Posted on by Pam Van Londen

Login and Registration Options

Readings

PHP6 and MySQL5 for Dynamic Web Sites
Larry Ullman. Visual QuickPro Guide. Peachpit Press. 2008.

Collecting and storing user data from a web site has many purposes:

  • Track the kinds of visitors and their needs
  • Target content to specific vistors
  • Restrict content to adults
  • Secure transactions, such as forum conversations, product purchases, and download copyrighted material
  • Reduce spam in unrestricted areas of a site

While user data can be stored in a file on the server, it is more secure when stored in a database. Many web hosts provide PHP and MySQL connectivity with their accounts. These accounts often provide one or more databases with multiple users who have their own login credentials for accessing the database. Management of the database is either one manually by the hosts’ staff or within an Account Management tool like Plesk or CPanel. OSU Provides one database per student/staff, which can be activated by logging into onid.orst.edu, clicking Web Database, and the Create Database button. Use the database name, userid, and password in conjunction with a connection script.

Chapter 13 of PHP and MySQL for Dynamic Web Sites provides user registration code which you may download at no cost. Refer to the printed book for implementation.

Create a Database Table for Chapter 13

The Chapter 13 code requires a database table called users, and the following SQL query can be used along with the a connection script to create the table via a browser:

// Create the table. Only needed this one time.
$blog = 'CREATE TABLE users (
user_id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
active BOOLEAN NULL,
first_name VARCHAR(40) NOT NULL,
last_name VARCHAR(40) NOT NULL,
password1 VARCHAR NULL,
password2 VARCHAR NULL,
pass VARCHAR NOT NULL
email VARCHAR(40) NOT NULL,
registration_date DATETIME NOT NULL
)';

// Run the query.
if (@mysql_query ($blog)) {
print '<p>The table has been created.</p>';
} else {
die ('<p>Could not create the table because: <b>' . mysql_error() . '</b>.</p><p>The query being run was: ' . $query . '</p>');
}

This set of scripts, like many authentication systems provides the following components.

  • Standard file structure
  • Include files to build the page layout
  • Error handling in a config.inc file
  • Data validation
  • Database connectivity with mysql_connect
  • Registration
  • Authentication
  • Login
  • Logout
  • Change password
  • Forgot password

Another component that is useful for user authentication management is an administrative view of each user’s data. Such a tool would provide the ability to insert, edit, delete, and encript passwords, as well as backup the data. phpMyAdmin is a tool provided with OSU’s ONID accounts that allows staff, students, and faculty to manage the their databases, including user authentication tables.