|All requests||>||user authorization||>||Request new recommendation||>||Featured requests||>||No recommendations|
by Kanwal Naz - 5 years ago (2015-04-01)
I wish to learn the user authorization process with login attempts check, I have created a simple user login function that on successful login redirect to welcome page but this didn't restrict wrong submitted password. my code is as under: <?php
Features: -Class for groups management(validation, creation, suppression) -Class for users management(registration, validation, creation, suppression) -Management area based on user's role, actually it is set on Admin allowed only(fully used of ajax only) -Users registration with ajax using PDO to connect to MySql *check of already used mail or already used username (ajax) *send of validation mail(ajax) -Users connexion with ajax using PDO to connect to MySql *check of username existence(ajax) *check of true password(ajax) *check of access time (ajax) with message to tell you when to connect if you can't at the moment you try. *not register? link *forget password link -Users password recovering page and reset mail sending using ajax *mail prompt *password changing after mail validation with unique id -Management of users *Edit properties like activation statut,role,password,group for access time etc... *Add a new user *Delete an user -Management of Groups *Edit properties like name,description,access time,access time recurrence,starting date to apply the access time, etc... *Add a new group *Delete an existing group.
I have a few methods for dealing with users in my MySQL database class. I currently use the MySQL password() function on my passwords, though, so you might not want to use it if you are storing plain text.
Anyway, the authorize("user", "pass") method check to see if the given username & password exist in the users table of the database and if they are unique. If so, it returns an associative array of that user, but if not it returns false.
Hope that helps.