Giulio Pons has posted a great tutorial for anyone looking to hook their application into the Facebook Connect technology.

This tutorial will guide you to the process of integration of your web community with Facebook. This means that when a visitor comes to your site it can log in with normal credentials if it has, but if it has not it can click on the "facebook connect" button and try to log in with its facebook account, automatically.

You'll need to register the application with Facebook before getting started and get an API key you can use to work with their backend. With the help of the Facebook-provided libraries and a file for the cross-domain interaction (a xd_receiver file) you can use the code he's provided to allow the user to log in with their Facebook username/password and it be mapped to a user on your local application.

In a new tutorial posted on his blog today Giorgio Sironi looks at the Zend_Auth component of the Zend Framework and how to create a simple login authentication method with it.

Zend_Auth is the component of the Zend Framework which provides a standard authentication mechanism for web applications users. It has few dependencies (on Zend_Loader and on Zend_Session for default persistence of the authentication) and, as other framework components, will let you concentrate on the user experience instead of worrying about boilerplate code.

He talks about how Zend_Auth handles properties internally and how it can make it easier to build out those redundant bits of so many applications you've worked with. He also includes a custom adapter that can directly use PDO to connect to the database and grab the login information it needs (to remove a dependency on Zend_Db).

NETTUTS.com has posted part six in their "CodeIgniter from Scratch" screencast series today. This time they focus on the user login and sessions for their sample site.

In today's hour long video tutorial, we'll be doing a lot! We'll implement a login and signup form that will allow us to lock down certain sections of our fictional site. As you'll find, working with sessions in CodeIgniter is a cinch!

You can watch the screencast on the in-page player and download the source to follow along. If you're new to the series, you can get caught up with day 1, day 2, day 3, day 4 and day 5.

On the NETTUTS site today there's a new article (continuing on from this tutorial) looking at how to make a "forgot your password" system to add on to their current login technique.

In my last tutorial, 'A Better Login System', a few people commented on how they would like to see a tutorial on password recovery, which is something you don't always see in user access tutorials. The tutorial I am bringing you today will deal with just that. Using mySQLi, we will learn to recover unencrypted and (one-way) encrypted passwords.

They give you what you'll need to set up the database for the user information and the PHP code you'll need to connect to it and fetch the user's information. The script then generates an email with a custom link that will take the user to a page asking them to answer a security question before they can continue.

WebReference.com has posted the third part of their "user personalization" series today with a look at the gateway to your protected application - the login script.

This script does the very important job of authenticating a user and can make or break the application in the sense that if it is weak security wise, then any attacker can easily penetrate our application and cause damage. In this case, we will try to make it as difficult as possible for attackers to break our application.

Their script is a simple username/password form with some validation on the input - not empty, password is above a certain length and that the random number generated is the same as the one in the session. Only if it passes these is the user information checked via a database query. They also include a logout and user confirmation script that uses an md5 hash to validate the link.

In this recent tutorial from NETTUTS.com they show how to create a "better login system" that supports a bit of access control functionality to even further secure your site.

Net.tuts+ has published several great tutorials on user login systems. Most tutorials only deal with authenticating the user, which allows for two levels of security: logged in and not logged in. For many sites, a finer degree of control is needed to control where users can go and what they can do. Creating an access control list (ACL) system will give you the flexibility for granular permissions.

They walk you through the database creation (user information), coding the ACL and user authentication classes, how to check a user's permissions and how to create a user admin screen to allow for easy maintenance. You can find the complete source of the tutorial here.

Want the "quick and dirty" way to get OpenID support up and running on your WordPress blog? Check out this new post from Jamie Hemmett - short, sweet and to the point.

Some of the tools you'll need are the OpenID plugin, RoleScoper, Adminimise and some knowledge of working with the WordPress files directly to add in the OpenID support. You'll also need to set up your blog to accept new registrations.

Sample code is included for "OpenID-ing" the page with a new kind of login form.

NETTUTS.com has posted this new tutorial about using the CodeIgniter PHP framework to create a simple file hosting site (where a user can upload a file and it's linked and available for download immediately).

I have seen a few introductory tutorials for Codeigniter, and was hoping to show you something a little more advanced. This tutorial will show you how to build a powerful web application for hosting images, using the flexibility of Codeigniter. This tutorial should teach you about the MVC coding philosophy, integral to producing serviceable applications.

Henry (the author) walks you through the setup and configuration of the database and source, but you'll need to have a copy of the CodeIgniter framework working and have a basic knowledge of how it's all laid out. The mini-application includes a login form that authenticates off of a MySQL database and the actual upload form that lets users submit their files and display the ones currently available for download.

Several sites have areas that have content protected behind a login making them difficult to pull into a script. Juozas Kaziukenas has created an option to help you past this hurdle - a PHP class (that uses cURL) that can POST the login data to the script and pull back the session ID.

But how you are going to do all this work with cookies and session id? Luckily, PHP has cURL extension which simplifies connecting to remote addresses, using cookies, staying in one session, POSTing data, etc. It's really powerful library, which basically allows you to use all HTTP headers functionality. For secure pages crawling, I've created very simple Secure_Crawler class.

The class uses the built-in cURL functionality to send the POST information (in this case the username and password, but it can be easily changed for whatever the form requires) and provides a get() method to use for fetching other pages once you're connected.

On the NETTUTS.com website there's a new screencast posted that looks at making a user creation and authentication system in about 30 minutes. The screencast talks about PHP, .htaccess, sessions and their choice for storing user data - an XML file.

Building an entire membership system can be a tedious, and time-consuming task. Tim Cooper is going to show us how to build the ENTIRE thing in roughly thirty minutes. Rather than using MYSQL as our database, Tim will instead demonstrate an alternate approach: using an XML file. We'll be reviewing PHP, .htaccess files, sessions, and more!

As always you can download the source to work with it all locally.