PHP Classes

PHP Secure Login and Registration: Register and login users in a database with PDO

Recommend this page to a friend!
     
  Info   Example   View files Files   Install with Composer Install with Composer   Download Download   Reputation   Support forum   Blog    
Ratings Unique User Downloads Download Rankings
StarStarStarStar 74%Total: 8,734 All time: 184 This week: 51Up
Version License PHP version Categories
php-secure-login 1.0.18The PHP License5PHP 5, Databases, User Management, Se..., P...
Description 

Author

This class can register and login users in a database with PDO. It can:

- Register users sending confirmation email
- The user accounts have a unique email, password, first and last name are stored in database table using PDO. It was tested to work with at least MySQL, PostgreSQL and SQLite.
- The user password is hashed before storing using password_hash function
- Activate account with verification code sent by email
- Perform secure login authentication using sessions and password_hash again to check the password
- It can block users after a configurable limit number of login attempts
- Logout users ending sessions

Picture of Ashraf Gheith
  Performance   Level  
Innovation award
Innovation award
Nominee: 1x

 

Recommendations

Create database table
Database table to store login information

Secure login on Web site and database
My site has been hacked many times

Example

<?php
   
require_once '../class/user.php';
    require_once
'config.php';

   
$email = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_EMAIL);
   
$password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);

    if(
$user->login( $email, $password) ) {
        die;
    } else {
       
$user->printMsg();
        die;
    }


Details

User class

This class can register and login users in a database with PDO. It can:

  • Register users sending confirmation email
  • The user accounts have a unique email, password, first and last name are stored in database table using PDO. It was tested to work with at least MySQL, PostgreSQL and SQLite.
  • The user password is hashed before storing using password_hash function
  • Activate account with verification code sent by email
  • Perform secure login authentication using sessions and password_hash again to check the password
  • It can block users after a configurable limit number of login attempts
  • Logout users ending sessions

A Secure PHP7 class for basic user login and registration.

Very easy to use as REST API, with AJAX and Bootstrap

PHP Tested: 5.6.19, 7.0.11

This PHP Secure Login class is available in the PHP Classes site

CONTENTS

1. VARIABLE DEFINITIONS
2. ALL METHODS
	2.1. User::dbConnect()
	2.2. User::getUser()
	2.3. User::login()
	2.4. User::registration()
	2.5. User::sendConfirmationEmail()
	2.6. User::emailActivation()
	2.7. User::passwordChange()
	2.8. User::assignRole()
	2.9. User::userUpdate()
	2.10. User::checkEmail()
	2.11. User::registerWrongLoginAttemp()
	2.12. User::hashPass()
	2.13. User::printMsg()
	2.14. User::logout()
	2.15. User::listUsers()
	2.16. User::render()
	2.17. User::indexHead(), User::indexTop(), User::loginForm(), User::activationForm(), User::indexMiddle(), User::registerForm(), User::indexFooter(), User::userPage()

1. VARIABLE DEFINITIONS

Variable definitions provided in the beginning of the class:

/ @var object $pdo Copy of PDO connection */
private $pdo;

/ @var object of the logged in user */
private $user;

/ @var string error msg */
private $msg;

/ @var int number of permitted wrong login attemps */
private $permitedAttemps = 5;

2. ALL METHODS

2.1. Public User::dbConnect($conString, $user, $pass)

Connection init function.

$conString DB connection string. $user DB user. $pass DB password.

2.2. Public User::getUser()

Return the logged in user.

2.3. Public User::login($email,$password)

Login function.

$email User email. $password User password.

2.4. Public User::registration($email,$fname,$lname,$pass)

Register a new user account function

$email User email. $fname User first name. $lname User last name. $pass User password.

2.5. Private User::sendConfirmationEmail($email)

Email the confirmation code function.

$email User email.

2.6. Public User::emailActivation($email,$confCode)

Activate a login by a confirmation code function.

$email User email. $confCode Confirmation code.

2.7. Public User::passwordChange($id,$pass)

Password change function.

$id User id. $pass New password.

2.8. Public User::assignRole($id,$role)

Assign a role function.

$id User id. $role User role.

2.9. Public User::userUpdate($id,$fname,$lname)

User information change function.

$id User id. $fname User first name. $lname User last name.

2.10. Private User::checkEmail($email)

Check if email is already used function.

$email User email.

2.11. Private User::registerWrongLoginAttemp($email)

Register a wrong login attemp function.

$email User email.

2.12. Private User::hashPass($pass)

Password hash function.

$password User password.

2.13. Public User::printMsg()

Print error msg function.

2.14. Public User::logout()

Logout the user and remove it from the session.

2.15. Public User::listUsers()

Returns an array of all available users in the DB.

2.16. Public User::render($path)

Simple template rendering function $path path of the template file.

2.17. Public User::indexHead(), User::indexTop(), User::loginForm(), User::activationForm(), User::indexMiddle(), User::registerForm(), User::indexFooter(), User::userPage()

Template functions depending on a config file to show different parts of HTML in the examples.


  Files folder image Files (22)  
File Role Description
Files folder imageclass (1 file)
Files folder imageexample (8 files, 3 directories)
Accessible without login Plain text file LICENSE Lic. License text
Accessible without login Plain text file login.sql Data SQL file
Accessible without login Plain text file README.md Doc. Documentation

The PHP Classes site has supported package installation using the Composer tool since 2013, as you may verify by reading this instructions page.
Install with Composer Install with Composer
 Version Control Unique User Downloads Download Rankings  
 95%
Total:8,734
This week:0
All time:184
This week:51Up
User Ratings User Comments (4)
 All time
Utility:95%StarStarStarStarStar
Consistency:95%StarStarStarStarStar
Documentation:90%StarStarStarStarStar
Examples:87%StarStarStarStarStar
Tests:-
Videos:-
Overall:74%StarStarStarStar
Rank:88