1. Unzip secure-user-login-script.zip and upload all files to your site
  2. Create a database on your web server, as well as a MySQL user who has all privileges for accessing and modifying it.
  3. Then import tables.sql from extracted folder to your database
  4. Fill in the database details in "/classes/Config.class.php"

    • // SiteURL and Database Details
    • SITEURL = 'http://yoursite.com/scriptlocation/'
    • DB_HOST = 'localhost'
    • DB_NAME = 'YOUR_DATABASE_NAME'
    • DB_USER = 'YOUR_DATABASE_USER'
    • DB_PASS = 'YOUR_DATABASE_PASSWORD'

  5. Next, fill in your email details
    • // Email Details
    • SMTP_HOST = 'YOUR_EMAIL_SMTP_ADDRESS'
    • SMTP_USER = 'YOUR_EMAIL_USERNAME'
    • SMTP_PASS = 'YOUR_EMAIL_PASSWORD'
    • SMTP_PORT = '587'
    • SMTP_SECURE = 'tls'
    • EMAIL_HEADER = 'Secure User Login/SignUp'
    • CONTACT_EMAIL = 'YOUR EMAIL FOR CONTACT PAGE'

  6. Then there are some optional settings which you can change as per your need
    • ACTIVATION_VIA_EMAIL = true
    • REMEMBER_ME_DURATION = '30' //Days
    • RECAPTCHA_ON_LOGIN = true
    • RECAPTCHA_ON_SIGNUP = true
    • SOCIAL_LOGIN_ON_LOGIN = true
    • SOCIAL_LOGIN_ON_SIGNUP = true
  7. At last, get your Google reCaptcha keys from here and fill them in config file

    • // Google Recaptcha Config
    • RECAPTCHA_SITEKEY = 'GOOGLE_RECAPTCHA_SITEKEY'
    • RECAPTCHA_SECRETKEY = 'GOOGLE_RECAPTCHA_SECRETKEY'
  8. Thats It.The script should now be installed.You can now login admin account by following credentials:
    • Username: admin@example.com
    • Password: 123456

    Optional: Click here for One Click Social Login Setup

Step 1. Uploading via FTP

  1. Download the zipped pack to your local computer from codecanyon and extract the ZIP file contents to a folder on your local computer.
  2. In the extracted folder you will find 'user_login_register.zip' Extract this file .
  3. Using an FTP client to access your host web server
  4. Upload the files in the root folder of your website

Step 2. Setting Up the Database

  1. Open phpMyAdmin from cpanel or Database manager provided by your host
  2. Create a database and give it a name of your choice.If needed,also create the user for that database with all the previleges
  3. Select the Database you just created from the left menu and then Click on Import Tab
  4. To import all the necessary tables,Click on "Choose File" and select "tables.sql" from zipped package folder that you extracted
  5. Note down the four database details :
    • DATABASE HOST: localhost (mostly)
    • DATABASE NAME:
    • DATABASE USER:
    • DATABASE PASS:
  6. Fill all the Database Details gathered in previous step in "/classes/Config.class.php" file
  7. Also file in your email SMTP HOST along with email username and password

Step 3.Setting Up Email SMTP Configuration

  1. You need to fill in SMTP details of your email provider
  2. Here is the list of SMTP Configuration of famous email providers
  3. For Gmail
    • SMTP_HOST = 'smtp.gmail.com'
    • SMTP_PORT = '587'
    • SMTP_SECURE = 'tls'
  4. For Yahoo
    • SMTP_HOST = 'smtp.mail.yahoo.com'
    • SMTP_PORT = '587'
    • SMTP_SECURE = 'tls'
  5. For Live/Hotmail
    • SMTP_HOST = 'smtp.live.com'
    • SMTP_PORT = '587'
    • SMTP_SECURE = 'tls'

    If your email provider is not in this list,lookup for SMTP host for SecureTLS in List of SMTP Servers or do a quick google search

Step 4. Setting Up the Google ReCaptcha

  1. First, we need an API key, so head on over to https://www.google.com/recaptcha/admin.To gain access to this page you’ll need to be logged into a Google account. You’ll be asked to register your website, so give it a suitable name, then list domains (for example tutsplus.com) where this particolar reCAPTCHA will be used
  2. With that done you’ll be given a site key and its partner secret key:
  3. Fill in both the keys in "/classes/Config.class.php"

For One Click Social Login to work,you need to setup APP for each social provider.

1. Facebook App Setup

  1. Go to https://developers.facebook.com/apps and create a new application by clicking "Add New App".
  2. Then select WWW for App for your website
  3. Type in a name for your app
  4. Fill out any required fields such as the application name and description.
  5. Put your website domain in the Site Url field.
  6. Note: Enter your website link as either"http://www.example.com" or "http://example.com" and restrict the same on your website by setting 301 redirect.An .htaccess file is added in the folder, you can use it for 301 redirect.

  7. You must enter your email to allow social login
  8. Please check if everything is setup correctly in Status & Review
  9. Under Settings > Advanced Settings.Enter Valid OAuth redirect URIs
  10. Once you have registered, copy and past the created application credentials (App ID and Secret)
  11. Paste these details in "classes/Config.class.php"
    • FACEBOOK_APP_ID :'Fill in your App ID'
    • FACEBOOK_APP_SECRET:'Fill in your App Secret Key'

2. Google App Setup

  1. Go to https://console.developers.google.com/project
  2. Then select Credentials from API Manager & from left menu and Click on OAuth Consent Screen and enter Product Name to Users
  3. Now click on Credentials and then click on Create Credentials > OAuth Client ID
  4. Now in Authorised Javascript Origins enter your domain www.yourdomain.com
    And in Authorized redirect URIs enter https://www.yourdomain.com/vendor/hybridauth/?hauth.done=Google
  5. Note: Enter your website link as either "http://www.example.com" or "http://example.com" and restrict the same on your website by setting 301 redirect.An .htaccess file is added in the folder, you can use it for 301 redirect.

  6. Client ID Details will be displayed.Copy ID and Client Secret
  7. One Last step,Go to API's from left menu,and enable Google+ API and Contacts API
  8. Once you have registered, copy and past the created application credentials (App ID and Secret)
  9. Paste these details in "classes/Config.class.php"
    • GOOGLE_APP_ID :'Fill in your App ID'
    • GOOGLE_APP_SECRET:'Fill in your App Secret Key'

3. Twitter App Setup

  1. Go to https://dev.twitter.com/apps and create a new application
  2. Fill out any required fields such as the application name and description.
  3. Put your website domain in the Website field.
  4. Fill out any required fields such as the application name and description.
  5. Provide this URL as the Callback URL for your application: https://www.yourdomain.com/vendor/hybridauth/?hauth.done=Twitter
  6. Now the main hurdle is that Twitter does not give access to user's email address directly.For this you need to ask permission.So to do that go to https://support.twitter.com/forms/platform and Select "I need access to special permissions"
  7. After getting permission from Twitter dev support.You will be able to see "Request email addresses from users" option in your app's permission settings.To enable this you need to provide url to terms and policy of your site.
  8. Note: Enter your website link as either "http://www.example.com" or "http://example.com" and restrict the same on your website by setting 301 redirect.An .htaccess file is added in the folder, you can use it for 301 redirect.

  9. Once you have registered, copy and past the created application credentials (App ID and Secret)
  10. Paste these details in "classes/Config.class.php"
    • TWITTER_APP_ID :'Fill in your App ID'
    • TWITTER_APP_SECRET:'Fill in your App Secret Key'

4. LinkedIn App Setup

  1. Go to https://www.linkedin.com/secure/developer (or https://www.linkedin.com/secure/developer?newapp=) and create a new application
  2. Fill out any required fields such as the application name and description.
  3. Put your website domain in the Integration URL and OAuth Redirect URL fields.
  4. Provide this URL as the Callback URL in OAuth 2.0 for your application: https://www.yourdomain.com/vendor/hybridauth/?hauth.done=Linkedin
  5. Note: Enter your website link as either "http://www.example.com" or "http://example.com" and restrict the same on your website by setting 301 redirect.An .htaccess file is added in the folder, you can use it for 301 redirect.

  6. Fill out any required fields such as the application name and description.
  7. Once you have registered, copy and past the created application credentials (App ID and Secret)
  8. Paste these details in "classes/Config.class.php"
    • LINKEDIN_APP_ID :'Fill in your App ID'
    • LINKEDIN_APP_SECRET:'Fill in your App Secret Key'

5. Yahoo App Setup

  1. Go to https://developer.apps.yahoo.com/dashboard/createKey.html and create a new application.
  2. Fill out any required fields such as the application name and description.
  3. Put your website domain in the Application URL and Application Domain fields.
  4. Set Callback Url to this https://www.yourdomain.com/vendor/hybridauth/?hauth.done=Yahoo
  5. Note: Enter your website link as either "http://www.example.com" or "http://example.com" and restrict the same on your website by setting 301 redirect.An .htaccess file is added in the folder, you can use it for 301 redirect.

  6. Set the Kind of Application to Web-based and set permissions
  7. Once you have registered, copy and past the created application credentials (App ID and Secret)
  8. Paste these details in "classes/Config.class.php"
    • YAHOO_APP_ID : 'Fill in your App ID'
    • YAHOO_APP_SECRET:'Fill in your App Secret Key'

6. Foursquare App Setup

  1. Go to https://foursquare.com/developers/apps and create a new application by clicking "Create New App".
  2. Fill in necessary details and set redirect url to https://www.yourdomain.com/vendor/hybridauth/?hauth.done=Foursquare
  3. Note: Enter your website link as either "http://www.example.com" or "http://example.com" and restrict the same on your website by setting 301 redirect.An .htaccess file is added in the folder, you can use it for 301 redirect.

  4. Once you have registered, copy and past the created application credentials (App ID and Secret)
  5. Paste these details in "classes/Config.class.php"
    • FOURSQUARE_APP_ID : 'Fill in your App ID'
    • FOURSQUARE_APP_SECRET:'Fill in your App Secret Key'

6. Vkontakte App Setup

  1. Go to https://vk.com/dev and create a new application by clicking "Create an Application".
  2. Fill in title and website domain details.
  3. Note: Enter your website link as either "http://www.example.com" or "http://example.com" and restrict the same on your website by setting 301 redirect.An .htaccess file is added in the folder, you can use it for 301 redirect.

  4. A verification code will be sent to your mobile.Verify it
  5. Once you have registered, copy the created application credentials (App ID and Secret)
  6. Paste these details in "classes/Config.class.php"
    • VKONTAKTE_APP_ID : 'Fill in your App ID'
    • VKONTAKTE_APP_SECRET:'Fill in your App Secret Key'
  • Here is the Screenshot of Sign Up Screen
  • After filling up the details.An email will be sent to user with activation link.This will assure that email entered by user is valid
  • Here is the Screenshot of Login Screen
  • After filling up the details.The user will be redirected to home page with Welcome message

Remember Me

  • Check this option if you want to be logged in even when you close the browser.By default it will remember users for one month from last login.But if you want you can increase it

Forgot Password

  • If the user forgot the password.He can reset the password with Forgot Password Option.
  • If the email address entered exists in database,a mail will be sent to user with a reset password link,which will be automatically expire on one hour

Resend Activation Email

  • If by any chance, the user didn't recieved the activation email.User can re-send the activation email with Resend Activation Email Option.
  • Here the user has the option to view its profile details.

Change Password

  • User can also change its password.For that user have to enter its current password along with new password

View Users

  • Here Admin can view the list of registered users

Edit Users

  • Here Admin can edit user details

Edit Privileges

  • Here Admin can also grank and revoke privileges like granting admin privileges to a user,make a user inactive so that user wont be able to login anymore
  • Note: Admin can't revoke its own privileges

Delete User

  • Admin can also delete the users
  • Note: Admin can't delete its own account

Send Email to Individual User

  • Admin can send email to individual users
  • Note: You can user {username} and {useremail} shortcodes anywhere in the mail to display user's name and user's email address

Send Email to all Users

  • Admin can send email to all users
  • Note: You can user {username} and {useremail} shortcodes anywhere in the mail to display user's name and user's email address

  1. If you want a webpage to be viewed by only registered users,then add the following code to the top of your webpage

  2. <?php
    require_once('includes/init.php');
    Auth::getInstance()->requireLogin();
    ?>

  1. If you want a webpage to be viewed by only Guest users,and not by logged in users

  2. <?php
    require_once('includes/init.php');
    Auth::getInstance()->requireGuest();
    ?>

  1. If you want a webpage to be viewed by only registered users,then add the following code to the top of your webpage

  2. <?php
    require_once('includes/init.php');
    Auth::getInstance()->requireLogin();
    Auth::getInstance()->requireAdmin();
    ?>

  1. If you want a webpage to be viewed by users by users with manager priviledges,then add the following code to the top of your webpage

  2. <?php
    require_once('includes/init.php');
    Auth::getInstance()->requireLogin();
    Auth::getInstance()->requireManager();
    ?>

  1. If you want a webpage to be viewed by users with subscriber priviledges,then add the following code to the top of your webpage

  2. <?php
    require_once('includes/init.php');
    Auth::getInstance()->requireLogin();
    Auth::getInstance()->requireSubscriber();
    ?>