SAFE The Login Class

Last Update
15 March 2013
Regular License
$6
Extended License
$30
Sales
2

We all know this: Your just writing a simple to script speed things up or to have a fancy GUI for some tasks. You want to have control over your stuff from everywhere you are. Often the problem is that you have to write a auth-system as well and this can get boring and need a bit of time. To do it once is ok, but what if you have to do this a second time or third? Often you cannot just copy the files, because the links would be broken or whatever…

The solution is a very simple but still customizable login class. This script has one essential script login.php All you have to do in order to protect your site is one line of code: <?php include_once 'login.php'; $login = new login(array('demo', $_POST['password'], 'preset')); ?> First of all include the file and create a new object from the class. The first element in the array is the ‘correct’ password, the second one is the password entered by the user. The best way is probably to pass the $_POST data directly in the object/class. The 3trd element in the array is for advanced user and them who want to customize their login prompt. preset will use the default prompt (see Live Preview). You can point the script to a different login form by typing a URL in. Make sure, that the form action e.g. ‘process.php’ has the object/class implemented.

To use another mode no code changes are required. You only have to change the arguments in the call if the class. The arguments you need are explained in the documentation.

In Version 3.2 we added a lot of new functions and features.

The biggest change is here the database support! The script can now get all users from a database. Since this script is using the PDO to connect to the database. You have to create a table in the database by executing a SQL command, which cam be found in the documentation. All you have to do to register a new user is to run a specific function and append ?register to the URL in a future version their will be an GUI to do this.

The next new thing is the single usermode with username and password prompt

Security:

The sessions are named with a semi-unique hash. I won’ t tell you the hole way it’ s generated, but I can tell you that you can change the salt very easily: $login->generateSalt('your_salt'); The passwords in the databases are salted with a unique salt for each user and a complex hashing engine (NOT just md5() :D)

You can also change the default session name by calling the function changeSessionName(): $login->changeSessionName('yourname'); This function won’ t be available when multiuser is implemented and enabled!

To set a cookie is also implemented but not fully. To set a cookie call the function setCookie(). The class will ignore the cookie in this version of the script v3.2

If you want to be super fancy and don’ t wanna change the password on every site you use with this script you can create a file e.g. ‘login-ctrl.php’ and type the lines above in and include only this file.

To logout simple append ?logout to a url where the class is implemented or call the function logout()

The theme for the login form is based on Twitter Bootstrap and uses the Bootstrap CDN (bootstrapcdn.com) for serving the css.

And that’s it for now. Very easy to use and customizable. Stay tuned for future free updates and multiuser support.

The password for the demo is ‘demo’!