First of all you can work with the scripts that are already given to understand what I need.
I mostly want you to rewrite them, in good way, so they are maintainable, secure, fast and look nice + are good to develop.
They should be more secure and extended.
They are AWFULL!
I need security helpers and a good config file!
- Login, Signup, Password Forgot -
First of all I need a secure, fast and up-to-date login script.
It should work with mysqli, and use the password_default hashing algo.
Use functions classes, to provide a secure and safe login based on the login script in the /beta folder.
Also make the same for the signup page (beta folder) and make the forgot-password work with mysqli.
Add error messages, so people can see what doesn't work and or what they did wrong as an example no captcha, wrong password, passwords don't match. Maybe you can already check it up with js and fade the error messages in.
Add an email verification after signup.
On signup a row in the table users and user_data should be created which contains the user information.
Also you should add error messages, as an example on sign up -> passwords don't match, or on login -> captcha doesn't work, password or email are wrong.
People should stay logged in for 3 months.
After sucesfull log in, people should be headed to the home page.
- Home, Settings -
Here people should be able to see the links they've created(some small statistics, 2 exactly, and click on a edit button (/edit?id=xxx) (max 10. + see 5 more button & search function has to be added), but also overall user data such as clicks, actions and everything, not more.
On the settings page, people should be able to update and remove their passwords and emails.
I want you to rewrite the current code in a better way, make a good directory structure.
- Helpers, Classes, Functions
- Against MySQLI injection
That is all I need at the moment!