Authenticating Users with a Database
Chapter 9 showed you the principles of user authentication and sessions to password protect parts of your website, but the login scripts all relied on usernames and passwords stored in a CSV file. Keeping user details in a database is both more secure and more efficient. Instead of just storing a list of usernames and passwords, a database can store other details, such as first name, family name, email address, and so on. Databases also give you the option of using either one- or two-way encryption. In the first section of this chapter, we'll examine the difference between the two. Then you'll create registration and login scripts for both types of encryption.