I am searching for a great PHP login class via MySQL, and I am not completely pleased with anything I have found. This prior SO question does not really address me, as I'd prefer to step back from PEAR and CodeIgniter, and merely possess a easy and small PHP class for the job.

There is a TalkPHP forum which has several to select from, however they all appear to possess something or any other missing.

  • PHP Login Class by daz: appears just a little tricky to increase, and does not support multiple user roles
  • TalkPHP.com_Login_Script.PHP5.Beta_1 by Wildhoney: looks very extensible, supports configurable user roles, but no db support and stores passwords in plaintext within an XML file!
  • authclass by Mike Granger: again, no support for multiple user roles, but does use MySQL

Now, my first instinct ended up being to just join in a re-code the final one for the reason that list (authclass), but fortunately, my second instinct ended up being to request stackoverflow :)

So here's the large question: it is possible to secure, free, multiple-user-role login class for PHP5 and MySQL that anybody is applying? Thanks ahead of time, and that i appreciate any type of comments here, even when you do not have a specific bit of code to suggest to!

Have a look at Zend_Auth:

Zend_Auth is worried just with authentication and never with authorization. Authentication is loosely understood to be identifying whether an entity really is exactly what it purports to become (i.e., identification), according to some group of qualifications. Authorization, the entire process of determining whether or not to allow an entity use of, in order to perform procedures upon, other organizations is outdoors the scope of Zend_Auth.

For any multiple-user-role (authorization) implementation have a look at Zend_Acl:

Zend_Acl supplies a lightweight and flexible access control list (ACL) implementation for rights management. Generally, a credit card applicatoin may utilize such ACL's to manage use of certain protected objects by other asking for objects.

Please bear in mind that you could take advantage of individuals without needing to invest in while using entire Zend_Framework, as it is not really a full-stack framework, and I am by no means attempting to encourage you to employ the above mentioned, or any framework for your matter. Just thought I'd mention individuals because they weren't already.

I recommend going for a consider how Drupal handles their log-operating. I am quite keen on that whole forum setup - you might have the ability to take a few of their ideas making your personal class