- Secure php password hashing with salt
- Cross-site Request Forgery immune
- Sql Injection immune
Database column names needs to be username, email, password
Username is stored in $_SESSION['username']
You need to enter these values in the top of SLogin class before use
Variable | Description |
---|---|
$dbname |
Database containing user table |
$tablename |
Table containing all users |
$hostname |
Database host url / address |
$username and $password |
Entered database login credentials |
$successRedirect | |
$registerExceptionRedirect | |
$loginExceptionRedirect |
Errors are stored in $_SESSION['failure']
Error | Login or Register |
---|---|
email_username_empty |
Both |
password_empty |
Both |
email_empty |
Both |
username_empty |
Register |
password_no_match |
Register |
email_exists |
Register |
username_exists |
Register |
user_does_not_exist |
Login |
wrong_password |
Login |
invalid_csrf |
Login |
<?php include('SLogin.php') ?>
<html>
...
<form method="post">
<input type="hidden" name="token" value="<?php echo $_SESSION['token'] ?>">
<input type="text" name="email_username" placeholder=" Username " required autofocus>
<input type="password" name="password" placeholder=" Password " required>
<button type="submit" name="login_user"> Login </button>
</form>
Element Name | Used For |
---|---|
token |
CSRF Token for Cross-site Request Forgery protection |
email_username |
Input containing the email OR username of user |
password |
Input containing user password |
login_user |
Submit button for post login |
<?php include('SLogin.php') ?>
<html>
...
<form method="post">
<input type="text" name="username" placeholder=" Username " required autofocus>
<input type="text" name="email" placeholder=" Email " required>
<input type="password" name="password_1" placeholder=" Password " required>
<input type="password" name="password_2" placeholder=" Confirm password " required>
<button type="submit" name="register_user"> Register </button>
</form>
Element Name | Used For |
---|---|
username |
Desired username, has to be unique |
email |
Users email, has to be unique |
password_1 & password_2 |
Inputs containing the desired password |
register_user |
Submit button for post register |
Made for classmates but I still make updates sometimes :)