having people login to a web site

rhaggert

im wondering what the diffrence is in using .htaccess and php+mysql to log people onto a site

after i get that all figured out i want to have a page prompt a user (or use html forms or something to get user name and pass that way) for name and pass. then if it is accepted they could go to other restricted pages to do member stuff and what not.

thank in advance
ryan

greg252

From what I understand, .htaccess if shadowed, is more secure than mySQL+PHP. For my purposes, mySQL has been secure "enough" to create a protected area.

1) Have user sign up.
2) there are plenty of password schemes out there to generate a logical pw.

3) insert info into mysql table.

Login-
Check number of results that match li/pw.
If number ==1, good to go, else fail.
I used a form with $PHP_SELF as action and includes to hide the variables that were being checked.
Set a cookie and on all member pages, check if cookie is there or contains certain info.

There you go.