A minimal PHP user authentication system
PHP JavaScript
Switch branches/tags
Nothing to show
Latest commit 5df1a71 Mar 12, 2013 @Pomax quote-wrapped 'for'


Simple user registration, log-in and operation authentication framework
                   (c) Mike "Pomax" Kamermans, 2011

This package offers a three file, basic user management system for
websites that use PHP in the backend.


The authentication script is very simple in use. Simply have the user.php
script sitting somewhere that your other scripts can access it, and then
start any independent PHP script with these lines:

	$USER = new User();

From that point on, there will be a $USER variable available in your script,
with the following properties:

  $USER->authenticated - a boolean value repesenting the user's login status.
  $USER->username - the user's user name, or "guest user" if not authenticated.
  $USER->email - the user's email address, or an empty string for guest users.
  $USER->role - the user's role. By default all new users have the role "user".
  $USER->userdir - the user's data directory, or false if not authenticated.

There is a second way to create a new user, which allows you to pass the
name of the function that should be called when a new user registers with
the system. This is something you typically use only in the script that
acts as main entry point:

	$USER = new User("registration_completed_function_name");

This will call your function as:

  registration_completed_function_name($username, $email, $userdir)

This provides your function with the newly registered user's username, email
address and data directory location. This lets you hook into the registration
process to ensure that any tasks that you need performed when a new user
joins (such as file or database manipulations for your own system) can be

Note that it doesn't matter whether you use a single entry script, or several
distinct scripts. If you have six scripts to perform various tasks as separate
files (meaning they don't require or include each other), simply add the
require_once(...) and new User() lines at the start of each file, and each
script will be able to deal with session-authenticated users. Simply make tasks
conditional on $USER->authenticated, and things will just work. This includes
scripts that you only call through GET and POST request via XHR ("ajax" requests).

  This code is hosted on github, at http://github.com/Pomax/Usered

  A demonstration can be foudn at http://pomax.nihongoresources.com/pages/usered

This project is licensed under the MIT ("Expat" version) license.