Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Best way to make a login for an AJAX, PHP, Javascript site

Posted on 2009-05-19
2
276 Views
Last Modified: 2013-12-12
Hey guys, not sure if this question has been answered before but It's a little broad. I am looking for the best way to make a login for my site. Right now the site is all html pages that connect to javascript pages which run ajax to connect to PHP pages when needed to update the server (when on one of the users writes articles or something). Right now there is no login for the website, but I eventually think it would be good if people could make a profile and have their own little space. I think that this would require some sort of login system which runs from page to page. I don't know much about making a login system based off of sessions or if there is a way to pass session variables from PHP to javascript.

My question is, is switching all of the HTML pages to PHP and then trying to create a SESSION based login system good? Or is there some better system that currently uses AJAX, and PHP like I am using now? Could you also tell me why you think your solution is the best? Which one is easier to implement and faster to load? Also, which one will be more secure?

Thanks guys,
Rick
0
Comment
Question by:Sucao
2 Comments
 
LVL 27

Accepted Solution

by:
yodercm earned 500 total points
ID: 24427852
http://php-login-system.com/  

This is a customizable login system that some interns of mine developed.  It can be embedded into any mysql-based system.  I'd be delighted to have a beta-test of it.

The website and paypal part is still under development, but the actual code is ready.  If you would like to try it out, use the Contact Us.
0
 
LVL 31

Expert Comment

by:Frosty555
ID: 24428492
You will need to use PHP sessions at one point or another. But you may be able to just set and check the session var in your existing PHP pages (the ones called via ajax). Have those PHP pages deny access if the user isn't logged in, and then have error handlers on the html pages to handle those events.

If you have trouble getting the sessions to register on your pages, you may need to rename all your pages from .html to .php, and register the session in them. But no further code changes should really be necessary.

Don't try to implement the login code in javascript on the client side. It must be the PHP side that decides whether sensitive data makes its way to the client. Once its on the client side, no amount of javascript can really protect it. It's not secure to implement login or access restrictions on the client side.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

"Disruption" is the most feared word for C-level executives these days. They agonize over their industry being disturbed by another player - most likely by startups.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to count occurrences of each item in an array.

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question