Class: Mafia Session

Recommend this page to a friend!

Stumble It!

Bookmark in del.icio.us

Classes of Marcelo Costa

Mafia Session

Download .tar.gz .zip

Support forum (1)

Blog

Latest changes

Name:	Mafia Session Support forum
Base name:	`mafiasession`
Description:	Secure user authentication encrypting password
Related classes:	ssl, secure login, secure session, secure, login script, Login form, sha1, key
Version:	`1.0`
PHP version:	`5`
License:	BSD License
All time users:	3077 users
All time rank:	956
Week users:	5 users
Week rank:	794

Author:	Marcelo Costa `<e-mail contact>`
Packages:	9 Browse this author's classes
Country:	Brazil - PHP jobs in Brazil
Age:	???
All time rank:	346	29 in Brazil
Week rank:	422	31 in Brazil

Innovation award

Nominee: 1x

	Detailed description

This class can be used to authenticate Web users securely.

It creates a key encoded with SHA1 based on the IP address and the current time when an user accesses the login page.

The key is used to generate a salt value that is used to encrypt the password that the user enters in the login form.

On the server side the class uses the same salt to verify whether the password entered by the user matches the password stored in a database.

If the authentication is successful, the class starts an authenticated user session.

The login keys, user and session information is stored in a database. Currently the class supports either MySQL or PostgreSQL databases.

	Groups

PHP 5	Classes using PHP 5 specific features	View top rated classes
Databases	Database management, accessing and searching	View top rated classes
User Management	User records, authentication and session handling	View top rated classes
Security	Security protection and attack detection	View top rated classes

	User ratings		Applications		Related links		Files

	Innovation Award

PHP Programming Innovation award nominee

February 2007
Number 3

Authentication is an aspect that concerns developers implementing sites that require high security level.

Using SSL avoids the eavesdropping problem caused by the possibility of having an attacker sniffing the connections to a Web site to steal user passwords. However, not every site owner can afford buying and renewing SSL certificates every year.

This package offers a solution that avoids the need for SSL certificates. It uses session keys to encrypt the user passwords before submitting a login form to the server.

Manuel Lemos

	User ratings

Ratings	Utility	Consistency	Documentation	Examples	Tests	Videos	Overall	Rank
All time:	`Not sure (50.0%)`	`Insufficient (33.3%)`	`Insufficient (25.0%)`	`Insufficient (25.0%)`	`-`	`-`	`Insufficient (33.3%)`	2127
Month:	Not yet rated by the users

	Applications that use this class

No application links were specified for this class.

If you know an application of this package, send a message to the author to add a link here.

	Related links

Link	Description
OOE	Framework with security session implements
PDO_EXT	It provides one class that extends the PDO database access abstraction class to simplify the execution of SELECT, INSERT, UPDATE and DELETE queries.

	Files

File	Role	Description
`class_pdosession.php`	Class	version 2.0 for pdo driver
`base64.js`	Data	javascript base64
`class_mafiarelbd.php`	Class	base sql class
`class_mafiasession.php`	Class	main class
`class_mafiasql.php`	Class	sql class
`class_pdo_extension.php`	Class	pdo extension class
`leiame.txt`	Doc.	readme
`login.php`	Example	login form exemple
`mafiasession.php`	Example	exemple script
`md5.js`	Data	javascript md5
`mysql.sql`	Data	mysql database script
`pgsql.sql`	Data	postgres database script
`sha1.js`	Data	javascript sha1
`_autoload.php`	Conf.	setup script
`_autoloadpdo.php`	Data	pdo.php

Download all files: mafiasession.tar.gz mafiasession.zip
NOTICE: if you are using a download manager program like 'GetRight', please Login before trying to download this archive.

Copyright (c) Icontem 1999-2012	PHP Classes	- PHP Class Scripts
	PHP Book Reviews	- Reviews of books and other products