User ID capture

[jtwalter]

I have a small section of a site I want to build where someone can sign up and be given a user ID (six digit number). Four of the web pages I want to only allow people who are logged in to view, so when they come back, they can log in and then click to those pages. If they are not logged in and they try to click, they will be prompted to plug in their user ID, at which point I can simply assign a cookie to let them into the pages. I am familiar with some PHP scripting but have never done anything with a database. I am currently looking through the w3schools 'PHP Database' section to learn about it but just want to make sure I am on the right path. The user ID is generated by a third party billing company so I am not worried about that aspect. I just need a system that can automatically populate a table, or a list, (etc) so that when they are prompted to log in, a script can check if it is a real ID or not. Is this the best way to go about achieving what I want? Thank you for any help!

[Guest So Called]

The usual situation is PHP paired with MySQL. If you are provided with unique user IDs from an external source then you can just use that number as a field in your table. That would be a MySQL table in your database. It would have 'userid' and any other information you need or want to save.

[jtwalter]

Thanks for the reply. I also realized an easy (withing my range of knowledge) way I could do this would be to have a folder containing files with the user IDs in the file names such as 123456.php, 234567.php, 987654.php, etc and do a $file=fopen("' . $ID . '.php","x"); command. This would either create a file with that user's ID as the file name if it doesn't exist, or return 'false' if it does exist. So when a user tries to log in with an ID, I could simply see if a file called "[iD that he inputs].php" exists in the folder, if it does then let them through, and if it doesn't then deny access. I know this might be quite a weird way to do this, but I wouldn't need any other stored information besides the user ID. And also I would have some details to work out that I left out here. Does anybody see anything wrong with going this route? Thank you

Edited May 20, 2012 by jtwalter

[Guest So Called]

Yes, that's really primitive. I used to have flat files on my site several years ago. I learned MySQL and the code is no more complex but the database is far more powerful. Just to start out, what if somebody has a valid userid or just starts trying them at random? You're going to end up writing as much code anyway so you might as well just start out with a MySQL database. I presume your host provides MySQL along with PHP, which is the usual arrangement for LAMP hosting. (The alternative is Microsoft servers.)

[jtwalter]

Ha yeah I figured it wasn't the best method. I'll learn this SQL and see what I can implement. Thanks for the tips!