Welcome to the Sourceforge - Project Web Page of PFSAU
PFSAU ... (Php Fairly Secure Authentication Utility)
click here for the project page
************************************************************************** * PFSAU - PHP fairly secure Authentication Utility * * user authentication and authorization script for use in web applications * uses a { user (m) -> (n) group ] assoziation, each page can be protected * with * - user (*) * - group * - ip (*) * * authentication (* = not yet implemented) * * completely rewritten because of security reasons * * written by Andreas Muenster (tw01e002@stud01.technikum-wien.at) * * Code is GPL'd ************************************************************************** 1. About ======== This functions were required in a web project of my company, so i sat down an started searching for a free and easy to implement user/group authentication library. I wanted to write pages like $groups = array('admins','subadmins'); // allowed groupnames authenticate(); // to force login I didn't find anything yet so i started my own libraries. You need a database to store user / group functions. I also used the database to store session variables (more performance and more stability in comparision to the filesystem storage alternative) - you can easily disable that and store 1.000.000 session flat files in your filesystem :). 2. Architecture =============== includes -------- database.php - Database layer (currently for mysql only - though you can easily adapt it for your needs) sessiondb.php - Session functions overloading for storing sessions in the database pfsaulib.php - main authentication library (class + normal function wrappers) the purpose of this project :) php / html pages ---------------- login.php - A simple login page logout.php - A simple logout page securepage.php - A simple 'secured' page anything else ------------- README.txt - the file you are currently reading db.sql - create tables in your database (mysql version) 3. TODO ======= * nice and easy to use setup page for scripts and datbase * Multiple language support * Generic Database (tables / columns configurable) * Adapt and test to other dbms like Postgres, Oracle, M$oft-SQL Server, .... * Build ldap wrapper * Build some other security checks (IP based, ....) * nice user management interfaces (optional: allow user to manage his settings) If you'd like to help to develop something of the above .. send a mail to tw01e002@stud01.technikum-wien.at