I am creating a MySQL database with a php frontend. The system is used by our staff to log data into the database and run queries, all throug a browser. This system is basically to replace a current Access "database." I am using SSL. I've read aout authentication and there are multiple ways to do it. I did not see anyone using the user GRANT database in MySQL (i.e., MySQL.user) to authenticate. I would like to use the GRANT tables directly to authentiacte instead of creating a separate user/password file. Is this wise to do? Are there articles that can help me decide the best way to implement authentication?
This is my idea. Create a simple form with username text field and a password password field. Once the form is filled, I take the username/password fields and use them as paramters to connect to the database using the mysql_connect function, along with the host name. If the connection is succesful, I know the user is authorized. If not, I prompt the user to re-enter the fields.
This form sits in a self-invoking script. I check first to see whether the user/name values are set. If they are, the script go on. If not, the login form is invoked. This way, I check for the values of username/pasword each time the script invokes itself, and hopefully, this way I need to authenticate only once.
Can you please help!
