A simple home made PHP/MySQL login script to protect your web page content from spam and bot registrations so that only registered users can view the content of your site.. It is free of charge and you can use it on any commercial or personal projects!
Features
User registers with their chosen username, email and password. The script checks for existing username or email, if exists, it denies them registering an account. The username is restricted to only alphabets, numbers and underscore. No special characters allowed.
I have left spaces for header, footer, left menu and right menu in table layout so that you can easily insert your logo, header and footers depending on your website.
Features
- Quickly Integrate to any Website.
- User Registration Form with reCaptcha feature.
- Login with remember me feature.
- Easy to customize for your needs.
- Login protect your web pages
- Login by either username or email.
- Javascript validation of fields.
- MyAccount area for users.
- Username checkup and registration
- Email confirmation code and activation of account
- Admin area to manage users with Ban user option
- Forgot password option (resetting password for users)
- Change Password option for users
- Neatly formatted error Messages
Requirements
- MySQL Database 3+
- Linux server Apache Web server
- PHP scripting language
- reCaptcha Keys + php library (register for free)
- JQuery for javascript validation.
How it works
Registration:
Registration:
User registers with their chosen username, email and password. The script checks for existing username or email, if exists, it denies them registering an account. The username is restricted to only alphabets, numbers and underscore. No special characters allowed.
And of course, they have to verify their captcha image.
The password is stored in md5 format during registration and we send an 4 digit random activation code to their email address.
Login:
The script determines whether username or email is entered and it checks for existing account. When the user enters his password, the script converts the password to md5 string and then compares this to the md5 of the password stored in the database. We never want to know or store the real password of users. That is why we are using md5.
Once logged in we are registering a session and a Cookie with remember me feature.
Admin area:
You can manage the users like activating accounts of pending users, create user and ban them. I have kept it so simple and nothing fancy in the admin area. You have to set admin login and password in the script to login. Most the admin functions are made to work with javascript.
Error Messages:
The error messages are neatly formatted for the users.
The password is stored in md5 format during registration and we send an 4 digit random activation code to their email address.
Login:
The script determines whether username or email is entered and it checks for existing account. When the user enters his password, the script converts the password to md5 string and then compares this to the md5 of the password stored in the database. We never want to know or store the real password of users. That is why we are using md5.
Once logged in we are registering a session and a Cookie with remember me feature.
Admin area:
You can manage the users like activating accounts of pending users, create user and ban them. I have kept it so simple and nothing fancy in the admin area. You have to set admin login and password in the script to login. Most the admin functions are made to work with javascript.
Error Messages:
The error messages are neatly formatted for the users.
Integrate to your Website
I have left spaces for header, footer, left menu and right menu in table layout so that you can easily insert your logo, header and footers depending on your website.
Installation Instructions
Here is how you install the script in your website.
1. MySQL database setup
(i) Create database table
Download and unzip the php login script and you can import the whole dbsql.sql or open the file in notepad and copy the lines and paste into the SQL of database. It will create users table and your admin login.
If you have cpanel you can access phpmyadmin directly this way - point your browser to http://domain.com:2082/3rdparty/phpMyAdmin/
(ii) Database settings
Open dbc.php and set values inside the quotes for your mysql settings.
you will get these information from your hosting provider. Make sure you give full access rights to the database user. If you have cpanel, just login and create database and database user.
Here is how you install the script in your website.
1. MySQL database setup
(i) Create database table
Download and unzip the php login script and you can import the whole dbsql.sql or open the file in notepad and copy the lines and paste into the SQL of database. It will create users table and your admin login.
If you have cpanel you can access phpmyadmin directly this way - point your browser to http://domain.com:2082/3rdparty/phpMyAdmin/
(ii) Database settings
Open dbc.php and set values inside the quotes for your mysql settings.
- database name
- database user
- database password
you will get these information from your hosting provider. Make sure you give full access rights to the database user. If you have cpanel, just login and create database and database user.
example:
define ("DB_HOST", "xxxxx"); // set database host
define ("DB_USER", "xxxx"); // set database user
define ("DB_PASS","xxxx"); // set database password
define ("DB_NAME","xxxx"); // set database name
3. Setting up reCaptcha for your Script
(i) Download recaptcha php library (https://developers.google.com/recaptcha/docs/php), unzip and copy the single php file recaptchalib.php into login script folder. This is very important, without which the login script will not work
(ii) Go to recaptcha.net, register a free account, and you will get public and private keys. Make a note of that and set it here inside dbc.php
4. Configuration settings
Open dbc.php and you have to configure the php login script.
(i) Automatic or Manual registration
(ii) Other Settings (optional only)
These are the other settings in the script if you want you can change it like cookie expiry time, specify admin levels and much more..
I have left spaces for header,footer inside each of the pages. You can place there logos, footer or whatever you want depending on your website.
6. Thank you page.
Upon registering, the users will be taken to thankyou.php page and you can customize it to whatever that suits your needs.
7. Login protect a new page
Lets say you have a new page page1.php, and you want only the logged in users to access it. To get this done, just add this one line of code and it should be VERY TOP of your page1.php. Any other html code or php code should be below it.
8. Display MyAccount menu to all logged in users
You want to show the myaccount menu to all those logged in users with links to change password, logout, settings etc... To show the menu place this code anywhere in your page1.php.
Only logged in users will see this menu.
Take a look at myaccount.php and see how this menu shows up on the left side.
9. Access Admin area
Just login as administrator with username admin and password admin123 and you will see Admin CP link below your myaccount.
You MUST change the password for admin once logged in.
(i) Download recaptcha php library (https://developers.google.com/recaptcha/docs/php), unzip and copy the single php file recaptchalib.php into login script folder. This is very important, without which the login script will not work
(ii) Go to recaptcha.net, register a free account, and you will get public and private keys. Make a note of that and set it here inside dbc.php
$publickey = "xxxxxxxxxxxxxxxxxxxxxxxxxxx"
$privatekey = "xxxxxxxxxxxxxxxxxxxxxxxxx";
4. Configuration settings
Open dbc.php and you have to configure the php login script.
(i) Automatic or Manual registration
/* Registration Type (Automatic or Manual)
1 -> Automatic Registration (Users will receive activation code and they will be automatically approved after clicking activation link)
0 -> Manual Approval (Users will not receive activation code and you will need to approve every user manually)
*/
$user_registration = 1; // set 0 or 1
(ii) Other Settings (optional only)
These are the other settings in the script if you want you can change it like cookie expiry time, specify admin levels and much more..
5. Integrate to your websitedefine("COOKIE_TIME_OUT", 10); //specify cookie timeout in days (default is 10 days)
define(SALT_LENGTH, 9); // salt for password
I have left spaces for header,footer inside each of the pages. You can place there logos, footer or whatever you want depending on your website.
6. Thank you page.
Upon registering, the users will be taken to thankyou.php page and you can customize it to whatever that suits your needs.
7. Login protect a new page
Lets say you have a new page page1.php, and you want only the logged in users to access it. To get this done, just add this one line of code and it should be VERY TOP of your page1.php. Any other html code or php code should be below it.
If any users who have not registered and accesses this page1.php, they will be redirected to login page.<?php
include dbc.php;
page_protect();
?>
// place html or other php code below this.
8. Display MyAccount menu to all logged in users
You want to show the myaccount menu to all those logged in users with links to change password, logout, settings etc... To show the menu place this code anywhere in your page1.php.
Only logged in users will see this menu.
You can add more links you want like submit etc..<?
if (isset($_SESSION[user_id])) {?>
<div class="myaccount">
<p><strong>My Account</strong></p>
<a href="myaccount.php">My Account</a><br>
<a href="mysettings.php">Settings</a><br>
<a href="logout.php">Logout </a>
<p>You can add more links here for users</p></div>
<? } ?>
Take a look at myaccount.php and see how this menu shows up on the left side.
9. Access Admin area
Just login as administrator with username admin and password admin123 and you will see Admin CP link below your myaccount.
You MUST change the password for admin once logged in.
Download PHP Login Script