I was browsing a couple of PHP forums the other day, and it seems people require a simple authentication script for their website. So, I thought I would make just that.
The installation is very easy, just copying over the files, creating the database, and changing your server credentials which are found as attributes in the classes/Database.class.php file. All this information and more can be found in the _ReadMe.txt file.
Some of the features of the phpSimpleAuthent script are:
- Very basic correct form validation,
- User availability check,
- Password hashing (MD5) coupled with password salting,
- Database input escaping via mysql_real_escape_string(),
- Escaping of all output via htmlentities(),
- Character encoding protection,
- Protection against XSS,
- Session authentication
Just remember that this is the really, really bare essentials and is not necessarily meant for a live system. I would be interested in hearing some opinions about what you think are weak spots or flaws—there are a couple I have already found, and maybe when I have time I will create a 0.2 version.