got an idea, need some help

morbidchick · 2003-04-02T18:27:41+00:00

Hi all I need some help with an idea. I am wanting to allow people access to my website by using a pin code. The problem I am having is that I need the pi...

got an idea, need some help

Sxooter

Originally posted by morbidchick
thanks Sxooter I dont like the idea of cookie ne way.

I dont have and cant use Postgresql.

Do you have any database you can use? If not, then you can just do plain text file with flock(). and write a file with lines something like:

a3cto3 1046736000 1046739600

where the two numbers are time stamps for the beginning and end period. You gotta use flock when writing so your file don't get clobbered.

Are you familiar with fopen/fwrite/fputs/fgets/fread/fclose/flock ?

see http://www.php.net/manual/en/ref.filesystem.php

Sxooter

How much control of this "other server" you mention do you have? If none, then you should look at reverse proxying the server with your apache server, which isn't very hard to do at all, and applying httpd authentication on top of it all on your own server.

Easy as pie.

Then you just make a few scripts to add / remove accounts from your htaccess files as you go along. when their times up the cron job takes them outta the list and they can't log in. Make a custom error page toss them into the "enter cc number here for more hbspgg action pics" screen. :-)

morbidchick

going to use mysql, but how scalable is it?

Sxooter

in a mostly read environment, it's pretty good, when you start writing to it much it can slow to a crawl and become unresponsive.

But it's still better than rolling your own, so to speak.

morbidchick

so in total what would be the best way to develop the full system that I need?

Sxooter

Well, you still haven't answered my question about the second system you'll be sending folks to. Is it yours, external, etc... Can you get it to time out on it's own after a while? Can you set up reverse proxy's in your apache for this?

Generally, what you need is to create a table like the one I mentioned earlier, but with MySQLisms in the place of Postgresqlisms (there was only one or two I can think of.) And do it the way I showed there. The whole system is a fairly decent undertaking. Are you doing it all yourself?

morbidchick

I will be sending people to a range of external websites, through to their members area.

I am going to have to build it myself im a nOOb at php and i cant afford to pay a developer to do it for me.

its a bit upsetting really

Sxooter

Well, no time like the present to learn.

What you really need is to figure out which methods are best for what you're trying to do, and implement them one piece at a time.

If you can admin your own apache box, then reverse proxying the other sites is the best answer, as it lets you run all the authentication on your box, and and the user never knows they are getting content from elsewhere, as it all seems to be coming out of your apache box.

Of course, then you'll be handling bandwidth charges for all the outgoing connections, and that might not be cheap.

morbidchick

The only other way I can think is to add the pin to the external webiste but I dont know which are the most common access methods and I dont know how to place the pin on the website.

The next thing would still be the time issue

your help and others has been a great help thank you all.

leatherback

Hm..
Just thinking, and I am not sure whether this is at all possible...

Use a frameset: Topframe with a meta-refresh, but 0 pixels high (So not visible). Refresh this say every 5 or 10 seconds. This you will use to register time left, say through a session. Once people log off, you register the time left in a DB table with user / pin / time left

In the bottom from you include the page you refer to. (And I mean include. NOT link. So you have your own page in the bottom frame, which has as only content the PhP include command
for the page you want to show.

This is of course also only if people have entered the right password, registered in the session. If I am correct, sessions are not registered on the user system, and cannot be faked (Maybe somebody can confirm this??). So then you have a fairly foolproof system?

Once the time in the top frame has run-rout, you can reload the whole page, and load a "buy-more-time" frame.

Hope this helps?

morbidchick

thanks leatherback that sounds the best way kinda an idea someone I know had.

So would the page in the top frame be php and how do you set up a session to time??