phpEmailUser, a simple user account management system.
written in php 5.3 / mysqli
This project was a "fun-project" that may be useful for some people. I wanted to keep things simple, so all it uses is php and mysql. I made my own "captcha" based on simple maths questions to user.
Anyway, since this is my first "larger" php project, I would be interested in comments about anything, especially security and user friendliness. I may extend the project with a multiple shipping-address management page, but priority right now is finding security problems and other bugs.
registers with an email address (email address functions as unique user name, no separate user name required). We may (optionally) require user to click an activation link sent with the registration confirmation email. Passwords are salted (user specific and page-wide salt) and sha512-hashed, and upon "Forgot Password", we send user a new autogenerated password. Upon "Lost activation link" user can request a new activation link. Activation keys expire after a limited time period. Also, if user tries to log in with wrong password too often, we block him/her for a limited time period (all settings in config file).
User can change his/her account data in a simple form. If user changes the registered email address, we send him/her a notification to both, new and old email address. Optionally (if user is required to confirm his new email address to re-activate the account), these emails contain links to re-activate the account with the new email address, as well as a link to undo the change and re-activate the account with the old email address, respectively. This should ensure that user can't lock him/herself out of his own account permanently by providing a faulty email address (e.g. because of typo).
can log in to a simple admin interface using username/password. Admin interface allows admin to change user's email activation status, block users permanently, reset failed login attempts (e.g. when user is temporarily blocked because of too many wrong password submissions), and set user levels. Setting a userlevel has no meaning to this user account management system but i implemented it and made it accessible to admin, since it may be useful for a downstream main application. Finally, admin can log in as any user.
Data fields that user has to fill in upon registration can be fully customized in array $fieldnames in config file. We can set order of fields, if field is visible, required and how it is labeled. The data that user enters are stored in 2 tables: Table "user" stores user data unique to each user (e.g. email, password), table "userdata" stores additional data (e.g. shipping address, phonenumber). A downstream main application could link more than one record in "userdata" to user, e.g. if multiple shipping addresses should be managed.
After successful login, we start a cookie-based session with user and open the startpage of the application (you can set url/name of startpage in config file).