Class: Mafia Session (ssl, secure, secure login, user login)

Name:	Mafia Session Support forum
Base name:	`mafiasession`
Description:	Secure user authentication encrypting password
Search tags:	ssl, secure, secure login, user login
Version:	`1.0`
Required PHP version:	`5`
License:	BSD License
All time users:	2067 users
All time rank:	1035
Week users:	18 users
Week rank:	336

	Supplied by		Groups		Detailed description

	User ratings		Applications		Related links		Files

Supplied by:

Name: Marcelo Costa <e-mail contact>

Published packages: 7

Country: Brazil - PHP jobs in Brazil

Home page: ???

Age: ???

All time rank: 411

Week rank: 193

Browse this author's classes

Innovation Award:

February 2007
Number 3

Authentication is an aspect that concerns developers implementing sites that require high security level.

Using SSL avoids the eavesdropping problem caused by the possibility of having an attacker sniffing the connections to a Web site to steal user passwords. However, not every site owner can afford buying and renewing SSL certificates every year.

This package offers a solution that avoids the need for SSL certificates. It uses session keys to encrypt the user passwords before submitting a login form to the server.

Manuel Lemos

Groups:

PHP 5	Classes using PHP 5 specific features	View top rated classes
Databases	Database management, accessing and searching	View top rated classes
User Management	User records, authentication and session handling	View top rated classes
Security	Security protection and attack detection	View top rated classes

Detailed description:

This class can be used to authenticate Web users securely.

It creates a key encoded with SHA1 based on the IP address and the current time when an user accesses the login page.

The key is used to generate a salt value that is used to encrypt the password that the user enters in the login form.

On the server side the class uses the same salt to verify whether the password entered by the user matches the password stored in a database.

If the authentication is successful, the class starts an authenticated user session.

The login keys, user and session information is stored in a database. Currently the class supports either MySQL or PostgreSQL databases.

User ratings:

Ratings	Utility	Consistency	Documentation	Examples	Tests	Videos	Overall	Rank
All time:	`Not sure (50.0%)`	`Insufficient (33.3%)`	`Insufficient (25.0%)`	`Insufficient (25.0%)`	`-`	`-`	`Insufficient (33.3%)`	1631
Month:	Not yet rated by the users

Applications that use this class:

No application links were specified for this class.

If you know an application of this package, send a message to the author to add a link here.

Files:

File	Role	Description
`class_pdosession.php`	Class	version 2.0 for pdo driver
`base64.js`	Data	javascript base64
`class_mafiarelbd.php`	Class	base sql class
`class_mafiasession.php`	Class	main class
`class_mafiasql.php`	Class	sql class
`class_pdo_extension.php`	Class	pdo extension class
`leiame.txt`	Doc.	readme
`login.php`	Example	login form exemple
`mafiasession.php`	Example	exemple script
`md5.js`	Data	javascript md5
`mysql.sql`	Data	mysql database script
`pgsql.sql`	Data	postgres database script
`sha1.js`	Data	javascript sha1
`_autoload.php`	Conf.	setup script
`_autoloadpdo.php`	Data	pdo.php

Download all files: mafiasession.tar.gz mafiasession.zip

NOTICE: if you are using a download manager program like 'GetRight', please Login before trying to download this archive.

Copyright (c) Icontem 1999-2008	PHP Classes	- PHP Class Scripts
	PHP Book Reviews	- Reviews of books and other products

Class: Mafia Session

Supplied by:

Innovation Award:

Groups:

Detailed description:

User ratings:

Applications that use this class:

Related links:

Files: