Greetings everyone.
I am a college student studying in the University of Technology, Sydney.
PHP is not in my studying plan, I am taking subjects about J2EE in this semester.
However I do have a strong interest into studying PHP, which is a world-famous open-source server scripting language, and started my personal "lab" online:
mattmao.php0h.com
One of our group assignment requires a secured and restricted section inside my site, so that only the members of my group will grand the access to that particular section.
To make this simple user authentication done, I have been thinking about it during these days and figure out one "too easy" approach:
Embed the list of usernames and passwords in a .xml file called "entrycheck.xml" and put it inside my server's root folder.
Then, use php to generate a entrycheck.html page which will compare the user input from client side against the existed list on server side to tell if this user can be given the access to the restricted area.
Then any http requests from that client (or from that session) would be accepted so they can enjoy posting threads later (I uploaded a SMF forum into my site, and, I found they didn't allow it, so I have do "hard-code" a functionality that can solve this problem).
I had no knowledge about internet security and user authentication at all, so this little job is pretty hard for me at such an early stage of learning PHP.
I know my design is too awful, too simple and hackers-prone, I just cannot introduce another tier of the MySQL database. I am running out of time to study yet another brand new computer language little by little from the scratch...
Thus, I have the question, is my design "conceptually acceptable" and "feasible"? Any suggestions upon this?
I got experience with J2SE and am doing JSP/Servlet programming, but there are few web hosting services that support J2EE so I must use a free PHP hosting service to work it out.
Many thanks for any help in advance...
Regards,
mattmao
------------------------------
I should have searched through the forums before asking for help, I got some good solutions from other threads. But they are a little bit "sophisticated" to me.
Like this one:
http://www.thescripts.com/forum/thre...ntication.html
and some more...
I am confused with the languages in my head...