panique / php-login-minimal Goto Github PK
View Code? Open in Web Editor NEWAn extremely minimal login / register script in pure PHP.
An extremely minimal login / register script in pure PHP.
Hello. I've installed it just the way you told me to but as soon as i try to log in or register i get this message:
"Fatal error: Class 'mysqli' not found in C:\Users\pontus.jarl\PhpstormProjects\loginSystem\classes\Login.php on line 55"
It says the same thing on register but then it says :
"Fatal error: Class 'mysqli' not found in C:\Users\pontus.jarl\PhpstormProjects\loginSystem\classes\Registration.php on line 69"
I tried the advanced one and that one worked flawless until i came to the mail thing as i dont really know how to fix the mail thing as i've never worked with smtp before. Either way. Thank you in advance.
Hi
At first let me say thanks for your great codes.
I was looking around and saw this
$sql = "SELECT * FROM users WHERE user_name = '" . $user_name . "' OR user_email = '" . $user_email . "';";
$query_check_user_name = $this->db_connection->query($sql);
if ($query_check_user_name->num_rows == 1) {
$this->errors[] = "Sorry, that username / email address is already taken.";
line (91 to 95) of classes\Registration.php
What if the user and also the email where exist ? i suggest to use
if ($query_check_user_name->num_rows > 0) {
Let me know if its a good idea
Within the read me you mention a bug that makes mySQL5 a requirement due to PDO issues.
Within the scripts however you are using mySQLi. Ideally the proper PDO functions should be used. This would also allow for the script to work with other database engines such as postgres with minimal changes.
Hey, I was just wondering if this is still up to date because the last commit was over a year ago. Is this still secure and all of that or is it vulnerable? I am basically asking if I can use this as an example to learn from, to see how it should be done securely.
Seems like there is a error with the session_start(); when i insert the code:
if (!isset($_SESSION)) {
echo 'session not set';
} else {
echo print_r($_SESSION, true);
}
Aparently there is no session set, but when i insert session_start(); occurs another error :
A session had already been started - ignoring session_start()
Somebody please help me.
I was playing around with this code on a shared Dreamhost account and I got the error below.
Warning: session_start(): open(/tmp/sess_ayMdXoBWZJLulJ43Ha5sk3, O_RDWR) failed: Permission denied
/classes/Login.php on line 29
I fixed this by creating a tmp folder in my home directory. I'm not sure if this is secure, probably not, but it worked. Found more info here (http://stackoverflow.com/questions/6821532/php-warning-permission-denied-13-on-session-start)
session_save_path('path/to/my/home/directory/tmp');
// create/read session, absolutely necessary
session_start();
Would be really nice and awesome, if you added this package to composer/packagist. It would make it so much easier to intergrate into exsisting projects. I really like how tiny this version is compared to your huge one.
PDO is more secure can you add PDO to your php login repository or can i make an other repository for that?
Hello, liking this alot!
Is it possible to manually create users? I just don't know how to generate a password hash to store in the DB.
Also another question; how can I add more pages that you need to be logged in to see? <- figured that one out
hi,
I am totally new to PHP but with some effort I managed to get the php-minimal login page working. Thanks a lot for your efforts. Can I have a simple example as to how / which parts of the code do I need to use in other pages to check if the user has logged in?
I just have couple of days of experience with php so please forgive for the ignorant question. I assume this is the code that i have to use in all the pages? Btw do I need to put in the require statements as well?
// include the configs / constants for the database connection require_once("config/db.php"); // load the login class require_once("classes/Login.php"); // create a login object. when this object is created, it will do all login/logout stuff automatically // so this single line handles the entire login process. in consequence, you can simply ... $login = new Login(); // ... ask if we are logged in here: if ($login->isUserLoggedIn() == true) { // the user is logged in. you can do whatever you want here. // for demonstration purposes, we simply show the "you are logged in" view. include("views/logged_in.php"); } else { // the user is not logged in. you can do whatever you want here. // for demonstration purposes, we simply show the "you are not logged in" view. include("views/not_logged_in.php"); }
Thanks a ton,
rw
First of all, let me thank you for giving this amazing php form. It is the first that actually worked for me!!!!
I only got one (stupid) question. I want to adjust the index.php file with css so it looks better., but when I open the index.php file in a text editor I cannot see any html tags but only php.
How can I view the html code of index.php? So I can add some css.
(I'm a noob I know)
thnx for your code
Cool project,
There are only some small security issues.
That's all! Keep on the good work! ;)
Hello,
I was looking for simple register/login class already written and I stumbled on your repo, but what I found is wrong OOP, here is why:
registerNewUser
method in the constructor of 'Registration' class, this should be called from the php file where the POST is sentregisterNewUser
method is very long, why not split it in other methods and make those methods easy to understand and clean, class method should be smaller than one screen of codehope I helped someone
This doesn't work on my website that has a SSL encryption certificate.
Is it possible to do some changes in order to make it work? I just get a 403 error when trying to login
http://ww1.php-login.net/
is for sale
Hey,
Was just wondering what happened to the PHP Login Advanced repository. I am currently using it in my project and was worried maybe there is a security hole? Or was it taken down because it is no longer maintained? Thanks!
Years ago I used this project to address a website login background but now that I know more about security I get that we must passwords as a Hash of (password+salt) PLUS saving the salt in another column in order to be able to verify user.
If I am right about your code bellow(./classes/login.php) :
In line 84 it checks the direct hash of the password with the saved one. Also in the database we have no salt column.
May I ask to put some time to fix it or please put an alert at the beginning of the readme so people don't use it as a prefect example or in real world ?
Could someone please modify this project to make use of prepared statements?
Solved problem with Ubuntu 16.04
if you using tutorial: https://www.dev-metal.com/install-php-login-nets-1-minimal-login-script-ubuntu/
open terminal: sudo apt-get install libapache2-mod-php7.0
and retry install sudo apt-get install mysql-server php7.0-mysql is NOT use php5-mysql, because: E: Package 'php5-mysql' has no installation candidate ubuntu 16.04.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.