If I am to follow What should a developer know before building a public web site? on authentication, then what options do I have ?
I have never used PEAR, and I’m not about to start. I have read about phpGALC but have yet to try it.
After the authentication do rights/access level kick in. I’m not a big fan of using a single tinyint value which decides what a user can and cannot do, besides its not very flexible. I have recently written a section system where I specify what kind of access each user type have access to, but is there something better ?
If you want a language, then PHP5.
That depends… Are you referring to using the value as an integer or as a bitfield?
If you’re using it simply as a number (level 5 user has all the abilities of level 1-4 users, plus a little more), then, yeah, that’s not very flexible.
If you’re using it as a bitfield, it gives you 8 (sets of) capabilities which can be turned on or off in any combination for any user. I’d call that flexible. And, if 8 capabilities isn’t enough for you, it’s trivial to change the tinyint (8 bits) to a smallint (16 bits/capabilities), int (32 bits), or bigint (64 bits), which should be more than sufficient for just about any application most of us are likely to write.