On Tue, 2010-05-18 at 11:21 +0200, Michelle Konzack wrote: > Hello PHP-Community, > > I am PHP programmer since many years and over the years, I have reinvent > the wheel in authenification and session management at least 30 times. > > Yeah, whenever a new project started, I had to reinvent the wheel. > > So my question now is, is there a proven and secure framework which can > be used? > > My main problem is, that we (anything ISP related) authenticate using > PAM+PostgreSQL while the normal Web-User stuff is authenticated directly > with a Virtual-DB based on PostgreSQL. > > Another thing I like to implement in my scripts, that users can at there > implicit choice be permanently connected without using a password. Also > the script shoud detect, whether a user is connected trough a dynamic IP > or a fixed one and sugegst a security level. > > I am already detecting the IP from the login and many customers (mostly > from <http://www.free.fr/>) have static IP's. > > Thanks, Greetings and nice Day/Evening > Michelle Konzack > I recently heard about a PHP-based authentication system called Sumo. It might be what you need to stop re-inventing them darn wheels! http://sumoam.sourceforge.net Thanks, Ash http://www.ashleysheridan.co.uk
