questions etc.

I would most like to do this with PHP and MySQL as im am most familiar with these, along with obvious HTML and CSS.

How would I create a login page? Im not looking for someone to code this for me, I like the challenge, just the process and maybe some handy tips or resources would be great, but mainly I am looking for the process of creating a client login, what do I need to consider?

Also, how would I get it to display only the stuff for them when they login?

RSM
  • 14,540
  • 34
  • 97
  • 144

2 Answers2

3

Hmm, after 3 answers that all link to insecure examples, maybe I need to add an answer myself.

First, you should properly hash your passwords with a random salt and store the hash. Luckily, you can use a good open source library for that: Portable PHP password hashing framework, phpass also see: How can I store my users' passwords safely?.

When they are successfully authenticated, create a session for them. on all subsequent request, check for a valid session. (search for php session handling on this site, it should help you get started).

For a more complete post on the topic, please read: The Definitive Guide To Forms based Website Authentication, here on stackoverflow.

Community
  • 1
  • 1
Jacco
  • 23,534
  • 17
  • 88
  • 105
  • you didn't correctly link to phpass; I added it, just in case. Anyway, +1 for pointing to the right direction since the start – Damien Pirsy Oct 12 '11 at 09:47
-1

The logic behind login is simple, when a user logs in, a session is created, where he/she will be allowed to do various things, as soon as sessions is destroyed the person is logged out.

This might help you:

http://net.tutsplus.com/tutorials/php/user-membership-with-php/

Niraj Chauhan
  • 7,677
  • 12
  • 46
  • 78
  • 2
    -1, The linked example uses unsalted MD5 and should not be used. (come on people, it's 2011, this issue was solved in 1976) – Jacco Oct 12 '11 at 09:34