Manualshelf

Specifications

ManualsBrandsMaxxus ManualsExercise BikePRO SPK-23
521522523524525526527528529530
Third, we need to be able to recommend to a user sites that might appeal to her, based on what
we know about her already.
Solution Components
Now that we know the system requirements, we can begin designing the solution and its com-
ponents. Lets look at possible solutions to each of the three main requirements we listed previ-
ously.
User Identification and Personalization
There are several alternatives for user authentication, as we have seen elsewhere in this book.
Because we want to tie a user to some personalization information, we will store the users
login and password in a MySQL database and authenticate against that.
If we are going to let users log in with a username and password, we will need the following
components:
Users should be able to register a username and password. We will need some restric-
tions on the length and format of the username and password. We should store passwords
in an encrypted format for security reasons.
Users should be able to log in with the details they supplied in the registration process.
Users should be able to log out when they have finished using a site. This is not particu-
larly important if people use the site from their home PC, but is very important for secu-
rity if they use the site from a shared PC.
The site needs to be able to check whether a user is logged in or not, and access data for
a logged-in user.
Users should be able to change their password as an aid to security.
Users will occasionally forget their passwords. They should be able to reset their pass-
word without needing personal assistance from us. A common way of doing this is to
send the password to the user in an email address he has nominated at registration. This
means we need to store his email address at registration. Because we store the passwords
in an encrypted form and cannot decrypt the original password, we will actually need to
generate a new password, set it, and mail it to the user.
We will write functions for all these pieces of functionality. Most of them will be reusable, or
reusable with minor modifications, in other projects.
Building User Authentication and Personalization
C
HAPTER 24
24
AUTHENTICATION
AND
PERSONALIZATION
499
30 7842 ch24 3/6/01 3:34 PM Page 499