A DSN must be presented in the following format:
datasource:username:password@hostname/database
380 CHAPTER 14 ?– AUTHENTICATING YOUR USERS
Therefore, a DSN similar to the following would be used to log in to a MySQL database:
mysql://corpweb:secret@localhost/corporate
See the DB documentation at http://pear.php.net/package/DB for a complete list
of accepted datasource values.
The next three elements, namely table, usernamecol, and passwordcol, represent
the table that stores the authentication information, the column title that stores the
usernames, and the column title that stores the passwords, respectively.
The cryptType element specifies whether the password is stored in the database in
plain text or as an MD5 hash. If it is stored in plain text, cryptType should be set to
none, whereas if it is stored as an MD5 hash, it should be set to md5.
Finally, the db_fields element provides the query parameters used to retrieve any
other table information, such as the commonname field.
Auth_HTTP, its parent class Auth, and the DB database abstraction class provide
users with a powerful array of features capable of carrying out otherwise tedious
tasks. Definitely take time to visit the PEAR site and learn more about these packages.
User Login Administration
When you incorporate user logins into your application, providing a sound authentication
mechanism is only part of the total picture.
Pages:
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458