This is an old post from 2007. As such, it might not be relevant anymore.

I was browsing a couple of PHP forums the other day, and it seems people require a simple authentication script for their website. So, I thought I would make just that.

The installation is very easy, just copying over the files, creating the database, and changing your server credentials which are found as attributes in the classes/Database.class.php file. All this information and more can be found in the _ReadMe.txt file.

Some of the features of the phpSimpleAuthent script are:

  • Very basic correct form validation,
  • User availability check,
  • Password hashing (MD5) coupled with password salting,
  • Database input escaping via mysql_real_escape_string(),
  • Escaping of all output via htmlentities(),
  • Character encoding protection,
  • Protection against XSS,
  • Session authentication

Just remember that this is the really, really bare essentials and is not necessarily meant for a live system. I would be interested in hearing some opinions about what you think are weak spots or flaws—there are a couple I have already found, and maybe when I have time I will create a 0.2 version.

Donload the script | See it in action