PHP Login System Reloaded

Update: There’s a new version of this Login Script. Here’s a PHP Login System, based on the one developed by jpmaster77: PHP Login System with Admin Features Focusing only on the core functionalities and aimed to improve certain parts of the code, I took out some functionalities and added some others: Removed: Admin features Active […]

From our sponsor: Don't spend all day sending messages. Automatically reach out to fans based on how they behave.

Update: There’s a new version of this Login Script.

Here’s a PHP Login System, based on the one developed by jpmaster77: PHP Login System with Admin Features
Focusing only on the core functionalities and aimed to improve certain parts of the code, I took out some functionalities and added some others:

Removed:

  • Admin features
  • Active guests, active users, banned users
  • Global variables
  • Links to other pages after the login

All these can be easily reintegrated if you want. I focused on the login and registration part, leaving out the content “inside”.

Added:

  • PHP 5 instead of PHP 4
  • mysqli extension
  • Send registration confirmation link to the email address
  • Reset password feature without sending password to the email. Instead a link is sent to reset the password
  • UTF8 support
  • InnoDB transactions for database operations
  • Registration and form validations made with AJAX
  • jQuery
  • Captcha image in registration form to avoid spam

Here are the most important settings for the installation of the login system.
Set database access in constants.php:

define("DB_SERVER", "localhost");	//type mysql server url
define("DB_USER", "XXXXXXX");		//type mysql user
define("DB_PASS", "XXXXXXX");		//type mysql password
define("DB_NAME", "XXXXXXX");		//type mysql database name

Further, you have to set the right location of the following files for the mail sending functions:

define("RESETPASSWORDLINK","http://www.tympanus.net/loginsystem/resetpassword.php");
define("CONFIRMACCOUNTLINK","http://www.tympanus.net/loginsystem/php/confirm.php");

The only table that you have to create in your MySQL database is the following:

CREATE TABLE users(
pk_user int unsigned not null auto_increment,
email 	varchar(120) not null,
flname varchar(100) not null,
password varchar(64) not null,
usr_signup_date timestamp not null default CURRENT_TIMESTAMP,
usr_userid varchar(32),
# for the account confirmation:
usr_confirm_hash varchar(255) not null,
# after confirming its set to 1:
usr_is_confirmed tinyint(1) not null default 0,
# when the user resets password (forgot password):
usr_resetpassword_hash varchar(255) not null,
unique index(email),
primary key(pk_user)
)type=innodb DEFAULT CHARACTER SET utf8	COLLATE utf8_general_ci;

I will soon post a new version, as I am currently improving some points.

See a demo here: PHP Login System Demo

You can download the source code here: PHP Login System ZIP

Tagged with:

chadking

Chadking is an absolute geek that rarely leaves the comfort of his 3-screen desk. He is a self taught programmer and is addicted to all possible legal drugs.

http://tympanus.net/codrops/author/chadking/

Stay up to date with the latest web design and development news and relevant updates from Codrops.

CSS Reference

Learn about all important CSS properties from the basics with our extensive and easy-to-read CSS Reference.

It doesn't matter if you are a beginner or intermediate, start learning CSS now.

Feedback 71

Comments are closed.
  1. Hello,
    This is great! Very nice work! Thank you!
    I noticed that when resetting the password, the new password is converted to lowercase. (See line 228 and 229 in core.php).
    What points are you improving for the next version?
    Greetings!

    • Hi Roberte, thank you very much and you are very welcome!
      You were right, I already corrected that bug, and I updated the new version.
      For the next version, I’m currently reading about some php security issues which I would want to apply here. Also I want to do the following:

      1. Add more field types for the registration form
      2. Add back an improved version of the account editing for the user after logging in
      3. Improve the error handling
      4. Try to integrate some log functionality
      5. Try to improve some issues like the jquery code which I just started to use recently
      6. Additionally I’am currently implementing a simple script where the user registers and gets all his email contacts using the PHP library of OpenInviter.

      If you have any other ideas, please give me some feedback.

    • Hi,
      I´m not sure what you want to do, do you want all users to be redirected to one specific url, or do you want that according to the user that logs in one of several urls can be set? If you want only one then you should put something like header("Location: url to be redirected"); instead of header("Location: ".$this->referrer); in the processLogin function of core.php. If you have some criteria then I would suggest that you define the urls in the database, make some relation with the users, and then in that same function you could get the url for that User and redirect him.

  2. Hi chadking
    lemi give u thumbs up for ur time and effort! but i got a big problem.
    from JP login system; which should be the start-up page, coz it turns out that all the pages(files) from my server, i click on, brings errors, and these errors seem to be scripts from page for instant. if i click on main.php it brings something like this: and this is the same with the rest.

    logged_in){ echo ”
    Logged In
    “; echo “Welcome $session->username, you are logged in.

    ” .”[username\”>My Account] ” .”[Edit Account] “; if($session->isAdmin()){ echo “[Admin Center] “; } echo “[Logout]”; } else{ ?>
    Login
    num_errors > 0){ echo “”.$form->num_errors.” error(s) found”; } ?>
    Username: “> error(“user”); ?>
    Password: “> error(“pass”); ?>
    value(“remember”) != “”){ echo “checked”; } ?>> Remember me next time

    [Forgot Password?]

    Not registered? Sign-Up!

    “; echo “Member Total: “.$database->getNumMembers().”
    “; echo “There are $database->num_active_users registered members and “; echo “$database->num_active_guests guests viewing the site.

    “; include(“include/view_active.php”); ?>

    surprisingly i haven’t changed anything, i just used the folder he gave as an attachment.so am wondering if there is a place to begin from so that it follows the right processs.

    Back to your script;

    with the table, do i create the table you gave along with other tables in JPs system or I a just going to have completely one table here (users)?

    pls let me know if i am supposed to modify anything.

    thank you.

    • Hi gabriella, thank you.
      This script dosnt have any dependencies of the JP login system. So you dont need to modify anything, and for the database you just need that table. Just dont forget to change the constants.php like I explain in the post.
      About the problem you have with the JP script it seems that your php code is being displayed in the browser, which seems to me some kind of problem with your apache or php installation. Maybe you can take a look here or here.
      greetings.

  3. Thank you chadkid for the quick response.
    To the solution u gave me i mean two links. one was asking for php5ts.dll moved to system32 which is okay. and php.ini moved to windows. in mycase, instead of php.ini, i got php.ini-dist and php.ini-recommended. so should i move both of the .ini files?

    another solution was using the standard .php that is changing file extension to a .php. files. Now so far i have seen/been working with all files saved with a .php extension or which extension do they mean?

    Best regards.

  4. Hi chadking,

    Thanks for the fast response. Redirect with htaccess? What is the code you used?

    Greets

    • Hi,
      In my case I did in htaccess:
      RewriteCond %{HTTP_HOST} ^tympanus.net$
      RewriteRule ^loginsystem\/public_html\/index\.php$ "http\:\/\/www\.tympanus\.net\/loginsystem\/public_html\/index\.php" [R=301,L]

      hope it helps,
      greetings

  5. Hi chadking.

    i finally got the solution to my problem it actually had nothing to sever settings. some servers dont accept the short form in php opener (

    define(“RESETPASSWORDLINK”,”http://www.tympanus.net/loginsystem/resetpassword.php”); to

    define(“RESETPASSWORDLINK”,”http://localhost/loginsystem/resetpassword.php”); ???

  6. Hi,

    Thank you very much for making this great script. I have a few requests if you dont mind. Is it possible to shorten the link that you recieve when you are emailed? At the moment the link is massive!

    Is it possible to re-implement the admincp, and the links when you are in your usercp dont do anything (like edit details). When you register it would be nice to have to type in your email and password twice, and then have it check to see if its the same.

    Thank you again for this script, I look forward to an update.

    • Hi! Thanks,

      I will soon update the login script, probably next week… I was wondering of adding features like the ones I described in one of the comments here. I will also do what James suggests. if any of you guys have any other ideas or suggestions for the script, or for something further please let me know.
      Greetings

  7. Thank you for your reply. Im happy to donate too if you can release the update, thanks again for improving an already brilliant script.

  8. I dont know much about php but it would be good if it redirected to a members folder after login if successfull, and also it would be good if we didnt need the htaccess rewrite, not sure if thats possible.

  9. hello sir, chadking,
    im student. i just download your script and go through that. nice work sir :).
    i just want to knw sir is this work in localhost(WAMP) server? if it is what are the chanres i’ll want to make 🙂
    have nice time wit your workings sir

    • 🙂 call me chad!
      I tried with xampp and it works. You need to modify the constants.php file. You should have something like this:


      define("DB_SERVER", "localhost");
      define("DB_USER", "root"); //probably root if you didnt configure
      define("DB_PASS", ""); //probably empty if you didnt configure
      define("DB_NAME", "XXXXXXX"); //your local mysql database name

      ...

      define("RESETPASSWORDLINK","http://localhost/loginsystem/resetpassword.php");
      define("CONFIRMACCOUNTLINK","http://localhost/loginsystem/php/confirm.php");

      However (and with xampp), for sending the emails to confirm the account or reset the password:

      XAMPP doesn’t include a mail server. If you have access to an SMTP server that is wide open (as can be the case in some intranets) you can use SSMTP which is a simple and lightweight solution. Otherwise you need to install Postfix or something similar to provide proper support for outbound mail from php. The tricky part is configuring the local SMTP service to properly communicate with your “real” SMTP host out there somewhere.

      greetings

  10. in addition sir, i change constants.php as you sad.
    define(“DB_SERVER”, “localhost”); //my server url
    define(“DB_USER”, “root”); //my mysql user
    define(“DB_PASS”, “”); //no mysql password
    define(“DB_NAME”, “daka”); //my mysql database name

    after that, im also get the error

    logged_in){ echo ”
    Logged In
    “; echo “Welcome $session->username, you are logged in.

    ” .”[username\”>My Account] ” .”[Edit Account] “; if($session->isAdmin()){ echo “[Admin Center] “; } echo “[Logout]“; } else{ ?>
    Login
    num_errors > 0){ echo “”.$form->num_errors.” error(s) found”; } ?>
    Username: “> error(”user”); ?>
    Password: “> error(”pass”); ?>
    value(”remember”) != “”){ echo “checked”; } ?>> Remember me next time

    [Forgot Password?]

    Not registered? Sign-Up!

    “; echo “Member Total: “.$database->getNumMembers().”
    “; echo “There are $database->num_active_users registered members and “; echo “$database->num_active_guests guests viewing the site.

    “; include(”include/view_active.php”); ?>

    • Hi again,
      I think thats the same problem reported here before, you need to replace the <? for <?php in the beggining of the php files.
      greetings

  11. thanx a lot chad…… i’ll neverforget this help… im goin back to workings..i hope this tym it might be work
    🙂

  12. i would like to see admin features implemented again. thanks

    also, try to remove all jquery and make it simple and minimal

  13. Hi Chad,
    Please keep the jQuery, it is great!
    You did a great job with the functionalities you removed, and the ones you added. It is very nice to have a script stripped down to the most fundamental features.
    I agree with James about having to type in email and password twice, and then check to see if they match.
    I look forward to seeing the next update.
    Thanks again!

  14. dear sir chadking,
    i would like to further develop this login script for my assignment. can i have your assistance for this..

    • Hi,
      if you have concrete questions or doubts about the login script, sure, I can help you.

      P.S. Don’t get caught 😀

  15. dear sir, i am having problems inplementing this because after the initial config. the public page displays all the variables, and when i click the login button it shows a ton of code

    • Hi,
      you need to replace the <? for <?php in the beggining of the php files. if you want just download the source again because I just corrected that.
      greetings