I did not make this, but thought I should post this here to share with this community :)
logSys is an amazing register / login script with the following feautures:
Login & Registering
Remember Me or not feature
Secure (uses PDO & hashes)
"Forgot Password ?" feature
Change password functionality
Custom fields for users' details storing table
Extra Tools such as E-Mail validation and Random String generator
Easily get user details
Update users' details easily
Auto redirection based on the login status of user
Show time since user joined
Protection from Brute Force Attacks
Disable login attempts for fixed time after failed 5 login attempts
Configure how cookie should be created
it's recommended that you have a basic knowledge of PHP in order to use this.
You can download it here.
Execute the following SQL code to create the table users where we will store the users' data :
Code:
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(10) NOT NULL,
`email` tinytext NOT NULL,
`password` varchar(64) NOT NULL,
`password_salt` varchar(20) NOT NULL,
`name` varchar(30) NOT NULL,
`created` datetime NOT NULL,
`attempt` varchar(15) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;
logSys remembers the table name through "db"->"table". By default it's set to "users". You can add extra columns according to your choice. After all, you can ask many info from users. For storing the reset password tokens, you need to create an extra table called "resetTokens". Here is the SQL code that you have to execute for creating it :
Code:
CREATE TABLE IF NOT EXISTS `resetTokens` (
`token` varchar(40) NOT NULL COMMENT 'The Unique Token Generated',
`uid` int(11) NOT NULL COMMENT 'The User Id',
`requested` varchar(20) NOT NULL COMMENT 'The Date when token was created'
) ENGINE=M
Initialize
Redirection based on the login status is needed for a login system. You should call the \Fr\LS::init(); at the start of every page on your site to redirect according to the login status. Here is an example :
Code:
<?php
require "class.logsys.php";
\Fr\LS::init();
?>
<html>
and continue with your HTML code. When a user not logged in visits a page that is not in the "pages"->"no_login" array, the user gets redirected to the login page mentioned in "pages"->"login_page" config value. If the user is logged in and is on a page mentioned in the "pages"->"no_login" array, he/she will be redirected to the "pages"->"home_page" URL.
Login Page
Now, we'll set up a login page. All you have to do is make a form and call the \Fr\LS::login() function with details at starting of the page. Example :
Code:
<html>
<head>
<title>Log In</title>
</head>
<body>
<div class="content">
<form method="POST">
<label>Username / E-Mail</label><br/>
<input name="login" type="text"/><br/>
<label>Password</label><br/>
<input name="pass" type="password"/><br/>
<label>
<input type="checkbox" name="remember_me"/> Remember Me
</label>
<button name="act_login">Log In</button>
</form>
</div>
</body>
</html>
Now, we process the login Data. Place this code at the top of the page before <html> :
Code:
<?php
require "config.php";
\Fr\LS::init();
if(isset($_POST['action_login'])){
$identification = $_POST['login'];
$password = $_POST['password'];
if($identification == "" || $password == ""){
$msg = array("Error", "Username / Password Wrong !");
}else{
$login = \Fr\LS::login($identification, $password, isset($_POST['remember_me']));
if($login === false){
$msg = array("Error", "Username / Password Wrong !");
}else if(is_array($login) && $login['status'] == "blocked"){
$msg = array("Error", "Too many login attempts. You can attempt login after ". $login['minutes'] ." minutes (". $login['seconds'] ." seconds)");
}
}
}
?>
The syntax for using the $LS->login() function is this :
Code:
\Fr\LS::login($username, $password, $remember_me, $cookies)
The $username parameter can be either the E-Mail (if "features"->"email_login" config value is boolean TRUE) or the username of user. It will return boolean TRUE if the login is success or FALSE if it's not.
The $remember_me parameter (default FALSE) should be set to boolean TRUE, if the user needs to be remembered even after the end of the PHP session ie user is automatically logged in after he/she visits the page again. But, to avail this, the config value "features"->"remember_me" must be set to boolean TRUE.
The $cookies parameter (default TRUE) makes the decision whether cookies should be created or not. This is useful, when you have to check if a username and password is correct without creating any cookies. This too needs a boolean value.
Register / Create Account
Now, we move forward to the register page. We use \Fr\LS::register() function for creating accounts. Here is the syntax :
Code:
\Fr\LS::register($username, $password, $extraValues);
The $extraValues variable is an array containing keys and values that are inserted with the username and password. Suppose, you made an extra column named "name" that is used for storing the user's name. Here is how you make the $extraValues array :
Code:
array("name" => $personName)
Note that email value is not passed directly to the register() function. You should include it with $extraValues array and the whole array becomes :
Code:
array("email" => $email, "name" => $name)
You create the HTML form and pass the values got from the form to this function and it will take care of everything else. \Fr\LS::register() returns "exists" if the username is already taken or if an account with the email given exists. Otherwise, if everything is successful, it returns boolean TRUE.
Check If User Exists
There is an in built function to check if there is a duplicate account with the username or email. Here is a sample syntax of it :
Code:
\Fr\LS::userExists($username)
You can also pass e-mail as the variable $username
Check If User is Logged In
You can check if user is logged in with the boolean value of \Fr\LS::$loggedIn :
Code:
if(\Fr\LS::$loggedIn){
// User logged in
}else{
// User not logged in
}
Log Out
You just need to call logout() for clearing the browser cookies and PHP session which means the user is logged out. Example :
Code:
\Fr\LS::logout();
You don't have to do anything else.
Sending E-Mails
When any components of logSys needs to send emails, it calls the \Fr\LS::sendMail() function with email address, subject and body in the corresponding order.
You can change the function used to send mails (default mail()) in \Fr\LS::sendMail() function.
Forgot/Reset Password
Normally, almost every user forgets their password. logSys have a special function that takes care of everything for you. Just call \Fr\LS::forgotPassword() at the place where you want to display the Forgot Password form :
Code:
<?php
require "config.php";
?>
<html>
<head></head>
<body>
<div class="content">
<?php
\Fr\LS::forgotPassword();
?>
</div>
</body>
</html>
You may call \Fr\LS::init() in the above page if you are sensitive about logged in users accessing the page. This function returns different strings according to the status of the resetting password process.
Here are they:
Change Password
logSys doesn't take care of everything. You have to make the form and pass the values to the \Fr\LS::changePassword() function. Here is an example :
Code:
<?php
require "config.php";
\Fr\LS::init();
?>
<!DOCTYPE html>
<html>
<head>
<title>Change Password</title>
</head>
<body>
<?php
if(isset($_POST['change_password'])){
if(isset($_POST['current_password']) && $_POST['current_password'] != "" && isset($_POST['new_password']) && $_POST['new_password'] != "" && isset($_POST['retype_password']) && $_POST['retype_password'] != "" && isset($_POST['current_password']) && $_POST['current_password'] != ""){
$curpass = $_POST['current_password'];
$new_password = $_POST['new_password'];
$retype_password = $_POST['retype_password'];
if($new_password != $retype_password){
echo "<p><h2>Passwords Doesn't match</h2><p>The passwords you entered didn't match. Try again.</p></p>";
}else{
$change_password = \Fr\LS::changePassword($curpass, $new_password);
if($change_password === true){
echo "<h2>Password Changed Successfully</h2>";
}
}
}else{
echo "<p><h2>Password Fields was blank</h2><p>Form fields were left blank</p></p>";
}
}
?>
<form action="<?php echo \Fr\LS::curPageURL();?>" method='POST'>
<label>
<p>Current Password</p>
<input type='password' name='current_password' />
</label>
<label>
<p>New Password</p>
<input type='password' name='new_password' />
</label>
<label>
<p>Retype New Password</p>
<input type='password' name='retype_password' />
</label>
<button style="display: block;margin-top: 10px;" name='change_password' type='submit'>Change Password</button>
</form>
</body>
</html>
Here is the syntax of the function :
Code:
\Fr\LS::changePassword($current_password, $new_password);
Just pass the current password and the new password and it will change the password if the current password provided is correct for the user who is currently logged in. Yes, the user must be logged in for using this function.
This function now returns only "notLoggedIn" string if the user is not logged in and boolean TRUE, if the password is changed.
Get User Details/Info
As I said in the introduction, you can add more columns to the table. This means that you have to get values from every columns. For this, I added an extra function to get all the fields of a particular row. To get the fields of current user, all you have to do is call \Fr\LS::getUser(). If you want details of other users, use :
Code:
\Fr\LS::getUser("column_name", $userID);
Note that, we are using $userID which is the id field of the row. If you use the column name as "*", you will get an array as the return value like this :
Code:
Array(
"id" => 1,
"username" => "subins2000",
"email" => "mail@subinsb.com",
"password" => "asd4845ghnvbmvolfpsdpsa0ffkfoeww89d9d25f1f56",
"password_salt" => "mv5r7(4565v"
)
More fields will be obtained once you add more columns to the table. If you need to get only a single field, you can use :
Code:
\Fr\LS::getUser("column_name");
Update User Details/Info
As a suggestion of adding this feature from Kevin Hamil, I have added a function to update the users' details :
Code:
\Fr\LS::updateUser($values, $userID);
The variable $values is an array containing the information about updation of values. If you need to update the "name" field to "Vishal", you can make the array like this :
Code:
$values = array(
"name" => "Vishal"
);
And the $userID variable contains the user's ID. By default, the value of it is the currently logged in user. Here is an example of updating the current user's information :
Code:
\Fr\LS::updateUser(array(
"name" => "Subin",
"birth" => "20/01/2000"
));
Extra Functions/Tools
Along with the main functions in logSys, some extra tools or functions are included.
Time Since User Joined
If you would like to display to the user how much time he has been a member of the site, you have to do the following : Create a column named "created" in your users database table and add the created value in registration :
Code:
\Fr\LS::register($username, $password, array("created" => date("Y-m-d H:i:s")))
Now, you can use the built in joinedSince() function of logSys to display the time since joined :
Code:
echo \Fr\LS::joinedSince()
Some example outputs :
Code:
10 Seconds
2 Minutes
4 Hours
25 days
7 Weeks
15 Months
Check if email is valid
Use \Fr\LS::validEmail() function for checking if an email address is valid or not. Usage :
Code:
\Fr\LS::validEmail("mail@subinsb.com")
Current Page URL
Get the full URL of the current page. Usage :
Code:
echo \Fr\LS::curPageURL()
Generate Random String
Generates a unique string. Usage :
Code:
\Fr\LS::rand_string(20)
Current Page Pathname
Get the path name of the current page. Usage :
Code:
echo \Fr\LS::curPage()
Some sample outputs :
Code:
/
/myfolder/mysubfolder/mypage.php
Redirect With HTTP Status
Redirects with the HTTP status such as 301, 302. Usage :
Code:
\Fr\LS::redirect("http://subinsb.com", 302)
That's all the extra tools.
Common Problems
Fatal error: Call to a member function prepare() on a non-object
This error happens because, PDO - used to connect to database by logSys couldn't connect to the database. Either your server doesn't have PHP PDO Extension or the database credentials given in "db" config value is not correct.
So, install PDO extension and check the database credentials given is correct.
Redirect Loop
This is the most common problem and the solution is simple. Why this error happened is because that the relative path names put in the "pages"->"no_login" config value array is wrong or the "pages"->"login_page" is wrong or "pages"->"home_page" has an invalid value. Here are some valid path names :
Code:
/
/index.php
/mypage/myfile.php
/login.php
/home.php
But, these path names are wrong :
i
Code:
ndex.php
http://mysite.com/mypage/myfile.php
//mysite.com/login.php
mysite.com/home.php
An easy way to find out the relative path name is to output $_SERVER['REQUEST_URI'] in the page which you want to get the path name of.
Once again I didn't make this, I posted this here so you guys could use this.
Credits to https://subinsb.com