How to make a php http basic authentication with mysql

2018-05-30 06:26:17

This question already has an answer here:

The definitive guide to form-based website authentication [closed] 12 answers

MD5 is not the way nowadays to encrypt password. You have to look on couple functions, wich are added in PHP. This functions are password_hash and password_verify.

Authentication is pretty simple. You need to make just three classes: class of registration, class of authorization, and the class of verifying.

In registration your main aim is to create a new user: get information from the registration form, check and encrypt password, store the information in database. In authorizaton you should make just two things: get username and password from auth form and do the following - request from users where login is the login provided. Then you should encrypt passed to authorization password in the way, which was done in registration, and just compare it. If they are the same, you should create 2 cookies with login and password or with id and password. Very last file you should create is confirmation. It's very simple: just get cookies and check if password is corresponding to the ID. If it's true, just pass, else: delete cookies, coz they are fake.

It's very simple. Many examples of registration/authorization are presented on github. One, two, three.

链接地址: http://www.djcxy.com/p/3726.html

上一篇: 如何保护POST功能

下一篇: 如何使用mysql进行php http基本认证