Don't miss out on new Internet Tips and Tools. Sign up for the seabreezecomputers.com Internet Tips and Tools newsletter:
A message from Sea Breeze Computers
I apologize for the interruption. However, seabreezecomputers.com has been offering free tools
and downloads for many years. Unfortunately, server expenses are now starting to exceed revenue earned.
If you appreciate the free tools and downloads at seabreezcomputers.com please consider making a donation.
If everyone who visited this website donated just $1.00 then we could end this campaign in 1 week!
Thank you to all those who have donated.
This script is provided for free but please consider making a donation to
help with server costs and other expenses.
Open settings.php and edit the following variables:
$title = "Sea Breeze Login Script"; // Title of your website
$logo = "sea2.gif"; // Used as the logo in emails and on some pages
$folder = "images/"; // the images folder (including logo)
$email_activation = 1; // 1 = yes; 0 = no email activation. Just activate and log them in immediately
$from_email = "Your Name <email@example.com>"; // $from_email is only used if $email_activation is set to 1
$notify_email = ""; // Enter your email if you wish to be notified every time a user logs in
$db_username="abc_user"; // Name of your sql database user
$db_pw="password"; // password for your sql database
$server="localhost"; // Usually keep this as local host
$database="abc_login"; // The sql database you created
/* Salt is text that is added to passwords so that it is more difficult to decrypt them.
Change salt to any random text and numbers and make sure no one else knows it */
$salt = "random123";
The file settings.php is called by every other file included with this script. It will
automatically create a table called users in the mysql database.
Add the following code to the very top of your index page and every other page that will
be interacting with the user:
To add a login button to your index page and to have your page display
when the user is logged in with a logout button then add the following
code to your header or menu section:
echo "<font color='green'>Logged in as ".$_SESSION['display_name']."</font>".
' - <a href="logout.php">Logout</a>';
echo '<a href="login.php">Login</a>';
Note: login.php includes a link to register for a new account.
The very first user to register is created as an administrator and the rest
are created as users. So make sure that you are the first user to register.
After a user logs in you will have the following PHP session variables as set in log.php
available to your web pages:
$_SESSION['last_login'] = SQL DATETIME of users last login
$_SESSION['last_activity'] = SQL DATETIME of users last activity
$_SESSION['user_id'] = Users id (Row in users table)
$_SESSION['email'] = Users email address
$_SESSION['display_name'] = Users display name
$_SESSION['type'] = User type (User, Moderator or Administrator)
10/10/2014 - ver 1.0d - Previously the stay logged in cookie was created using salt and email address.
With that method a hacker that stole the database and the salt
would then be able to instantly login as any user by creating fake cookies.
Changed to store a version of the password that is stored in new
'cookie' column in MySql.
10/03/2014 - ver 1.0c - Changed $_SESSION['refer'] to $_SESSION['referer'] in log.php
07/28/2013 - ver 1.0b - Fixed security bug in cookie.php
07/26/2013 - ver 1.0 - Created PHP Login Script and realsed to public