Nowadays more hacking stories are coming in the news. We need to provide a best way of security to our websites. Suppose your websites has a user access, we need to focus mainly on security sides. Many of the users datas has been cracked and compromised by the hackers. Inorder to avoid that dangerous scenarios we must encrypt the user password before store in our database. One of the best technologies current we are using is salted password hashing. Salt shoud be generated using a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG). SPRNGs are designed to be cryptographically secure, meaning they provide a high level of randomness and are completely unpredictable.

Features included in this application are:

• 1. Sending Confirmation email for the registered users
• 2. The user account in database must be unique with email, and store first and last name in database
• 3. The user password is hashed before storing using password_hash function
• 4. User account is been activated once entered the verification code that send to mail.
• 5. Perform secure login authentication using sessions and password_hash again to check the password.
• 6. Block a user when user exceeds the limited number of login attempts
• 7. Logout user destroy sessions

Database View

Confirmation Mail View

Methods that we used are:

User::dbConnect()
User::getUser()
User::registration()
User::sendConfirmationEmail()
User::emailActivation()
User::passwordChange()
User::assignRole()
User::userUpdate()
User::checkEmail()
User::registerWrongLoginAttempt()
User::hashPass()
User::printMsg()
User::logout()
User::listUsers()
User::render()
User::indexHead(), User::indexTop(), User::loginForm(), User::activationForm(), User::indexMiddle(), User::registerForm(), User::indexFooter(), User::userPage()

By Thirumani Raj posted on - 7th Jan 2017

Live Demo Download Script