Something important arises at just about this point in your application design and creation. You have four, five, maybe more core pieces of functionality in place to add users, upload photos, and so on. You have a few tables set up in which to store data. You have most of your application’s central components built. and even though it’s still a simple application, you have a sense of where you’re going. And then, in the previous chapter, you added a new piece of functionality: the ability to delete users. It seems like just another feature; just another user requirement to tick off the list. But. wait a second …deleting users? Is that something that you want to offer to all of your users? Of course not. That’s an administrative feature. (You might even remember from page 339 that an early candidate for the name of delete_user.php).
An administrator, of course, is someone who has the responsibility-and more importantly, the capability (and authority)-to manage user accounts and take care of the application on an overarching level. Unfortunately, your application doesn’t know that yet. As far as it’s concerned, there’s no such thing as an administrator. Right now, anyone can hop over to delete_user.php and nuke poor Ryan Geyer, or Robert Powell, or whoever else has signed up through create_user.html with nothing more than a confirmation box standing between them and digital oblivion. What’s worse, that tempting little red “X” is visible to anyone who goes to show_user.php.
With the addition of this one piece of functionality, you to realize you need several other things, and you need them soon. Here’s the quick list of problems that you need to solve:
• Viewing all users (done)
• Deleting users (you have this, with way too much freedom)
• A way to identify users on your system (you kind of have this, through create_user.html, but there’s no way for users to log in and out right now)
• A way to indicate that a user is an administrator
• A way that users can log in and verify who they are (for example, with a password)
• A way to only show certain functionality-like deleting a user-if the person who is viewing the functionality is an administrator.
Your system needs authetication way to let it know who’s who. Users should be required to log in, and then your system should know whether the user is a certain type, like an administrator. Based on that type, the user sees (or doesn’t see) certain things. This selective display of resources is authentication’s bed fellow, authorization. These two terms are often confused for one another, or even casually used interchangeably.
It’s certainly not surprising that you need to add these features. Logging in is common to almost every site you regularly visit online, not just Twitter and Facebook. Even YouTube and Google give you more sophisticated options when you create and log in to a user account. All of them use authentication to establish who is who. It’s time that your application joined the party.