PHP Classes

Mafia Session: Secure user authentication encrypting password

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in Bookmark in
  Info   View files View files (15)   DownloadInstall with Composer Download .zip   Reputation   Support forum (1)   Blog    
Last Updated Ratings Unique User Downloads Download Rankings  
2007-10-02 (7 years ago) RSS 2.0 feedStarStar 33%Total: 3,398 All time: 961 This week: 594Up
Version License PHP version Categories  
mafiasession 1.0BSD License5PHP 5, Databases, User Management, Se...
Description Author  

This class can be used to authenticate Web users securely.

It creates a key encoded with SHA1 based on the IP address and the current time when an user accesses the login page.

The key is used to generate a salt value that is used to encrypt the password that the user enters in the login form.

On the server side the class uses the same salt to verify whether the password entered by the user matches the password stored in a database.

If the authentication is successful, the class starts an authenticated user session.

The login keys, user and session information is stored in a database. Currently the class supports either MySQL or PostgreSQL databases.

Innovation Award  
PHP Programming Innovation award nominee
February 2007
Number 3

Prize: One copy of the Zend Studio
Authentication is an aspect that concerns developers implementing sites that require high security level.

Using SSL avoids the eavesdropping problem caused by the possibility of having an attacker sniffing the connections to a Web site to steal user passwords. However, not every site owner can afford buying and renewing SSL certificates every year.

This package offers a solution that avoids the need for SSL certificates. It uses session keys to encrypt the user passwords before submitting a login form to the server.

Manuel Lemos
Picture of Marcelo Costa
Name: Marcelo Costa <contact>
Classes: 9 packages by
Country: Brazil Brazil
Age: ???
All time rank: 35129 in Brazil Brazil
Week rank: 878 Down64 in Brazil Brazil Down
Innovation award
Innovation award
Nominee: 1x

  Files folder image Files  
File Role Description
Plain text file class_pdosession.php Class version 2.0 for pdo driver
Accessible without login Plain text file base64.js Data javascript base64
Plain text file class_mafiarelbd.php Class base sql class
Plain text file class_mafiasession.php Class main class
Plain text file class_mafiasql.php Class sql class
Plain text file class_pdo_extension.php Class pdo extension class
Accessible without login Plain text file leiame.txt Doc. readme
Accessible without login Plain text file login.php Example login form exemple
Accessible without login Plain text file mafiasession.php Example exemple script
Accessible without login Plain text file md5.js Data javascript md5
Accessible without login Plain text file mysql.sql Data mysql database script
Accessible without login Plain text file pgsql.sql Data postgres database script
Accessible without login Plain text file sha1.js Data javascript sha1
Accessible without login Plain text file _autoload.php Conf. setup script
Accessible without login Plain text file _autoloadpdo.php Data pdo.php

 Version Control Unique User Downloads Download Rankings  
 0%Total:3,398All time:961
 This week:0This week:594Up
 User Ratings  
 All time