Nathan W. Ho

PHP/MySQL Sessions and Web Authentication
By Nathan Ho

I've taken the basic concepts (and functions) from Ying's session management (http://www.phpbuilder.com/columns/ying20000602.php3) and built a web authentication scheme around it. If you find this solution to be of use, then please feel free to use it!
This tutorial is a work-in-progress. If you find something missing, or have a question, feel free to ask me!

The first thing I would suggest you do is to read over Ying's tutorial at the above site - I'll cover some of the details of it, but I'm going to assume that you have a handle on the basics of what sessions are, and how to use PHP.

Assumptions:

• You have a webserver that supports PHP and MySQL
• You have an understanding of basic web programming, including: html, PHP, and MySQL
• You need a solution that can be used in a web-cluster (multi-server) environment, or simply want more flexibility than normal Apache authentication allows (such as a clean logout solution).

Some good foundational reading: (but not required)

• Ying Zhang's PHP/MySQL Sessions tutorial
• PHP.net: Session Handling Functions

Okay, so on to the tutorial!