Jun

Easy Authentication system

samik PHP 2011-06-03

Authentication is a process by which you can verify if someone is that user who he claims to be. This usually involves a username and a password, but can include any other method of demonstrating identity and other extra conditions.

The identity (username) is compared to the credential (password) from a database table with credential treatments (Like PASSWORD,MD5,SHA1 etc). Depending on the match he is determined to be logged in or not. The identity and credential are taken from the identityColumn and credentialColumn form the proper table in the database.

How to use this class?

The folder structure is shown in the following image:

First of all copy “class” and “include” folders into your project folder. Now change the required data in “connection.php” and “auth.php” from the “include” folder as per your server specification.

Change connection settings as per your server configuration:

$conn = mysql_connect(hostname,username,password);
mysql_select_db(db_name,$conn);

change auth settings as per your database settings

$auth = new auth('user', array(
'adapter' => $conn, // taken from connection.php
'tableName' => table_name,
'identityColumn' => identity_column_name, // username / useremail
'credentialColumn' => credential_column_name, // password
'credentialTreatment' => 'MD5', // your preferred encryption
'extraCredentials' => '`user_status`= 1' // other conditions if any
));

In you login page copy and paste the following code:

require 'include/auth.php';
if(isset($_POST['submit']))
{
$identity = $_POST['username'];
$credential = $_POST['password'];
$auth->authenticate($identity, $credential);
if($auth->hasIdentity())
header("Location: home.php");
else
$failed = true;
}

After including the “auth.php” file it checks for the form submission. If the form has been submitted, it collects the identity and credential entered by the user. Then it passes this data to the authenticate method. This method determines the validity of the user data. If the data is valid then the user data is stored in the session.

In the restricted area (i.e. user home), in my case home.php copy and paste the following code:

require 'include/auth.php';
if(isset($_GET['logout']))
$auth->clearIdentity();
if(!$auth->hasIdentity())
header("Location: index.php");
$userDetails = $auth->getIdentity();

Here “if(!$auth->hasIdentity())” checks if user data is present in the session. If it is not there then the page will be redirected to the login page.

Note: There must not be any character printed in the page before this php snippet. Else it will through some errors.

Follow the described steps to setup the easy authentication system. If you need user details you have to just write $auth->getIdentity() and it will give you the whole user record. While you need to logout from this system write $auth->clearIdentity() and you are just out. You have to login again to view the restricted area. Use the following code to logout

if(!$auth->hasIdentity())
	header("Location: index.php");

Preview Gallery

Download Source Code

[username - samik, password - password]

admin authentication, auth wrapper, authentication class, authentication system, db auth, php, session based authentication, session class, session wrapper, user authentication

Address: http://layzend.info/blog/php/easy-authentication-system/

« Multi-Level Category Management Part-2

Multi-Level Category Management Part-3 »

http://twitter.com/shivabeach Shiva

Quite a good way to go about authorization
- Anonymous
  
  Also managing session data without conflict.
Pingback: cjytest

LayZend

This is my quick reference

Easy Authentication system

How to use this class?

Change connection settings as per your server configuration:

change auth settings as per your database settings

Preview Gallery

Download Source Code

Subscribe

Recent Entries

Categories