	Login		Register

Mafia Session

Recommend this page to a friend!

Stumble It!

Bookmark in del.icio.us

	Author

Name:	Marcelo Costa `<e-mail contact>`
Packages:	9 Browse all classes by Marcelo Costa
Country:	Brazil - PHP jobs in Brazil
Age:	???
All time rank:	347	30 in Brazil
Week rank:	295	17 in Brazil

Innovation award

Nominee: 1x

	Detailed description		Download .zip .tar.gz

This class can be used to authenticate Web users securely.

It creates a key encoded with SHA1 based on the IP address and the current time when an user accesses the login page.

The key is used to generate a salt value that is used to encrypt the password that the user enters in the login form.

On the server side the class uses the same salt to verify whether the password entered by the user matches the password stored in a database.

If the authentication is successful, the class starts an authenticated user session.

The login keys, user and session information is stored in a database. Currently the class supports either MySQL or PostgreSQL databases.

Classes of Marcelo Costa

Mafia Session

Download .zip .tar.gz

Support forum (1)

Blog

Latest changes

Name:	Mafia Session Support forum
Base name:	`mafiasession`
Description:	Secure user authentication encrypting password
Version:	`1.0`
PHP version:	`5`
License:	BSD License
All time users:	3244 users
All time rank:	950
Week users:	3 users
Week rank:	923

	Groups		User ratings		Applications		Related links		Files

	Groups

PHP 5	Classes using PHP 5 specific features	View top rated classes
Databases	Database management, accessing and searching	View top rated classes
User Management	User records, authentication and session handling	View top rated classes
Security	Security protection and attack detection	View top rated classes

	Innovation Award

PHP Programming Innovation award nominee

February 2007
Number 3

Prize: One copy of the Zend Studio

Authentication is an aspect that concerns developers implementing sites that require high security level.

Using SSL avoids the eavesdropping problem caused by the possibility of having an attacker sniffing the connections to a Web site to steal user passwords. However, not every site owner can afford buying and renewing SSL certificates every year.

This package offers a solution that avoids the need for SSL certificates. It uses session keys to encrypt the user passwords before submitting a login form to the server.

Manuel Lemos

	User ratings

Ratings	Utility	Consistency	Documentation	Examples	Tests	Videos	Overall	Rank
All time:	`Not sure (50.0%)`	`Insufficient (33.3%)`	`Insufficient (25.0%)`	`Insufficient (25.0%)`	`-`	`-`	`Insufficient (33.3%)`	2202
Month:	Not yet rated by the users

	Applications that use this class

No application links were specified for this class.

If you know an application of this package, send a message to the author to add a link here.

	Related links

Link	Description
OOE	Framework with security session implements
PDO_EXT	It provides one class that extends the PDO database access abstraction class to simplify the execution of SELECT, INSERT, UPDATE and DELETE queries.

	Files

File	Role	Description
`class_pdosession.php`	Class	version 2.0 for pdo driver
`base64.js`	Data	javascript base64
`class_mafiarelbd.php`	Class	base sql class
`class_mafiasession.php`	Class	main class
`class_mafiasql.php`	Class	sql class
`class_pdo_extension.php`	Class	pdo extension class
`leiame.txt`	Doc.	readme
`login.php`	Example	login form exemple
`mafiasession.php`	Example	exemple script
`md5.js`	Data	javascript md5
`mysql.sql`	Data	mysql database script
`pgsql.sql`	Data	postgres database script
`sha1.js`	Data	javascript sha1
`_autoload.php`	Conf.	setup script
`_autoloadpdo.php`	Data	pdo.php

Download all files: mafiasession.tar.gz mafiasession.zip
NOTICE: if you are using a download manager program like 'GetRight', please Login before trying to download this archive.

Advertise on this site

For more information send a message to info at phpclasses dot org.