Thank you, Gromozeka! When I was looking for an authorization library several months ago, I also stumbled on that StackOverflow page and decided to go for DX Auth.
Unfortunately though, I wasn’t completely happy with the library. The 8 db tables, the lack of password security and the (unneeded) roles & permission features were just a few examples of that.
Tank Auth seems to be just what I was looking for! You’ve got all my support on this one
I haven’t looked at the code in too much detail yet, so can’t judge on that one. Two little remarks though. E-mail/username field seems to be case-sensitive. Logging in without capitalization (laurentvw instead Laurentvw) failed. You may want to fix that.
Also, the captcha image isn’t displaying. But I also had that problem when using DX Auth. Not sure why, I’m probably doing something wrong (I did chmod /captcha to 777), but it doesn’t matter too much for me since I disabled captcha.
Anyway, thanks for the great library, good job!
I managed to inject this using the user field on the login form: ’; foo ‘ (which resulted in a sql error)
function get_user_by_login($login, $activated = NULL)
$req = "(username='".$login."' OR email='".$login."')";