parfaitmacaron — 2013-03-09T18:29:44-05:00 — #1
I need to create a PHP register and login for my website so that only those users using my system can log in after they've registered.
Their details will be stored in a database which I have yet to set up.
I am clueless with how to go about this, I have not used PHP at all. Do I need to identify the relationships/tables in my database first (MySQL/PHPMyAdmin) or can I build this register box and login box first?
Can somebody please explain how to go about this? I'm reading up on PHP sessions at the moment.
starlion — 2013-03-11T08:36:22-04:00 — #2
The answer is... 'yes'.
(Helpful, isnt it?)
The form itself, and the database, are entirely separate entities - the one thing that links them together is the quer(ies) that you issue to get your data.
So, make your form, make your database, use sessions to keep track of the user's login status.
The question you've asked is a very broad one. I'd suggest either working on it a bit before asking for help, ask a more targeted question, or use a predefined login setup.
Some general pointers:
The password should be one-way hashed. You can hash the input to check against the database.
Session_start must be invoked on every page in which you want to use the data in, OR update the timer on, your session.
parfaitmacaron — 2013-04-11T18:51:28-04:00 — #3
Thank you very much for your reply. I am in the process of sorting the relationships at the moment. How do you know whether or not your relationships for the database are correct?
Thank you for the pointers. They are very useful. I've done some research on different password hash methods in PHP and I've discovered MD5, Sha1 and Bcrypt. I read how if I do MD5 and add a salt, it makes it almost unbreakable. Reckon I should go for MD5 technique then? Thanks!