Solved

Best way to make a login for an AJAX, PHP, Javascript site

Posted on 2009-05-19
2
278 Views
Last Modified: 2013-12-12
Hey guys, not sure if this question has been answered before but It's a little broad. I am looking for the best way to make a login for my site. Right now the site is all html pages that connect to javascript pages which run ajax to connect to PHP pages when needed to update the server (when on one of the users writes articles or something). Right now there is no login for the website, but I eventually think it would be good if people could make a profile and have their own little space. I think that this would require some sort of login system which runs from page to page. I don't know much about making a login system based off of sessions or if there is a way to pass session variables from PHP to javascript.

My question is, is switching all of the HTML pages to PHP and then trying to create a SESSION based login system good? Or is there some better system that currently uses AJAX, and PHP like I am using now? Could you also tell me why you think your solution is the best? Which one is easier to implement and faster to load? Also, which one will be more secure?

Thanks guys,
Rick
0
Comment
Question by:Sucao
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 27

Accepted Solution

by:
Cornelia Yoder earned 500 total points
ID: 24427852
http://php-login-system.com/  

This is a customizable login system that some interns of mine developed.  It can be embedded into any mysql-based system.  I'd be delighted to have a beta-test of it.

The website and paypal part is still under development, but the actual code is ready.  If you would like to try it out, use the Contact Us.
0
 
LVL 31

Expert Comment

by:Frosty555
ID: 24428492
You will need to use PHP sessions at one point or another. But you may be able to just set and check the session var in your existing PHP pages (the ones called via ajax). Have those PHP pages deny access if the user isn't logged in, and then have error handlers on the html pages to handle those events.

If you have trouble getting the sessions to register on your pages, you may need to rename all your pages from .html to .php, and register the session in them. But no further code changes should really be necessary.

Don't try to implement the login code in javascript on the client side. It must be the PHP side that decides whether sensitive data makes its way to the client. Once its on the client side, no amount of javascript can really protect it. It's not secure to implement login or access restrictions on the client side.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Ajax on ASP 2 66
How to hide contact form only if no validation errors 4 63
What kind of script/language created this graph? 6 63
Developers / Staff Setup 10 40
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
This article discusses how to implement server side field validation and display customized error messages to the client.
The viewer will learn how to dynamically set the form action using jQuery.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question