We discussed there that HTTP Basic Authentication has a number of drawbacks, and that you can avoid those with PHP-based authentication.The PHPLib features sophisticated classes for handling user authentication and permission management. The PHPLib authenticates sessions; thus it depends on the Session class.
On those pages in which you need authentication, the following page_open() call should be made to instantiate a session and authentication object:
page_open(array(“sess” => “Session_Example”, “auth” => “Auth_Example”));
Being based on sessions introduces a number of advantages for the authentication:
The username and the authentication element are sent only once, at the login. Once authenticated, the server stores the authentication data inside the session, and doesn’t transmit username or authentication element again.This is different than in HTTP Basic Authentication, where the username and password are transmitted in the HTTP headers of each request. But it also means that, if you lose the session, you lose the authentication.