Archive for October, 2007

PHP – Creating Effective User Acces: Database Design

Wednesday, October 31st, 2007

Okay, when we look at creating effective user access, the first thing we have to look at is the database design. As I mentioned in the overview post of this series, we will not look in-depth at how to connect to a MySQL database, the code will be shown, but not explained. However, we do need to explain a decent table layout, as well as define what tables are needed in our example here.

One thing I should mention is some specifics that I will be basing the rest of this series off of, in others here is the list of requirements I am going to meet. While the list is not extensive or exhustive, it provides a good base to which you should be able to extend to fit your requirements list.

  1. The site needs to log users in and out.
  2. The site needs to keep users logged in for a minimum of 15 minutes.
  3. The site needs to keep users logged longer if they desire to choose “Remember Me”.
  4. The site needs to authenticate on all pages.
  5. The site needs to logout users by session timeout, cookie timeout and user forced logout.
  6. The site should log all login attemps, whether successful or not for security purposes.
  7. The site should be able to provide the user with their last login date and time.
  8. The site should operate over a secure connection.
  9. The site should lock an account after three unsuccessful login attempts, if the account login name is correct and the password is wrong, and it should stop accepting submissions if the user name is not found within three attemps and log the error.

On to the MySQL database definition…..

(more…)

Posted in E-Commerce, PHP, Principles, Web Design | Comments Off

PHP – Creating Effective User Access

Wednesday, October 31st, 2007

This tutorial requires that several basic sets of knowledge be known by the user already. One is you must be proficient with HTML/XHTML, two is that you already know some basic PHP programming in an object-oriented fasion and three that you know how to connect to a MySQL database using PHP. Why are these required? Becuase this tutorial is not about teaching PHP basics, nor is it about how to connect to a MySQL database. It is not about teaching you HTML/XHTML nor is it about object-oriented program development.

There are several items that you need to figure out before we can continue with our discussion of user access. These items will determine how you implement the user access control. I have listed them below:

  • Do all pages on the site need to have user authentication, or only a subset of them?
  • Will the site use SSL connections or just basic plain text authentication?
  • Will the site offer to “remember” users after the leave the site and come back or automatically log them out when they leave the site or follow the logout button/link?
  • Will the site offer content only to those logged in, such as a user control panel where the user may add/change/remove their information or a special section that is dependent upon their access level?

Once those questions are answered, you will find that the tutorials step through first generating the user database that is universal to cover all those needs and more, then we will setup basic authentication using an SSL encrypted page, then we will setup sessions, session time limits, cookies for user rememberance and finally discuss restricting access to pages via user login authorization level.

This is the overview of a several part series that will be posted over the coming days.

Posted in E-Commerce, PHP, Principles, Web Design | Comments Off

Google PR – The Ultimate Never Ending Saga

Thursday, October 25th, 2007

You know, when Google first introduced PageRank – the web developing world went absolutely bonkers. There were so many “experts” that had a unique angle on how to attain the highest page rank in the fastest way it was mind numbing. It went on this way for quite a while, with web masters, web developers, SEOs (search engine optimizers), SEMs (search engine marketers) and the regular Internet Junkie trying to prove that their theory was correct about the Google PageRank algorithm.

In the past 1 1/2 to 2 years, we have seen another phenemona happen – the devaluation of PageRank. Apparently not just by web masters, web developers, SEOs and SEMs, but now by Google themselves. With the advent that they are trying to de-value paid links, links that can carry page rank to lend creed and credibility to a site, many top ranked sites are experiencing major PR drops. Sometimes up to 4 or 5 points.

According to Web Pro News, most of them took a 2-4 point drop, with www.statecounter.com taking the largest in their supplied list going from 10 to 6. I do believe their list may have came from over at Andy Beard’s site.

The completely amazing thing of all this, is the buzz it has created in the blogosphere (yes, people just like me {only with more power, clout, writing time and blogging experience} writing about it). People have came forward with conspiracy theories, ideas that Google is personalizing this round of updates against entities and much more craziness.

As I said in a comment over on ProBlogger – when will the Google PR craziness end? Ever? Probably not anytime soon. Can PR drop, the site still have quality content and get great traffic? I guess the next few weeks will tell on some of these sites, won’t it.

Personally? This site’s home page has a whoopin’ up PR of 3. One of my work sites has PR5 and the other a PR4. However, the PR5 page does significant sales volume and has a great visitor number, as well as garnering nearly 60% of our traffic from search engines. I get about 39% of the traffic to this site from the search engines.

Posted in Blogging, Search Engines, SEM, SEO | Comments Off

Java, Internet Explorer 7 (IE7) and Windows Live Sign-in Cause Error

Thursday, October 25th, 2007

Well, I have spent several months wondering why I couldn’t ever load any Java applets in IE 7. Not that it’s a big deal since I use FireFox more than Internet Explorer, for reasons obvious to many Web surfers. However, it kept nagging at me and so I looked into it today and found out the following:

Java loves to keep every update installed and separate on your system. I had nearly 1GB of java “updates” and JRE and JDK updates installed, each of them over 100MB, many over 200MB. What is the point of this Sun? Why force all of them to remain, if the current is the best one to use? Should it not prompt me whether or not I want to keep the old version, in case I need it for compatibility or something instead of automatically filling my hard drive with software that is not even used?

Windows Live Messenger installs the Windows Live Sign-in Helper and Windows Live Sign-in Control. Both causing issues. On my home system, under my wife’s profile, she opens IE7, only to have it load a Microsoft Live page, then redirect her to the MSN home page that she uses. It honestly adds several seconds, if not more, to the browser load time. The purpose? I am not sure, because my profile does not do this.

(more…)

Posted in Browsers | Comments Off

View in: Mobile | Standard