What Is a Members-Only Website? - dummies

By Steve Suehring, Janet Valade

Many websites are secret — restricted to only authorized users — or have secret sections. Such websites require users (members) to log in before they can see the secret information. Here are some examples of situations in which websites might restrict access:

  • E-commerce administration: Many online merchants require customers to log in so that their information can be stored for future transactions. The customer information, particularly financial information, needs to be protected from public view.

  • Confidentiality: Many websites need to restrict information to certain people. For instance, company information might be restricted to company staff or members of a certain department.

  • Paid access: Some websites provide access to information that’s available for sale, so the information needs to be restricted to people who have paid for it.

User login is one of the most common applications on the web, with many uses. User login applications can be quite simple, such as an application in which the administrator sets up a list of valid users. Anyone who tries to access a protected file is prompted to enter a username and password, which is checked against the list of valid users.

On the other hand, a login application can be much more complicated. It can allow the website visitor to register for access, setting up his or her own account. The application might collect information from the customers as they register. The application might provide the capability for the users to manage their own accounts. The features that a login application can provide are varied.

The basic function of the login application is to allow registered users to enter the website and to keep out users who haven’t registered. Its second major function is to allow users to register, storing their information in a database. To meet its basic functionality, the user login application should do the following:

  • Give customers a choice of whether to register for website access or to log in to the website if they’re already registered.

  • Display a registration form that allows new customers to type their registration information.

  • Validate the information submitted in the form. Make sure the required fields are not blank and the submitted information is in the correct format.

  • Store the validated information in the database.

  • Display a login form that asks for the registered customer’s username and password.

  • Compare the username and password that’s entered with the usernames and passwords in the database. If a match is found, send a web page from the site to the customer. If no match is found, give the customer the opportunity to try another login.

Aside from the capability to register and log in, a login application can get much more complex, giving the capability for an administrator to assign roles to certain accounts. For example, a user might be an administrator who can view and change details of other user accounts.