I am going to develop a system, which has two types of users, VISITORs and ADMINs.
First of all, which one is better, having two separate tables, one for VISITORs and another one for ADMINs, or it's better to have just one table, and separate users by a flag?
Second, which one is more better and secure, register a number (an auto number - I mean an auto increment number for primary key) when a user login, or it's better to register their username (a word)? Or maybe you know a wiser solution?
Thanks in advance.
User authentication script
should check google for authenication systems built in php. will help you a lot.
but anyways, it's according to what all the user is going to be able to do. if you just want them to be logged in, and not have anything to do, then yeah one table would be cool. if you have more than one action the user can do (view messages, check email, change layouts, etc etc), a better method would have multiple tables. An example multiple table layout would look like this :
user_table
user_table_id
user_id
is_admin - 1 or 0
user
user_id
firstname
lastname
username
password(password)
email
best method to do is use something like md5 to store passwords
next is to validate all username/password attempts to ensure proper escaping and encoding
next is to link the tables together to generate a worthy page
there are other things you can do to make your CMS (which is what i'm assuming you are building) work, and that just takes proper planning to accomplish.