PHP Classes

PHP Secure Login and Registration: Register and login users in a database with PDO

Recommend this page to a friend!
  Info   View files Example   View files View files (22)   DownloadInstall with Composer Download .zip   Reputation   Support forum (21)   Blog (1)    
Ratings Unique User Downloads Download Rankings
StarStarStarStar 74%Total: 8,718 This week: 1All time: 187 This week: 89Up
Version License PHP version Categories
php-secure-login 1.0.18The PHP License5PHP 5, Databases, User Management, Se..., P...
Description 

Author

This class can register and login users in a database with PDO. It can:

- Register users sending confirmation email
- The user accounts have a unique email, password, first and last name are stored in database table using PDO. It was tested to work with at least MySQL, PostgreSQL and SQLite.
- The user password is hashed before storing using password_hash function
- Activate account with verification code sent by email
- Perform secure login authentication using sessions and password_hash again to check the password
- It can block users after a configurable limit number of login attempts
- Logout users ending sessions

Picture of Ashraf Gheith
  Performance   Level  
Name: Ashraf Gheith <contact>
Classes: 9 packages by
Country: Bosnia and Herzegovina Bosnia and Herzegovina
Age: 41
All time rank: 131 in Bosnia and Herzegovina Bosnia and Herzegovina
Week rank: 32 Down1 in Bosnia and Herzegovina Bosnia and Herzegovina Equal
Innovation award
Innovation award
Nominee: 1x

Recommendations

Create database table
Database table to store login information

Secure login on Web site and database
My site has been hacked many times

Example

<?php
   
require_once '../class/user.php';
    require_once
'config.php';

   
$email = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_EMAIL);
   
$password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);

    if(
$user->login( $email, $password) ) {
        die;
    } else {
       
$user->printMsg();
        die;
    }


Details

User class

This class can register and login users in a database with PDO. It can:

  • Register users sending confirmation email
  • The user accounts have a unique email, password, first and last name are stored in database table using PDO. It was tested to work with at least MySQL, PostgreSQL and SQLite.
  • The user password is hashed before storing using password_hash function
  • Activate account with verification code sent by email
  • Perform secure login authentication using sessions and password_hash again to check the password
  • It can block users after a configurable limit number of login attempts
  • Logout users ending sessions

A Secure PHP7 class for basic user login and registration.

Very easy to use as REST API, with AJAX and Bootstrap

PHP Tested: 5.6.19, 7.0.11

This PHP Secure Login class is available in the PHP Classes site

CONTENTS

1. VARIABLE DEFINITIONS
2. ALL METHODS
	2.1. User::dbConnect()
	2.2. User::getUser()
	2.3. User::login()
	2.4. User::registration()
	2.5. User::sendConfirmationEmail()
	2.6. User::emailActivation()
	2.7. User::passwordChange()
	2.8. User::assignRole()
	2.9. User::userUpdate()
	2.10. User::checkEmail()
	2.11. User::registerWrongLoginAttemp()
	2.12. User::hashPass()
	2.13. User::printMsg()
	2.14. User::logout()
	2.15. User::listUsers()
	2.16. User::render()
	2.17. User::indexHead(), User::indexTop(), User::loginForm(), User::activationForm(), User::indexMiddle(), User::registerForm(), User::indexFooter(), User::userPage()

1. VARIABLE DEFINITIONS

Variable definitions provided in the beginning of the class:

/ @var object $pdo Copy of PDO connection */
private $pdo;

/ @var object of the logged in user */
private $user;

/ @var string error msg */
private $msg;

/ @var int number of permitted wrong login attemps */
private $permitedAttemps = 5;

2. ALL METHODS

2.1. Public User::dbConnect($conString, $user, $pass)

Connection init function.

$conString DB connection string. $user DB user. $pass DB password.

2.2. Public User::getUser()

Return the logged in user.

2.3. Public User::login($email,$password)

Login function.

$email User email. $password User password.

2.4. Public User::registration($email,$fname,$lname,$pass)

Register a new user account function

$email User email. $fname User first name. $lname User last name. $pass User password.

2.5. Private User::sendConfirmationEmail($email)

Email the confirmation code function.

$email User email.

2.6. Public User::emailActivation($email,$confCode)

Activate a login by a confirmation code function.

$email User email. $confCode Confirmation code.

2.7. Public User::passwordChange($id,$pass)

Password change function.

$id User id. $pass New password.

2.8. Public User::assignRole($id,$role)

Assign a role function.

$id User id. $role User role.

2.9. Public User::userUpdate($id,$fname,$lname)

User information change function.

$id User id. $fname User first name. $lname User last name.

2.10. Private User::checkEmail($email)

Check if email is already used function.

$email User email.

2.11. Private User::registerWrongLoginAttemp($email)

Register a wrong login attemp function.

$email User email.

2.12. Private User::hashPass($pass)

Password hash function.

$password User password.

2.13. Public User::printMsg()

Print error msg function.

2.14. Public User::logout()

Logout the user and remove it from the session.

2.15. Public User::listUsers()

Returns an array of all available users in the DB.

2.16. Public User::render($path)

Simple template rendering function $path path of the template file.

2.17. Public User::indexHead(), User::indexTop(), User::loginForm(), User::activationForm(), User::indexMiddle(), User::registerForm(), User::indexFooter(), User::userPage()

Template functions depending on a config file to show different parts of HTML in the examples.


  Files folder image Files  
File Role Description
Files folder imageclass (1 file)
Files folder imageexample (8 files, 3 directories)
Accessible without login Plain text file LICENSE Lic. License text
Accessible without login Plain text file login.sql Data SQL file
Accessible without login Plain text file README.md Doc. Documentation

  Files folder image Files  /  class  
File Role Description
  Plain text file user.php Class Class source

  Files folder image Files  /  example  
File Role Description
Files folder imagecss (1 file)
Files folder imageinc (8 files)
Files folder imagejs (1 file)
  Accessible without login Plain text file activate.php Example Example script
  Accessible without login Plain text file config.php Example Example script
  Accessible without login Plain text file index.php Example Example script
  Accessible without login Plain text file info.php Aux. Auxiliary script
  Accessible without login Plain text file login.php Example Example script
  Accessible without login Plain text file logout.php Example Example script
  Accessible without login Plain text file register.php Example Example script
  Accessible without login Plain text file user.php Example Example script

  Files folder image Files  /  example  /  css  
File Role Description
  Accessible without login Plain text file style.css Data Auxiliary data

  Files folder image Files  /  example  /  inc  
File Role Description
  Accessible without login Plain text file activationform.php Aux. Auxiliary script
  Accessible without login Plain text file indexfooter.htm Data Template
  Accessible without login Plain text file indexhead.htm Data Template
  Accessible without login Plain text file indexmiddle.htm Data Template
  Accessible without login Plain text file indextop.htm Data Template
  Accessible without login Plain text file loginform.php Aux. Template
  Accessible without login Plain text file registerform.php Aux. Auxiliary script
  Accessible without login Plain text file userpage.php Example Template

  Files folder image Files  /  example  /  js  
File Role Description
  Accessible without login Plain text file main.js Data Auxiliary data

 Version Control Unique User Downloads Download Rankings  
 95%
Total:8,718
This week:1
All time:187
This week:89Up
User Ratings User Comments (4)
 All time
Utility:95%StarStarStarStarStar
Consistency:95%StarStarStarStarStar
Documentation:90%StarStarStarStarStar
Examples:87%StarStarStarStarStar
Tests:-
Videos:-
Overall:74%StarStarStarStar
Rank:91