Hello good folks,

I'm looking to incorporate user authentication into my site, nothing seriously high security, but a password system all the same.

Therefore, I've started reading the mass of articles on O Reilly about security issues, but the more opinions the better. So, are there are any articles/tutorials out there about creating a login system in PHP that you have thought were useful?

Cheers.

The best way to learn anything like this is really to just sit down and try to code it yourself...see what problems you run into and look for help with those specific problems. A simple authentication script is not too difficult to write...You'll need a form for the user to login, a form to add/delete/modify users and a database to store the user's information. When the user attempts to login using your login form, the information will be compared to the information in the database and if it matches access will be granted. You can track whether or not a user has successfully logged in using a session variable and just check for that variable at the beginning of each page. If the variable is set, they've logged in, otherwise they haven't and should be redirected to your login form.

there is already a form for a login if you dont want to make one.

Header("WWW-Authenticate: Basic realm=\"MyLogin\"");
Header("HTTP/1.0 401 Unauthorized")

$PHP_AUTH_USER and $PHP_AUTH_PW exist then for use as described above.