Solved

Best way to make a login for an AJAX, PHP, Javascript site

Posted on 2009-05-19
2
271 Views
Last Modified: 2013-12-12
Hey guys, not sure if this question has been answered before but It's a little broad. I am looking for the best way to make a login for my site. Right now the site is all html pages that connect to javascript pages which run ajax to connect to PHP pages when needed to update the server (when on one of the users writes articles or something). Right now there is no login for the website, but I eventually think it would be good if people could make a profile and have their own little space. I think that this would require some sort of login system which runs from page to page. I don't know much about making a login system based off of sessions or if there is a way to pass session variables from PHP to javascript.

My question is, is switching all of the HTML pages to PHP and then trying to create a SESSION based login system good? Or is there some better system that currently uses AJAX, and PHP like I am using now? Could you also tell me why you think your solution is the best? Which one is easier to implement and faster to load? Also, which one will be more secure?

Thanks guys,
Rick
0
Comment
Question by:Sucao
2 Comments
 
LVL 27

Accepted Solution

by:
yodercm earned 500 total points
ID: 24427852
http://php-login-system.com/  

This is a customizable login system that some interns of mine developed.  It can be embedded into any mysql-based system.  I'd be delighted to have a beta-test of it.

The website and paypal part is still under development, but the actual code is ready.  If you would like to try it out, use the Contact Us.
0
 
LVL 31

Expert Comment

by:Frosty555
ID: 24428492
You will need to use PHP sessions at one point or another. But you may be able to just set and check the session var in your existing PHP pages (the ones called via ajax). Have those PHP pages deny access if the user isn't logged in, and then have error handlers on the html pages to handle those events.

If you have trouble getting the sessions to register on your pages, you may need to rename all your pages from .html to .php, and register the session in them. But no further code changes should really be necessary.

Don't try to implement the login code in javascript on the client side. It must be the PHP side that decides whether sensitive data makes its way to the client. Once its on the client side, no amount of javascript can really protect it. It's not secure to implement login or access restrictions on the client side.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Communication between departments might not happen in two different languages, but they do exist in two different worlds. With different targets and performance goals the same phrase often means something completely different to each party. Learn ho…
Transparency shows that a company is the kind of business that it wants people to think it is.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now