|
|
|
Chapter 8. AuthenticationAuthentication management can be used to authenticate a session, that is, to identify the user at the client side of the session. Authentication is done inline, with HTML forms,
not with HTTP authentication (that's the browser popup you get when you hit a page protected with htaccess). Inline authentication has several advantages over HTTP authentication: - It can be undone: A session can be un-authenticated, the user can "log out".
- It can expire: A session can automatically be un-authenticated after a given idle time.
- It can be customized: You are not limited to user/password pairs. Instead you could use a customer number, operator id and a password to log in. Also, you have full control over the login screen, which is a normal HTML page with logos, help and forms as you see fit.
- It is database based. Authentication is being done against a database of your design, not a htpasswd text file.
- It is per page. You decide on a per-page basis which pages are authenticated and which aren't.
- It can be user authenticating and optionally self registering. In registration mode, a user without a valid login is encouraged to register and an account is created for this user.
- It works with CGI PHP. HTTP authentication is available only in mod_php.
- It is integrated with a permission checking scheme.
Authentication Instance variablesAccessible instance variables Internal instance variables
User Contributed Notes
Authentication
|  
|
There are no user contributed notes for this page.
|
|
|
Copyright © 2001 The PHPlib Group
PHPlib Manual
Core Functionality
DB_Sql - Database Abstraction
Authentication
PHP4 Sessions with PHPlib using session4_custom.inc*