help on a php authentication script

natp74

I have made a simple authentication php script, which is require login name, password and a valid number.
How can i control the acceptance of the new member by checking from a central computer the valid number(which will be different every time) every time, and then i will give him permission to go to the next page?

Anon

How do you figure he is going to get the valid number?

natp74

He will give a number and someone on a central computer will check its validation every time he loggs in

Anon

Are you saying that you will have someone manning a computer 24 hours a day? This seems to defeat the purpose of automated Authentication. Not even the Pentagon has something like this set up.

Here is what I suggest-

Have a login page. The person then enters their username and password. PHP will then open a database up and look for a match, if there is no match, then they are redirected using the header function to an ERROR page. If there is a match, then a Session is started using PHP's Session Management capabilities. The session can be written in such a way that they cannot simply bookmark the hidden pages and return without loggin in. This is the usual way of authenticating a user without someone having to pay a staff to sit at a computer terminal for 24 hours a day. PHPLIB also has a built in Authentication system that you can set up and use without very much configuration.