PHP for Unique Login - PHP Server Side Scripting forum at WebmasterWorld - WebmasterWorld

Forum Moderators: coopster

Message Too Old, No Replies

PHP for Unique Login

Unique users on same IP address

TheKG

6:05 pm on Jul 22, 2013 (gmt 0)

10+ Year Member

Top Contributors Of The Month

Hope someone can help with this. I have already set up a separate section of my website that can be accessed only with a user name and password. That is functioning well, with the exception that all users within one entity are assigned the same IP address. When more than one user is logged in, all items placed in the shopping cart by all the logged in users goes into the same cart.

Isn't there a way to code the login so each user has a unique identification and only the items they place in their cart will be visible to them regardless of the IP address?

Here's the code from login.htm:

<form action="login.php" method="POST">
<p class="login">Username
<input type="text" name="username" id="username">
</p>
</td>
</tr>
<tr>
<td>
<p class="login">Password
<input type="password" name="password" id="password">
</p>
</td>
</tr>
<tr>
<td>
<p class="heading">
<input type="submit" id="submit" value="Login">
</p>
</td>
</tr>
</form>

Then, at the top of each web page:

<?php
session_start();
if(!$_SESSION['username']){
header("Location:../login.php");

}
?>

I appreciate any suggestions.

eeek

7:56 pm on Jul 22, 2013 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Why is your script paying any attention to the IP address at all?

TheKG

8:14 pm on Jul 22, 2013 (gmt 0)

10+ Year Member

Top Contributors Of The Month

I do not maintain my own cart; I subscribe to an on line cart program. In an email I sent to them, they stated that the problem is that the cart recognizes each user's IP address. Their advice was for me to speak with the entity's IT department to request that each user be assigned a unique IP address. The IT department informed me that this is not something that they can/would do, it should be addressed to the people that provide my cart program.

It has become a problem when users from different locations log on at the same time and place items in their cart. All the items are in the cart from both users. I may lose this account if I cannot figure out a way to completely separate the user's sessions regardless of the fact that they are using the same IP address.

Hopefully, this is possible.

brotherhood of LAN

8:17 pm on Jul 22, 2013 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

It sounds like a very poorly made cart then, with little testing and perhaps the same amount of understanding.

When someone logs in they should be assigned a cookie, and the values within that cookie can be used to authenticate a single user. IP addresses simply aren't unique enough.

TheKG

8:23 pm on Jul 22, 2013 (gmt 0)

10+ Year Member

Top Contributors Of The Month

Is there a way for me to assign a cookie for authentication in my code?

eeek

9:24 pm on Jul 22, 2013 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

I do not maintain my own cart; I subscribe to an on line cart program.

Okay, in that case you should very quickly dump them. They do not have the skills to provide that service properly.

TheKG

3:37 am on Jul 23, 2013 (gmt 0)

10+ Year Member

Top Contributors Of The Month

Any suggestions as to on line carts that do provide this feature? Quickly dumping them doesn't even sound feasible; most carts I've looked into have a completely different set of html than what I am using and I have many pages I'd have to recode. I am not skilled enough to create and maintain my own cart with all the security and encryption necessary for pci compliance, so that isn't even a consideration.

Thank you for your forthright answers.

swa66

7:55 am on Jul 23, 2013 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Somehow I'm thinking you have a communication problem with your cart provider.
I'd check again with them on best practices on what to do on your site to integrate in the best possible fashion with them.

If they indeed do push toward IP addresses instead of cookies, switch providers.

The cookie people speak about is a cookie your code sets so it recognizes the individual users of your site. Each essentially gets a unique random string as value and the browser will send it with every hit it makes back to the server so the user can be recognized by your site. Now cookies are in general site specific, so the browser will not send the same cookie when talking directly with a 3rd parties such as cart providers. They need to glue that into your site and interact with you on how to best achieve it all.

TheKG

8:24 pm on Jul 25, 2013 (gmt 0)

10+ Year Member

Top Contributors Of The Month

Thanks to everyone that replied to my inquiry. I did contact my cart provider again and after 2 emails and one voice message, they replied. They claim that the majority of their clients want faster check-out for their customers and logins aren't the way to achieve it; they will be sticking with IP identification only.

Needless to say, I have been looking at many options available on line for a new provider. It appears that it will be quite an undertaking, as most are full programs (even the free ones) that necessitate entry of all my items into their system.

I am open to suggestions as to which cart might meet my needs, as I need to do this soon.

swa66

12:37 pm on Jul 26, 2013 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Well to recommend, one needs to know your needs.
But to formulate them you need some ideas on what's possible.

This might get you started with some ideas on what you might want:
[en.wikipedia.org...]