On Tue, 2010-05-18 at 11:21 +0200, Michelle Konzack wrote:

> Hello PHP-Community,
> I am PHP programmer since many years and over the years, I have reinvent
> the wheel in authenification and session management at least 30 times.
> Yeah, whenever a new project started, I had to reinvent the wheel.
> So my question now is, is there a proven and secure framework which  can
> be used?
> My main problem is, that we (anything ISP  related)  authenticate  using
> PAM+PostgreSQL while the normal Web-User stuff is authenticated directly
> with a Virtual-DB based on PostgreSQL.
> Another thing I like to implement in my scripts, that users can at there
> implicit choice be permanently connected without using a password.  Also
> the script shoud detect, whether a user is connected trough a dynamic IP
> or a fixed one and sugegst a security level.
> I am already detecting the IP from the login and many customers  (mostly
> from <http://www.free.fr/>) have static IP's.
> Thanks, Greetings and nice Day/Evening
>     Michelle Konzack

I recently heard about a PHP-based authentication system called Sumo. It
might be what you need to stop re-inventing them darn wheels!


Reply via email to