View Single Post
Old 06-22-2007, 04:23 AM   #1
Greg
Da Guy Wut Owns Dis Joint
 
Greg's Avatar
 
Join Date: Mar 2007
Location: Texas
Posts: 3,566
Default Use Sun Sims Login

Many other features depend on a user being able to log in at the Ultimate Sims List, so this this is a core capability.

I plan to use the Sun Sims user database so that folks only need to create on login ID. The tricky part is figuring out whether a user is already logged in without opening a big security hole.

The best way to do this seems to be to use cookies. This would assume that if a user's web browser can send a correct username and password in a cookie, then that's an authorized user. If we use cookies, they'll need to expire after some time and the user needs a "logout" feature that will clear cookies immediately.

So far, so good. I already know how to query the database. Now I just need to dig up the stuff on how to hash passwords and work with cookies.


And that's the way it goes. One thing leads to another.
Greg is offline   Reply With Quote