Talking about the method of Php+mysql authentication

MySQL recently in the school system to do alumni, the need for authentication, in contrast after the decision to use Php+mysql for authentication.
　　
Have considered using cookies or session before. But with cookies, the user offline and then online, as long as the cookies are not available, you can still stay online without login, which is a hidden trouble for internet cafes. And the user can turn off cookies so that authentication is unsuccessful. Also considered using session,session in the browsing process will continue to access information added to the session, if the user in the site for a long time, browsing a lot of pages, the session will be more and more big, browsing speed down, and finally only to log in,
Although this is rare, it is not what we want.
　　
The idea that I was doing this authentication was to log browsing information while authenticating.
The user ID is passed between each page, and the ID value is encrypted with the MD5 () function. The validation function is validate_id (), the return value is (0,1), and the success is "1".

Ideas:

Determine if the ID value being passed in is an anonymous login ID (a684dd572b1887661782981659331eed), 32-bit, if it is returned 0, and the browse information is added to the database. If not, query the database to see the user ID in the database, the user IP is equal to the Id,ip value passed in, and the most recent browse time is less than 20 minutes from the current time.
　　　　
The number of records obtained, if 0, is considered offline, and login with anonymous ID to browse information, return 0. Record is not 0 o'clock, the user ID, User IP value, joined the database, returned 1.

To create a database:
　　
CREATE TABLE logging{

ID int unsigned NOT NULL primary key auto_increment,

user_id char () not null,//user ID

LOGGING_IP varchar not null,//record User IP address

Page_name varchar () not null,//browse Web name

View_time timestamp NOT NULL,

student_id varchar (20)

);
To create a function:

/*-----begin function Validate-id ()---------------
Verify that the user is logged on

------------------------------------------------*/
function validate_id ($link, $id, $ip, $page _name, $student _id= "") {
if ($id ==a684dd572b1887661782981659331eed or $id = ') {
$query = ' INSERT into logging (user_id,logging_ip,page_name,student_id) VALUES ("A684dd572b1887661782981659331eed", "' . $ip. ', $page _name. ', ' anonym ');
$result =mysql_db_query ("Web", $query, $link);
return (0);
}
else {
$year =strftime ("%Y");
$month =strftime ("%m");
$day =strftime ("%d");
$hour =strftime ("%H");
$min =strftime ("%m");
$sec =strftime ("%s");
echo $time _string= $year. $month. $day. $hour $min. $sec;
Echo ("<br>");
echo "$year-$month-$day $hour-$min-$sec <br>";
---------begin IF ' s---------------------------
if (($min-=20) <0) {
$min +=60;
if (($hour-=1) ==-1) {
$hour +=24;
if (($day-=1) ==0) {
Switch ($month) {
Case: $days =30;break;
Case 1: $days =31;break;
Case 2:if (($year/4==0) and ($year/100!=0) or ($year/400==0)) {
$days = 29;}
else {$days = 28;}
Break
Case 3: $days =31;break;
Case 4: $days =30;break;
Case 5: $days =31;break;
Case 6: $days =30;break;
Case 7: $days =31;break;
Case 8: $days =31;break;
Case 9: $days =30;break;
Case: $days =31;break;
Case one: $days =30;break;
}
$day + + $days;
if (($month-=1) ==0) {
$month +=12;
$year-=1;
}
}
}
}
----------------------------------End If ' s
SetType ($month, "integer");
if ($month <10) {
SetType ($month, "string");
$month = ' 0 ' $month;}
SetType ($day, "integer");
if ($day <10) {
SetType ($day, "string");
$day = ' 0 ' $day;}
SetType ($hour, "integer");
if ($hour <10) {
SetType ($min, "string");
$hour = ' 0 ' $hour;}
SetType ($min, "integer");
if ($min <10) {
SetType ($min, "string");
$min = ' 0 ' $min;}

Echo ' <br> ' $time _string= $year. $month. $day. $hour $min. $sec;
echo "<br> $year-$month-$day $hour-$min-$sec <br>";
Echo ("<br>");
$query = "SELECT id from logging where user_id= ' $id ' and logging_ip= ' $ip ' and view_time> ' $time _string ';";
$result =mysql_db_query ("Web", $query, $link);
$count =mysql_num_rows ($result);
if ($count ==0) {
echo $query = "INSERT into logging (user_id,logging_ip,page_name) VALUES (' A684dd572b1887661782981659331eed ', ' $ip ', ' $page _name '); ";
$result =mysql_db_query ("Web", $query, $link);
return (0);
}
else{
$query = "INSERT into logging (user_id,logging_ip,page_name) VALUES (' $id ', ' $ip ', ' $page _name ')";
$result =mysql_db_query ("Web", $query, $link);
return (1);

}
}//end if
}
----------------------------End Function Validate-id---------
This verification method is very simple, and do not take into account the user login after the situation, you can add their own.

If you use cookies, you may use setcookies () to establish a user ID and then read from the environment variable $http_cookie or $http_cookie_vars. Are the same, but you should ensure that users do not have cookies.