PHP multiuser login class or script

Question

I am looking for a simple but secure login script with mySQL PHP: sessions, MD5 that I can use with my exsisting database.
Cookies to store password + password recovery by email.
Change login/pass.
I do not need registering, I register the user myself with temp login/pass.

table agents

• agent1
• agent2

table albums

• album1, owner: agent1
• album2, owner: agent1
• album3, owner: agent2 ...

login.php agent1 logs in and has access to his albums:
- album1
- album2

agent1 can edit his albums:
edit.php?ref=album1
but NOT edit.php?ref=album3 by changing the ?ref variable

Answer 1

What you'll need to do is setup a method that checks login credentials for a particular agent. "SELECT * FROM agents where username='$username' and password='$password', if a row is returned, you know they have successfully signed in.

From here, you must save some data to session variables like the username and id of the user. You'll use this ID to check for album ownership in the album table. When an agent tries to edit an album, it will check if the agent ID is consistent with the ID in the album table.

When an agent creates an album, you must save their id as maybe "agent_id" in the albums table to relate to in your code.