OOP login system

Ryodox

Greetings,

I'm working on a project with a friend, and the first sticking point I've come across is how to design the login script. I am wanting to make it as flexible as possible and am using an object-oriented approach (with MySQL) to that end.

I have a users table in MySQL that holds various information about a user. I have a user class that is designed to grab this information for use on the website, as well as perform various functions such as to add, edit, and remove a user. What I'm trying to figure out is how it should interact with $_SESSION variables to determine if the user's logged in, what permissions the user has, and to log a user in and out as appropriate. Could anyone here with experience with this provide a model to go by in this regard?

kender

on the login page assign the variables

$_SESSION['logged'] = "Yes"; // logged in
$_SESSION['permissions'] = "Full"; // or 1, 2, 3 if you have it categorized in groups

then on the other pages

if(isset($_SESSION['logged'])) {
 // what to do if they are logged in
  if($_SESSIONS['permissions'] == "Full") {
    // what to do with full permissions
  } elseif($_SESSION['permissions'] == "Some") {
    // what to do with some permissions
  } else {
    // what to do if neither of those
  }
} else {
 // what to do if they are not logged in
}

laserlight

Ryodox wrote:
I am wanting to make it as flexible as possible and am using an object-oriented approach (with MySQL) to that end.

Of course, I assume that for flexibility you have some amount of database abstraction so that you can later more easily swap to use say, PostgreSQL.

Ryodox wrote:
I have a users table in MySQL that holds various information about a user. I have a user class that is designed to grab this information for use on the website, as well as perform various functions such as to add, edit, and remove a user. What I'm trying to figure out is how it should interact with $_SESSION variables to determine if the user's logged in, what permissions the user has, and to log a user in and out as appropriate.

What is the interface (i.e., non-private member functions, but no need to show their implementation) and member variables of your current user class? What kind of permission system are you using?

Ryodox

laserlight;10913230 wrote:
Of course, I assume that for flexibility you have some amount of database abstraction so that you can later more easily swap to use say, PostgreSQL.

Well, to tell the truth it's not really a project meant for distribution, but I suppose I could use database abstraction if it's not too much extra work. As it is now I'm using mysqli.

What is the interface (i.e., non-private member functions, but no need to show their implementation) and member variables of your current user class? What kind of permission system are you using?

The User class has fields for the id, name, level, user group, and two other fields from the database that aren't relevant to the log-in. It's got methods to add, remove, and edit a user, along with one to fetch the user's information from the database to fill the class's fields.