Solved

Secure Login System

Posted on 2006-11-03
5
197 Views
Last Modified: 2006-12-05
Hi,

I wish to create a login system.

I have no requirement for membership system, as the people able to access this will be small in number and I will input their names straight into the database.

I need to have access levels associate with each person, these levels will dictate which webpage the user is directed to (I need a mechanism that will stop a user from just typing out the URL in order to access these).

I need someway of storing who is logged on.

So if person01 added something to a database I could somehow add ‘person01’ to the database so I maintain traceability as to who is doing what.

Lastly it has to be very, very secure.

Any advise, guidance or tutorials much appreciated.
0
Comment
Question by:andyw27
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 14

Accepted Solution

by:
Aamir Saeed earned 168 total points
ID: 17867276
1; You will create a table in DB like tbl_users and you will store information about all the users who will use the site.
id          name                 username              password             levels          status
1          abc                       abc                          123                   1                 1
2          xyz                        xyz                          123                   2                 0

and so on. Then you will check on each page that who is authorised for which page to visit. I mean if the user is not logged in or he is trying to directly enter the URL, he will be redirected to somewhere else like home page or so.

2; You have stored information about all users. so if a user comes and gets logged in, set his flag in DB 1 and if he gets logged out set his status 0, so this way you will be able to know who is online.

3; you can create a table like tbl_actions, if a user makes any change then you can store the information about that in this table

id               user_id               action                                           date
1                  2                      updation somewher                     11/03/2006

hope this helps,
0
 
LVL 17

Assisted Solution

by:HuyBD
HuyBD earned 166 total points
ID: 17872998
In the log_action table, you should add IP access

id               user_id               action                date                IPAccess
1                  2                      1                     11/03/2006       10.0.0.1

the action value should be an enum that was defined before
0
 
LVL 16

Assisted Solution

by:ellandrd
ellandrd earned 166 total points
ID: 17875994
lol - i have create a login system just like a few years ago.

you can download it here:

http://www.myjavaserver.com/~seandelaney/loginSystemByEllandrd.zip

just change the values in the "constants.php" under includes folder to your mysql server details.  if you dont have mysql, i can recode the complete system to use either ODBC (MS Access) or MSSQL (Microsoft SQL Server)

Ellandrd
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Building a glossary into your website 9 59
PHP $_POST vs asp request 4 57
Insert PHP into HTML page. 7 52
Can't Find The Code 15 19
Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question