Actively maintained PHP libraries for user authentication? [closed]

Answer 1

It sounds like what you want is a user control library, rather than an authentication library.

For example, in the Zend Framework there are two classes: Zend_Auth (which handles user authentication: logins (e.g. simple database tables to OpenID)) and Zend_Acl (which handles the user access side of things).

I quite like the ZF classes - I haven't tried using them outside of a ZF project but most of their classes can so give it a try. Even if you decide to build your own they'd be useful for reference.

Answer 2

http://ulogin.sourceforge.net/

Is quite secure and well-thought. It's also very configurable.

Answer 3

It looks to me like PEAR hasn't changed much because it's stable. I wouldn't be afraid of using it.

Answer 4

When using md5(); to store passwords on a table in your mysql database.

keep in mind the same proccess will be required when checking the entered password from the login form, aganst the one in the database.

Another example of a hash generating function is

sha1();

u could always wrap the 2 functions and create a simple hash generation method

$string = md5(sha1($string));

return $string; // RETURNED HASHED VALUE

It is also possible to use the salt() function, which allows your own "public key" to an extent.

salt("mystring123", "jz");