Chapter 20. Searching and Authentication in the Online Winestore

This chapter completes our discussion of the online winestore. We present here the wine searching and browsing module, and the authentication module that logs users in and out, checks whether they're authenticated, and allows them to change their passwords. The searching and browsing module is a moderately complex implementation of the querying techniques discussed in Chapter 6, and includes embedded links for browsing between pages of results. The authentication code is an adaptation of the code presented in Chapter 11.

The scripts we outline in this chapter cover the following topics:

Searching and browsing

Allows the user to search the wines in the winestore using optional search criteria, and displays matching wines in pages of twelve wines each. The querying techniques are discussed in Chapter 6, and the code makes use of the PEAR templates from Chapter 7 and our custom extension in Chapter 16. This module is an example of using embedded links to control the querying processes.

Logging in and logging out

Checks the user's credentials against a database, and registers the user as logged in by setting a session variable. It also allows the user to log out by destroying the session variable. Sessions are explained in Chapter 10, and the authentication implementation is almost identical to that described in Chapter 11.

Checking login status

Tests whether the user is authorized to access a script. This is identical to the approach explained in Chapter 11.

Changing passwords

Allows the user to change their password by supplying their old password and two copies of the new one. The techniques used are based on the template class developed in Chapter 16, and use the same approach as customer management in Chapter 17 and order finalization in Chapter 19. A receipt page isn't used because it's unlikely the user would want to bookmark a password change confirmation.