JDT |
FREE Downloads |
|
Using PHP and MySQL to Create a User Authentication System - Part 3 - File Descriptions |
||||
|
The user authentication system is available as a free download. The system uses object oriented programming techniques, allbeit a very simple interpretation. user_class.phpThe main file in the user authentication system is user_class.php. This file contains methods (functions) to enable people to register, access private/restricted pages, and update their user profile (name, email address, and password) once they are registered. Other files access this file, either directly, or indirectly through other files. Registration ProcessFrom the home page (index.php), visitors to the web site have the opportunity to register (using register.htm). The registration process involves recording an email address, name, and a password (which has to be entered twice). These details are passed from register.htm to regcomplete.php, which creates a new instance of the User class and then calls the register method in user_class.php. If the user tries to register using an email address that already exists, registerfailed.htm is called. Logging On Process and Accessing Web PagesA user can log on by entering a valid email address and password combination in login.htm. Allowing or preventing access to web pages The checkAccess method in user_class.php is used to check that a valid email address and password are 'active'. The checkAccess method can be called from any web page by including the following PHP code at the top of the page before the HTML tags start.
<?php The checkAccess method first checks to see if the user has just entered (posted) an email address and password on the login screen. If an email address was not posted, the $email and $password variables are set using the values stored in the useremail and userpassword cookies. If an email was posted, the $email and $password variables are used to set the values of the cookies. A database check is then carried out to see if the email address and password are valid. When logging in, a user has the opportunity to select the 'Remember me' check box. If this is selected, useremail, userpassword, and rememberme cookies are set up, with expiry dates way into the future. This means that the next time the user visits the site, he/she does not have to log in because the checkAccess method will be able to see that the cookies are already set and will allow the user to view the web page that is calling the checkAccess method. If logout.php is called, the cookies are cleared, meaning that they will need to be reset (via login.htm) the next time the user wants to access a protected web page. Changing a User's ProfileA user can update his/her registered email address, name and password by using updateDetails.php, which calls the updateDetails method in user_class.php. This method then calls updateDetails1.php, which in turn calls the updateDetails1 method in user_class.php. Getting a Password ResetIf a user forgets his/her password, the software can generate a new one for him/her (using newpassword.htm). In a 'real' environment, the new password would be emailed to the user, but in this test/development system, the email is displayed on the screen. The code exists to change things so the password is emailed - simply follow the instructions given in the genPass method in user_class.php. Author: Backrubber Reference: user_class.php is based on functions described in the book 'Apache, MySQL, and PHP Web Development for Dummies', by Jeff Cogswell (ISBM 0-7645-4969-3). Go back to MySQL Tutorials home page Go back to Tutorials home page
|
|
