Login   Register  
PHP Classes
elePHPant
Icontem

Mafia Session: Secure user authentication encrypting password

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us

  Author Author  
Picture of Marcelo Costa
Name: Marcelo Costa <e-mail contact>
Packages: 9 Browse all classes by Marcelo Costa Browse all classes by
Country: Brazil Brazil - PHP jobs in Brazil
Age: ???
All time rank: 35629 in Brazil Brazil
Week rank: 579 Down44 in Brazil Brazil Down
Innovation award
Innovation award
Nominee: 1x


  Detailed description   Download Download .zip .tar.gz  
This class can be used to authenticate Web users securely.

It creates a key encoded with SHA1 based on the IP address and the current time when an user accesses the login page.

The key is used to generate a salt value that is used to encrypt the password that the user enters in the login form.

On the server side the class uses the same salt to verify whether the password entered by the user matches the password stored in a database.

If the authentication is successful, the class starts an authenticated user session.

The login keys, user and session information is stored in a database. Currently the class supports either MySQL or PostgreSQL databases.

  Classes of Marcelo Costa  >  Mafia Session  >  Download Download .zip .tar.gz  >  Support forum Support forum (1)  >  Blog Blog  >  RSS 1.0 feed RSS 2.0 feed Latest changes  
Name: Mafia Session
Base name: mafiasession
Description: Secure user authentication encrypting password
Version: 1.0
PHP version: 5
License: BSD License
All time users: 3336 users
All time rank: 959
Week users: 3 users
Week rank: 769 Up
 
  Groups   Rate classes User ratings   Applications   Related links   Files Files  

  Groups  
Group folder image PHP 5 Classes using PHP 5 specific features View top rated classes
Group folder image Databases Database management, accessing and searching View top rated classes
Group folder image User Management User records, authentication and session handling View top rated classes
Group folder image Security Security protection and attack detection View top rated classes


  Innovation Award  
PHP Programming Innovation award nominee
February 2007
Number 3

Prize: One copy of the Zend Studio
Authentication is an aspect that concerns developers implementing sites that require high security level.

Using SSL avoids the eavesdropping problem caused by the possibility of having an attacker sniffing the connections to a Web site to steal user passwords. However, not every site owner can afford buying and renewing SSL certificates every year.

This package offers a solution that avoids the need for SSL certificates. It uses session keys to encrypt the user passwords before submitting a login form to the server.

Manuel Lemos

  User ratings  
RatingsUtility Consistency Documentation Examples Tests Videos Overall Rank
All time: Not sure (50.0%) Insufficient (33.3%) Insufficient (25.0%) Insufficient (25.0%) - - Insufficient (33.3%) 2265
Month: Not yet rated by the users

  Applications that use this class  
No application links were specified for this class.
Add link image If you know an application of this package, send a message to the author to add a link here.

  Related links  
Link Description
OOE Framework with security session implements
PDO_EXT It provides one class that extends the PDO database access abstraction class to simplify the execution of SELECT, INSERT, UPDATE and DELETE queries.

  Files folder image Files  
File Role Description
Plain text file class_pdosession.php Class version 2.0 for pdo driver
Accessible without login Plain text file base64.js Data javascript base64
Plain text file class_mafiarelbd.php Class base sql class
Plain text file class_mafiasession.php Class main class
Plain text file class_mafiasql.php Class sql class
Plain text file class_pdo_extension.php Class pdo extension class
Accessible without login Plain text file leiame.txt Doc. readme
Accessible without login Plain text file login.php Example login form exemple
Accessible without login Plain text file mafiasession.php Example exemple script
Accessible without login Plain text file md5.js Data javascript md5
Accessible without login Plain text file mysql.sql Data mysql database script
Accessible without login Plain text file pgsql.sql Data postgres database script
Accessible without login Plain text file sha1.js Data javascript sha1
Accessible without login Plain text file _autoload.php Conf. setup script
Accessible without login Plain text file _autoloadpdo.php Data pdo.php

Download Download all files: mafiasession.tar.gz mafiasession.zip
NOTICE: if you are using a download manager program like 'GetRight', please Login before trying to download this archive.