• Logical separation of business/design. Using Smarty’s templating schema is very much easier than using PHP.
• Smarty employs security within the templating system itself. Sure you can still execute php code using {php}, but you can always disable it.
• Smarty employs caching without utilizing external sources.
• Smarty can be integrated easily into pre-existing content management systems or used stand-alone…others cannot.
• Why build something else which serves the same purpose when Smarty is already made, free, and has pretty much EVERYTHING you could ever possibly want in a template system?

Bottom line: Smarty is best suited for use when you may not allow your designers and developers to work with one another on the same files/templates or allow them access to PHP, with which you have total control over the system. (I’m sure your designer isn’t modifying system-related data on your server…right?) Smarty makes sure that designers cannot make systematic mistakes. If they make a mistake, it will be design related.
So, bottom-bottom line: Smarty helps you protect your system from outside sources as well as even from the users themselves!

So, we’re building a basic user authentication system utilizing PHP and MySQL. First thing’s first, which tracking mechanism to use? Personally, I prefer using cookies over sessions for user-driven systems for several reasons noted at the link; so, we’ll be using cookies in this tutorial.

Now, before we even begin to type any code lets get the schema of the database all thought out and created. Here’s the basic schema/SQL:

CREATE TABLE `kiler_users` (
  `id` int(11) NOT NULL auto_increment,
  `username` varchar(28) NOT NULL,
  `email` varchar(110) NOT NULL,
  `pass` varchar(85) NOT NULL,
  `is_confirmed` int(1) NOT NULL,
  `confirm_hash` varchar(65) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 ;

Now that our database structure is thought out and created we can begin on the logic (code).

In my experiences with programming in general I am quite familiar with Object Oriented Programming, and will therefore create this user system with the use of it. If you are new to object oriented programming or to PHP in general please try and follow along until I can get around to creating an introductory tutorial on OOP.

Our system requires the use of a class which creates the objects needed to satisfy our user system; we will create it. In a separate php file save the following class as kiler.user.class.php

class KilerUser{
   public $userID;
   public $userName;
   public $userEmail;
   public $userPass;
   public $userHash;

   function __construct($userID,$userName,$userEmail,$userPass,$userHash){
      $this->userID = $userID;
      $this->userName = $userName;
   $this->userPass = $userPass;
   $this->userHash = $userHash;
   }

   function login($userName,$userPass){
      global $db;
      $go = @mysql_query(”select id, pass from kiler_users where username = ‘$userName’ and pass = ‘$userPass’ limit 1″);
      if(!$go) return false;
      $checkpass = @mysql_fetch_assoc($go);
      $pass2 = $checkpass[’pass’];
      if($userPass != $pass2) return false;
      $chkconf = $this->checkConfirmed($userName);
      if(!$chkconf) return false;
      $userName = strtolower($userName);
      $this->setCookies($userName);
      return true;
   }

   function setCookies($userName){
   setcookie(’kiler_userlogin’, $userName, (time()+12800), ‘/’, ”, 0);
   }

   function isLoggedIn(){
      global $db, $_COOKIE;
      if(isset($_COOKIE[’kiler_userlogin’])){
         $userName = mysql_real_escape_string($_COOKIE[’kiler_userlogin’]);
         $check = @mysql_query(”select id from kiler_users where username = ‘$userName’ limit 1″);
         $checkNum = @mysql_num_rows($check);
         return ($checkNum>=1) ? true : false;
      }
      return false;
   }

   function logout(){
      setcookie(’kiler_userlogin’, ”, (time()-2592000), ‘/’, ”, 0);
      header(”Location: http://www.yoursite.com”) and exit();
   }

   function checkConfirmed($userName){
      global $db;
      $userName = strtolower(@mysql_real_escape_string($userName));
      $go = @mysql_query(”select username, is_confirmed from kiler_users where username = ‘$userName’ limit 1″);
      $goNum = @mysql_num_rows($go);
      if($goNum!=1) return false;
      $getdata = @mysql_fetch_assoc($go);
      $userName2 = stripslashes(strtolower($getdata[’username’]));
      $isit = $getdata[’is_confirmed’];
      if($userName != $userName2) return false;
      if($isit == ‘0′ || $isit == ”) return false;
      return ($isit == ‘1′) ? true : false;
   }

   function getUserID($userName){
      global $db;
      $go = @mysql_query(”select id, username from kiler_users where username = ‘$userName’ limit 1″);
      $goNum = @mysql_num_rows($go);
      if($goNum!=1){ $this->logout(); return; }
      $goRw = @mysql_fetch_assoc($go);
      $goRwNum = @mysql_num_rows($goRw);
      if($goRwNum!=1){ $this->logout(); return; }
      $userName2 = stripslashes(strtolower($goRw[’username’]));
      $userID = $goRw[’id’];
      if($userName != $userName2){ $this->logout(); return; }
      return $userID;
   }
}

Now, I won’t get into the details of the functions within the class as it should be pretty much straight-forward. For the sake of quickness I’ll slack there and now show you how to use this basic class.

In your system before you call any headers or whatnot you’ll need to add the code which will utilize the user class/system, and here it is:

require_once ‘/path/to/your_Database_Connection.php’;
require_once ‘/path/to/kiler.user.class.php’;

$kilerUser = new KilerUser();
// if logout is set log them out!
if(isset($_GET[’logout’])){
   $kilerUser->logout();
}
$is_user_logged_in = $kilerUser->isLoggedIn();
if(!$is_user_logged_in){
   // user is not logged in
   // see if login form has been submitted.
   // If it has process the form.
   if(isset($_POST[’user_name’]) && isset($_POST[’user_pass’])){
      $userName = strip_tags(strtolower(mysql_real_escape_string($_POST[’user_name’])));
      $userPass = md5(mysql_real_escape_string(strip_tags($_POST[’user_pass’])));
      $goLogin = $kilerUser->login($userName,$userPass);
      if($goLogin){
         // successful login
         $rr = @mysql_query(”select id from kiler_users where username = ‘$userName’ limit 1″);
         $rw = @mysql_fetch_assoc($rr);
         $userID = $rw[’id’];
      }else{
         $login_message = ‘You have entered an incorrect login user/pass combination or your account has not been confirmed.’;
      }
   }
}else{
   // user is logged in
   // Get their user id
   $userName = mysql_real_escape_string($_COOKIE[”kiler_userlogin”]);
   $userID = $kilerUser->getUserID($userName);
   if($userID == ” || $userID == 0){
      $login_message = ‘Error recovering user data.’;
   }else{
      $login_message = ‘Welcome back userID: ‘.$userID.’!';
   }
}

if(isset($login_message)){
   echo $login_message;
}

This is a bare-bones user system, not including the actual registration form/process and is also missing the login form…which I’m sure if you made it this far you can handle on your own. This system has several design flaws, such as using straight mysql calls rather than a wrapper, only utilizing md5 and not adding “salt”, and the likes; but I’m sure you can weed those out and refine a bit. This was meant to give the basic idea to newbies and the likes. I hope this helps someone.

To secure this class/script:
1. Add “salt” to the encryption on the users password.
2. Add md5 encryption and “salt” to the users cookie.
…come on, I can’t do everything for you.

If you have any questions, comments or flames feel free to utilize the commenting feature here.

Albert Hofmann, the pioneering Swiss chemist and advocate of psychedelics who discovered the hallucinogenic properties of LSD, died Tuesday. He was 102.
Hofmann reportedly died of a heart attack at his home in Basel, Switzerland.

May you rest in peace Albert.

Source: LSD Inventor Albert Hofmann Dead at Age 102

The entire gaming community across the entire WORLD is a buzz about the newest Grand Theft Auto gaming title, us included! Grand Theft Auto IV is set to release in just about 10 minutes on the East Coast of the United States. If you are unable to find a copy at your local electronics store be sure to check out Grand Theft Auto IV at Play-Asia, as they have loads!

Much more about Grand Theft Auto IV here once I get my grubby hands on it!

Useful Links:
Grand Theft Auto IV Official Website
Rockstar Games Social Club
Grand Theft Auto IV at Wikipedia

This release addresses a couple of bug fixes, and a bug with the regex_replace modifier that can allow php functions to be called in templates. If you use the security features of Smarty, you should upgrade immediately. As a quick fix, you can replace the modifier.regex_replace.php plugin with the new one.

The current version of Smarty is: 2.6.19
If you’re running an older version go to the Smarty source and upgrade immediately!

User authentication systems have been used since the dawn of the Internet, and even before then. From MySpace, Yahoo! Mail, GMail, to logging in to your Windows (or other) desktop; user authentication systems serve several purposes, with the main being to protect or limit access to certain information and/or data.

When developing dynamic web systems you will always need some form of user authentication system to control access to certain features within the system. It is always a good idea to limit access to certain features of your system to specified people/things, so this tutorial will definitely be put to good use if you need it.

What You Need Before We Begin:

1. Your own domain and webhost account. - While you can possibly get a free host somewhere to host your website, you will always be looked at as an amateur if you do not own your own domain. You can still utilize and follow this tutorial without your own domain but we do not recommend it. Also, you can still follow this tutorial without a webhost account but you will not be able to utilize and/or setup the user system without one.
   We recommend GoDaddy for your domain registrar and LunarPages for your webhost, as both are cheap and very reliable.
2. PHP 5+ installed on your webhost. - The PHP code used in this tutorial was coded to work with PHP version 5 but is completely compatible with newer versions of PHP (6).
3. MySQL 4+ installed on your webhost. - The MySQL queries used in this tutorial were coded to work with MySQL version 4.0 but is completely compatible with newer versions of MySQL.
4. Plain Text Editor. - You will undoubtedly need a text editor to write, edit and save your code (files). We recommend WeBuilder.
5. FTP Client. - You will undoubtedly need an FTP client to transfer your files from your computer to your webhosts server. We recommend CuteFTP.
6. Beginner PHP knowledge. You will need to know at least how to print text/code blocks to the browser window, basic string manipulation techniques, and how to properly manipulate and modify cookies with PHP to follow this tutorial. We recommend going over our introductory PHP articles, starting with Introduction To PHP5: Part #1: What Is PHP?.
7. Excelled (X)HTML knowledge. You will need to know the HTML markup language through and through. You may still be able to follow through the tutorial though. We recommend going over our introductory HTML articles, starting with Introduction To HTML: Part #1: What Is and What You Need.
8. Beginner MySQL knowledge. - You will need to know how to code basic MySQL queries. We haven’t produced any SQL-related tutorials as of yet so sorry about that.

This tutorial will be continued at our earliest convienience.

Star Wars: The Force Unleashed is an upcoming multimedia project developed and published by LucasArts along with Dark Horse Comics, Lego, Hasbro, and Del Rey Books. It consists of a video game, a tie-in novel, action figures, a comic book, a reference book and a role-playing game supplement. The game will be available on Xbox 360, PlayStation 3, Wii, PlayStation Portable, Nintendo DS, second-generation N-Gage, and PlayStation 2. It is expected to be released September 16, 2008, in the United States, September 17 in Australia and September 19 in Europe.

Definitely check out the further reading links if you’re interested!

Further Reading:

Star Wars: The Force Unleashed @ LucasArts.com
From Concept To Console: Star Wars: The Force Unleashed @ StarWars.com
Star Wars: The Force Unleashed @ Wikipedia

They now have the Street View option. Not only will you find the address, but there’s a 360 degrees virtual view of the surrounding. It’s not in every location, yet. They actually drove down each street to get these images captured for users’ convenience. You’ll be able to understand when your friend is giving you directions without street names. Check it out yourself at Google Maps, or check out their tutorial here.

Further Reading:
Couple Sues Google Over “Street View”