There have been many occasions in which I have had to setup Web Authentication for websites or particular web pages. In this article, I will tell you how I set up web authentication using PHP and MySql and where the real power lies in this technology.
After you have had a website setup for awhile, or perhaps just when you are getting started, there will be a time when you need web page or entire website authentication. Web page authentication enables you to setup your web pages so that they can only be accessed by those who you would like.
Of course, there are some rudimentary ways to do this. For example, if it is just for yourself, you can simply go to the administration panel of your website (many hosts like Hostgator refer to this as your cPanel), and choose to password protect a directory. However, you often need more granular control like the ability to password protect certain pages.
When you need this type of granularity, the approach I like to use is web authentication using PHP and MySql. You could of course take lots of time in trying to design a solution yourself…but why would you? There is already a great solution out there for you and it is called the PHP Login Script.
This program is terrific in achieving its stated goal which is to be:
A simple home made PHP/MySQL login script to protect your web page content from spam and bot registrations so that only registered users can view the content of your site.. It is free of charge and you can use it on any commercial or personal projects!
For me, however, the true power of this script goes well beyond its simple intention.
Once you have implemented the PHP Login Script, you can not only protect your website or your web pages, you can also tailor database output for each user based on the session variables automatically created by this program.
If that all sounded too complicated, not to worry. I just mean that you can have one page, for example mypage.php, and customize the output of that page for them. We will look at how to do this below.
First, let’s a look at the PHP Login Script.
Web Authentication Using PHP and MySql with the PHP Login Script
When many people see the terms PHP and MySql, they run for the hills. Understandably, unless you are a programmer, many of the terms that you will come across can take some getting used to. However, as an SEO specialist, or web admin, knowledge of PHP and MySql will take you a very long way.
While I am not going to go into the details of this PHP Login Script, as this is outlined rather well on the author’s website, I will tell you that you can implement this script within an hour if you know how to setup a database on your website (you use cPanel to do this on most hosts), modify text files, and upload them to a directory on your website.
After you download and extract the program files, simply follow the instructions exactly and you will be all setup.
Obviously, you will want to test and customize this application considerably before you implement it on your website. Thus, I recommend that you create a temporary directory to install and test this application. Once you see how it works, you can customize the look and feel of the application to your website and then implement it.
As the instructions state, you simply need to implement the following lines at the beginning of each page where you want the users to be authenticated:
<?
include ‘dbc.php’;
page_protect();
?>
As I mentioned though, the true power of this application is much more than simply authenticating a group of users for access to a particular web site or page. The true power comes from using this authentication database to provide customized information to your users.
Customizing Content for Users Using PHP and MySQL Authentication
In this section, I will give you an idea of how you can integrate the PHP Login Script with your a customer database to provide customized output based on who is logged in. This is not a comprehensive tutorial but rather an overview of how you can make this happen.
After you have implemented the PHP Login Script, you will notice that each user has a “My Account” page. The page is the same for everyone and it is called “myaccount.php”.
However, you also will notice that this page only provides data relevant to the user who is logged in at that time. This is done through something called a PHP session variable.
The PHP session variable contains the information about that particular user. To leverage the hidden value of the PHP Login Script, you simply need to use that session variable to provide detailed information only for that user.
For example, let’s say that you have a database that sells movies and you want to show the logged-in user what movies that they have already purchased on their page. You simply need to integrate the id field implemented with the PHP Login Script to your database scheme.
As a remedial example, let’s say that you have a database with a CUSTOMERID field (equal to the ID field within the users table created by the PHP Login Script) and a MOVIESPURCHASED field.
To show the movies purchased for each user on their home page, you would then add the following line to the myaccount.php page.
$tempid = $_SESSION[‘user_id’];
…and your MySql statement would look something like this:
SELECT * FROM moviespurchased WHERE customerid=$tempid
In this way, you can leverage the PHP Login Script to be your customer database and then use it to provide customized output for users.
Web Authentication Using PHP and MySql: Summary
As a website owner, you will invariably come to a point where you need to provide access to certain files or directories only to certain people. Your web host provides this ability but only with very basic “directory authentication”.
If you want to get more granular, and implement page specific web authentication using PHP and MySql, the best application to do this is the free PHP Login Script. It provides all that you need to authenticate users, including a Captcha script to prevent spam bots.
And, if you dig under the hood a bit, the PHP Login Script does much more than this. It can become your centralized user database allowing you to provide customized web content to your users.
3 Comments on “Web Authentication Using PHP and MySql”
Pingback: Blogging Tips From Expert Bloggers - How To Use Trackbacks Effectively | Aspiring FEMpreneur
I very much wish more home recording learning materials were geared toward newbies who aren’t electrical engineers.
My question is how can you use this to integrate with LDAP? For example, if you have LDAP authentication already using apache how can you pass those credentials using the php and mysql user table?