1. MySQL backend where passwords are hashed and salted.
2. Configurable timeout of the session
3. Stylish login interface with forgot password function
4. No public user registrations. However, a backoffice management system for administration of users is needed. User data is already handled, only username, password etc need to be handled. (See table structure below)
5. Store the UserID field in the session
6. All the files that I will protect should only have one line of code to check if the user is authenticated. Example: require('[url removed, login to view]');
7. Block the user if more than X login attempts (configurable). If the user is blocked, the backoffice user admin system can be used to unblock the user when he contact us.
8. Generate unique signature of the user based on IP address and the browser then append it to session. This will be used to authenticate the user session to make sure it belongs to an authorized user and not to anyone else.
Well this is some of my points. Should you have any further suggestions regarding functionality and security, I'm open for hearing you. Once the winning bidder have a prototype or complete login system, I will provide access to a test server with MySQL access for testing it.
The table that the users will be stored in has the following structure:
CREATE TABLE IF NOT EXISTS `ENTITY` (
`IDENTITY` int(11) NOT NULL AUTO_INCREMENT,
`ENTITYNAME` varchar(100) DEFAULT NULL,
`ADDRESS1` varchar(100) DEFAULT NULL,
`ADDRESS2` varchar(100) DEFAULT NULL,
`DISTRICT` varchar(50) DEFAULT NULL,
`CITY` varchar(50) DEFAULT NULL,
`POSTALCODE` varchar(10) DEFAULT NULL,
`IDCOUNTRY` int(11) DEFAULT NULL,
`CONTACTPERSON` varchar(50) DEFAULT NULL,
`OFFICEPHONE` varchar(20) DEFAULT NULL,
`OFFICEFAX` varchar(20) DEFAULT NULL,
`CELLPHONE1` varchar(20) DEFAULT NULL,
`CELLPHONE2` varchar(20) DEFAULT NULL,
`EMAILADDRESS1` varchar(50) DEFAULT NULL,
`EMAILADDRESS2` varchar(50) DEFAULT NULL,
`DATEREGISTER` date DEFAULT NULL,
`IDENTITYTYPE` int(11) DEFAULT NULL,
`USERNAME` varchar(20) NOT NULL,
`PASSWORD` varchar(255) NOT NULL,
PRIMARY KEY (`IDENTITY`),
KEY `USERID` (`USERNAME`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ;
Feel free to add other fields or tables for the login system to work. The value in the IDENTITY field will the value added to the sessions UserID variable
23 freelancers are bidding on average $110 for this job
Hi, Please check my reviews to have an idea of my expertise. Please check below link as a sample. http://boundinsurance.com/customers/. if interested PM me to start your work.
Hello Hiring Manager, please visit your PMB for more details about my work ,skills and expertise. I have read your given core description of assignment our best and will surely give better results.
Hi, Thanks for the opportunity to bid on your project. I have gone through your requirement details and ready to start the work. Please check PMB for details. Thanks
We are very interested to do this project.Please open chat for further communication. Looking forward to hear from you over the PMB. Waiting for your invitaion and award.