Don't miss out on new Internet Tips and Tools. Sign up for the seabreezecomputers.com Internet Tips and Tools newsletter:
A message from Sea Breeze Computers
We apologize for the interruption. However, seabreezecomputers.com has been offering free tools
and downloads for many years. Unfortunately, server expenses are now starting to exceed revenue earned.
If you appreciate the free tools and downloads at seabreezcomputers.com please consider making a donation.
Please make a donation to reveal the download link.
Open settings.php and edit the following variables:
$title = "Sea Breeze Login Script"; // Title of your website
$logo = "sea2.gif"; // Used as the logo in emails and on some pages
$folder = "images/"; // the images folder (including logo)
$email_activation = 1; // 1 = yes; 0 = no email activation. Just activate and log them in immediately
$from_email = "Your Name <firstname.lastname@example.org>"; // $from_email is only used if $email_activation is set to 1
$notify_email = ""; // Enter your email if you wish to be notified every time a user logs in
$db_username="abc_user"; // Name of your sql database user
$db_pw="password"; // password for your sql database
$server="localhost"; // Usually keep this as local host
$database="abc_login"; // The sql database you created
/* Salt is text that is added to passwords so that it is more difficult to decrypt them.
Change salt to any random text and numbers and make sure no one else knows it */
$salt = "random123";
The file settings.php is called by every other file included with this script. It will
automatically create a table called users in the mysql database.
Add the following code to the very top of your index page and every other page that will
be interacting with the user:
To add a login button to your index page and to have your page display
when the user is logged in with a logout button then add the following
code to your header or menu section:
echo "<font color='green'>Logged in as ".$_SESSION['display_name']."</font>".
' - <a href="logout.php">Logout</a>';
echo '<a href="login.php">Login</a>';
Note: login.php includes a link to register for a new account.
The very first user to register is created as an administrator and the rest
are created as users. So make sure that you are the first user to register.
After a user logs in you will have the following PHP session variables as set in log.php
available to your web pages:
$_SESSION['last_login'] = SQL DATETIME of users last login
$_SESSION['last_activity'] = SQL DATETIME of users last activity
$_SESSION['user_id'] = Users id (Row in users table)
$_SESSION['email'] = Users email address
$_SESSION['display_name'] = Users display name
$_SESSION['type'] = User type (User, Moderator or Administrator)
10/10/2014 - ver 1.0d - Previously the stay logged in cookie was created using salt and email address.
With that method a hacker that stole the database and the salt
would then be able to instantly login as any user by creating fake cookies.
Changed to store a version of the password that is stored in new
'cookie' column in MySql.
10/03/2014 - ver 1.0c - Changed $_SESSION['refer'] to $_SESSION['referer'] in log.php
07/28/2013 - ver 1.0b - Fixed security bug in cookie.php
07/26/2013 - ver 1.0 - Created PHP Login Script and realsed to public