HomePHP Page 8 - Building an E-Commerce Site Part 2: Managing Users with Sessions
Step 5: User Scripts - PHP
This is the second article in a three-part series dealing with using PHP 4 and MySQL to make a comprehensive e-commerce storefront solution. This article covers session management within the store, user privileges, and a few security concerns.
In the users directory, we keep a bunch of scripts to let users manage themselves (to some extent):
users/signup.php
This script lets a user signup for an account. Signing up for an account is a straight forward process. The user fills in their information, and selects a username and password. Note that in our validation function, we check to see that the user fills in all the required fields, and also that the username and email addresses do not already exist. If they do, the user will have to specify different ones.
users/forgot_password.php
The forgot password script asks the user for their email address and then looks up their user record in the database. If a user record is found, the user's password gets reset to some random word and then their new password address gets sent to their email address. This is why it is important that there are no duplicate email addresses on the system.
users/change_password.php
A simple script to let the user change their password.
users/change_password.php
A simple script to let the user change their settings. Note, we can't have the user changing their username (that's a big no-no!), firstname, or lastname.
PHP 
