PHP Generic Registration Module (PHP-GEREMO)

An independent and foolproof add-on to implement "double opt-in" users registration

Cédric Dufour, Idiap Research Institute
http://www.idiap.ch/software/php-geremo

What is PHP-GEREMO ?

The PHP Generic Registration Module is a PHP class which allows to implement "double opt-in" users registration as an independent and foolproof add-on to any existing application.

Upon completion of the registration process and once their credentials (and optional details) stored in the configurable backend, users can be authenticated and authorized using the web server's ad-hoc mechanisms - e.g. Apache's mod_auth_file or mod_auth_mysql - and gain access to the underlying application.

The idea behind this module is to:

  • use the web server authentication and authorization capacities to control access to the underlying application (be it in PHP, ASP, Java, Perl, Python, etc.) and thus prevent potential application-level vulnerabilities to be exploited by unauthenticated agents;
  • provide developers a way to quickly add a registration process to any existing application;
  • do so as an independent and foolproof add-on, which focus on the quality and the security of the registration process.

    • MORE...