In Progress

PHP MySQL User Authentication Script - custom

Basic 'secure' user authentication PHP/ MySQL script

REQUIREMENTS

-MySQL database - standard config. Password fields must be encrypted.

- All PHP programming

- No client-side scripting allowed (i.e. javascript)

--Email will serve as username. Password must have min. 8 chars, max. 16 chars. NO user self registration allowed.

////ADMINISTRATOR INTERFACE

-Administrator interface to create/ modify/ delete users and user information including password modification.

-- Lock or unlock (suspend) user accounts.

-- Ban IP list

--!!!Administrator account cannot be locked or banned.

Adminstration area - default page

-- 'select account' - dropdown select box of all accounts. upon selection opens editor for selected account.

-- 'Create new account' - opens account creator form with the following fields: email/ user name (same field), password, account name, contact name, save (submit button or link). Upon successful save, success message is displayed with "continue" button which will lead back to default admin page.

Account area (administration view/ editor)

-- Upon selecting existing account, user account form opens with the same fields as the New Account form with existing user information filled in. Exceptions: Modify user (submit button), Delete User (submit button with protective 'are you sure' warning), cancel (returns administrator to default page without any changes made.

-- There also must be an unique account ID for the database so that is not editable but viewable. All other fields, including email/ user can be edited by Admin.

////USER ACCOUNTS

***ADMINISTRATOR ACCOUNT ARE HANDLED SEPARATELY - User accounts will have one privilege level: 'user' - there is only one super-user/ admin and new ones cannot be created. They will be stored in separate table and must not have anyway of escalating permissions. Their only privileges are to login, logout, or to activate 'Forgot Password'

-- Admin user name will be 'admin_owner' - this will be a fixed username only editable directly in the database NOT in the admin interface.

--No user self-registration or management... all registration is handled by administrator

- 'Forgot password' feature sends current password to user via email, and notifies administrator the forget password was initiated (password is NOT sent to administrator). 'Forgot Password' link on login page.

- Use inherent PHP mail handler, or SMTP for sent mail, your choice

- This will run in SSL environment (all ready installed and working, just letting you know)

USER INTERFACE

- Login page - two fields 'username/ email' 'password' with submit button.

- Result of successful login: access to default page of OSticket installation. All access to OSticket USER AREA (NOT ADMIN) will be protected by this authentication. OSTicket staff/ admin area is not part of this at all.

- Result of failed login attempt: error message 'invalid login, please try again'.

SECURITY FEATURE/ FLOOD PROTECT - ACCOUNT PROTECT and SUSPEND

--- After 7 failed login attempts, account is temporarily suspended (no access for 30 minutes). Upon 6th failed attempt error warning will be displayed indicating that if another attempt fails the account will be suspended.

--Upon 7th failure, message 'Account has been suspended. Please contact the administrator to unlock your account or wait 30 minutes and try again.'. Administrator and user will be notified of account suspension by email including IP address of user. Login fields will become inaccessible to user who caused the suspension. This can be accomplished by ip banning.

-- Auto logout upon 30 minutes inactivity, and upon closure of browser.

-- Manual logout only upon closure of browser

NOTE: The entire authentication process must be handled outside of OSTicket and NOT dependent on OSticket code in anyway. (except for authentication 'require' code that must be added to OSticket pages). However, there may be a conflict with OSticket sessions. You have to find a way to work around this without modifying OSTicket code.

NOTE: All coding must be secure with appropriate anti-hacking measures. Database also must be secure as possible.

NOTE: All Code must be open-source for later modifications.

NOTE: All code must be free from links or references to the developer or company. Must be completely generic.

************************

Payment terms: Freelancer Milestone payment only. One payment created at start and released upon approval of completed project.

Skills: MySQL, PHP

See more: osticket user login, account banned administrator, mysql login failed please try, osticket forgot password, invalid login attempt please try, user authentication php mysql, mysql script view authentication, mysql custom user existing user, your email address is invalid, work freelancer php, who to create id on freelancer, who made freelancer, who created freelancer, to activate your account, the super source, suspended account freelancer, super source, super freelancer, start php programming, start coding for freelancer, smtp contact form php, serve as a freelancer, self made freelancer, script programming, script ip address

About the Employer:
( 126 reviews ) Albany, United States

Project ID: #672350

Awarded to:

quintin671

I have over 6 years of php/mysql experience and have created several user interfaces like this for clients including [url removed, login to view] I'm also currently a student majoring in computer science always looking More

$100 USD in 2 days
(10 Reviews)
3.9

30 freelancers are bidding on average $273 for this job

lightcresent

Expert in doing this sort of stuff... No upfront needed, all payments through GAF Milestone Payment (Escrow).. Online 16 Hours a day, Can start right away.. Thanks

$425 USD in 7 days
(411 Reviews)
8.8
toinnisfree

pls chk pmb

$300 USD in 5 days
(522 Reviews)
7.8
rockerstech

Yeah i can do it check out my best application of php ....

$270 USD in 10 days
(76 Reviews)
7.6
softwaredep

We are offering one stop solution for your all IT needs. See PMB for more information. Thank you.

$300 USD in 10 days
(95 Reviews)
6.9
MarcusPan

Great QUALITY & FASTEST delivery!! Marcus

$449 USD in 4 days
(129 Reviews)
6.5
mantislin

Hi sir, let me do it now! thanks, kimi.

$480 USD in 10 days
(120 Reviews)
6.4
utpal4job

Hello, I can do justice your project. Please refer PM. Thanks.

$300 USD in 7 days
(65 Reviews)
5.9
cygital

I can do it.

$160 USD in 10 days
(31 Reviews)
5.9
mindware97

We are a team of highly qualified professionals with years of experience in software development, web development, Graphics/Multimedia, and Data entry. We are dedicated to provide complete IT services to customer's nee More

$600 USD in 30 days
(13 Reviews)
5.8
leprakhauns

See PM for details.

$250 USD in 14 days
(46 Reviews)
5.4
ovinobo

we have a good team to do your project [url removed, login to view] come up on details on this project.

$500 USD in 10 days
(10 Reviews)
4.8
dangkhoaweb

Let me do it for you. Please view your PM

$250 USD in 5 days
(22 Reviews)
4.8
radus28

we are a small team of web developers and we are interested to develop this Authentication script, even it could be estimated more than your budget. We can do it to $250.00. I will send our work sample in next pm

$250 USD in 30 days
(11 Reviews)
4.5
albariconsulting

please check PMB for details

$350 USD in 10 days
(3 Reviews)
4.5
corpotec1993

hello , ready to start and finish.

$175 USD in 3 days
(27 Reviews)
4.4
jaibatrik

We are ready to start. Thanks.

$160 USD in 8 days
(2 Reviews)
3.8
kudretserin

Hi, Please see PM, Regards

$500 USD in 7 days
(24 Reviews)
3.6
nayeem123

Thank for this type of project.

$300 USD in 6 days
(4 Reviews)
3.4
eeshu

Definitely Do this...please provide me the details! you can see my reviews and portfolio in PMB: thanks

$170 USD in 5 days
(4 Reviews)
2.7
radostinbonev

Hi, I am high motivated and experienced WEB developer. I can do this job fully functional and professional. I also have experience in the security, so you can be sure that your site and its forms will be secured. Best More

$300 USD in 5 days
(1 Review)
2.4