User Authentication question

Discussion in 'Web Design and Development' started by CavemanUK, Jan 24, 2013.

  1. CavemanUK macrumors 6502


    Jun 29, 2006
    Rhyl, North Wales
    Hi guys,

    For a few years I've been playing around with a php driven website that manages the customers in our small business. Its very low usage and more of a fun project than anything... recently ive been looking at making it more mobile and more html5/css3 specific etc.

    Anyway, I was thinking about the user authentication. Currently there are 3 users that are stored in a mysql database and validated in the obvious way.

    I wanted to improve the security and stability of this side of things and was wondering if this is something i can use something like facebook or openid for? basically i want to allow the same 3 users access but nobody else. it seems like facebooks authentication would certainly ensure its the right person logging in.

    does this make any kind of sense or is there a better way?
  2. SrWebDeveloper macrumors 68000


    Dec 7, 2007
    Alexandria, VA, USA

    Visit this page, download, install and load the class as instructed:

    This method is excellent because you can force Facebook authentication by including this in any PHP page, it's secure and uses the FB API, and the added bonus of optionally getting user's info after login to customize the PHP page.

    Looking at the example code, to limit to 3 specific users try something like (untested, to show concept only after class is loaded which is not shown below, edit for your needs):

    $facebook = new FacebookLogin('100929283281389''8*******************************1');
    $user $facebook->doLogin();
    'User\'s URL: '$user->link'<br />';
    'User\'s name: '$user->name'<br />';
    'Full details:<br /><pre>'print_r($usertrue), '</ pre>';

    // Set an array with 3 FB user names you permit

    // Authenticate them - remember in_array() is case sensitive
    if (in_array($user->name,$allowedNames)) {

    // Rest of page displays here - user is authorized so they can view it

    } else {

    // User is not permitted
    echo "Sorry, $user->name, you are not permitted access to this page.";


Share This Page