phpSimpleAuthent

by Christopher Hill on 19th June, 2007

I was browsing a couple of PHP forums the other day, and it seems people require a simple authentication script for their website. So, I thought I would make just that.

The installation is very easy, just copying over the files, creating the database, and changing your server credentials which are found as attributes in the classes/Database.class.php file. All this information and more can be found in the _ReadMe.txt file.

Some of the features of the phpSimpleAuthent script are:

  • Very basic correct form validation,
  • User availability check,
  • Password hashing (MD5) coupled with password salting,
  • Database input escaping via mysql_real_escape_string(),
  • Escaping of all output via htmlentities(),
  • Character encoding protection,
  • Protection against XSS,
  • Session authentication

Just remember that this is the really, really bare essentials and is not necessarily meant for a live system. I would be interested in hearing some opinions about what you think are weak spots or flaws—there are a couple I have already found, and maybe when I have time I will create a 0.2 version.

Donload the script | See it in action

Related articles

Top | Post a comment | Permalink

User submitted comments

There are currently no comments, why not be the first?!

Penny for your thoughts

Comment posting guide

Your real name will be displayed as the author of the post. Real names are preferred, both first and second names, but nicknames/alter-egos are permitted. Any comments with the author name whose primary aim is to promote their website, and/or company will be removed.

If you supply a website URI then your real name will be clickable to that site. Only one sub-directory is permitted; e.g. http://www.example.org/directory.

Accepted comment input

  • <strong>…</strong>
  • <em>…</em>
  • <blockquote>…</blockquote>
  • <tt>…</tt>
  • <a href="…">…</a>
  • <code>…</code>




Recent articles

Other topics I ramble on about