What is the best way to incorporate an outside openSource php package such as Zen Cart into a website user login. I want to be able to have users that are already members login and enjoy their extra resources, but then when they click into one of the outside php packages i dont want the index asking them to login.

i guess i need to connect the userdatabases together. then i thought that might present a problem due to md5 hash passwords, or whatever else type of encryption i might run into. would i just set that same encryption into my main site registration page?

Ok, i thought, what if i use a pre exisating database such as the smf discussion board that will also be a part of the website and set my site registration form user and password inputs to use the SMF database user entries. This way, when a user registers for the site, they will actually be registereing onto the smf database, and therefore wont have to register a 2nd time when they click into the SMF discussion board for the first time.

is there another way to integrate outside php packages to a site login?
is sessions the answer?

Are these packages installed on your server? All you have to do is disable their default login system. However this makes them completely open, so I would also edit your 'main' login system that you are using to create a session. Then your external programs can very easily check to see if it is set and ready to go.

ok, thats what i was thinking.
yes, thepackages are on the server.
i am still building a main login system, actually i have built several, just trying to learn the ins and outs to make sure i dont foul up any obvious security standards.

what did you mean by external programs checking? you mean to check for the session? but i also have to edit those packages pages too and change the session headers right?

by external programs I meant the other 'packages' you were using outside of the login system. You would need to disable their login system and add the session headers instead, yes.

can very easily check to see if it is set and ready to go what did you mean by that? i was thinking there is something to this that i am missing by teh way you stated this. It being the login system? needing to check to see if the session exists before it will let me onto that outside app page by adding code to it that verifys a session cookie on it before it loads? Or??

Bear with me, im still trying to insert session cookies into my head.:lol: