The application


SimpleUsers needs PHP 5, MySQL (no special version needed) and the MySQL Improved extension (


Basic knowledge of PHP is required. Assuming that you know basic PHP, you most likely do know your way around HTML.

Is it secure?

SimpleUsers doesn't store password in clear text which makes the application secure for you AND your users.
Every user gets a unique 128 character long salt prepended to their chosen password, which then gets stored in the database as a SHA1 hash. The hashing is one way.
Additionally, to avoid SQL injection attacks, SimpleUsers uses prepared statements, when communicating with the database.

CSRF (Cross-site request forgery) protection has been integrated - the methods doesn't require user is logged as CSRF also could be prefered in other situations.
The CSRF protection works only with POST data (as GET data already is too easy to manipulate).

Please be aware that SimpleUsers isn't a fullblown application; it's not safer than what you use SimpleUsers in.
When developing your application, think of SimpleUsers as an aid in adding user management to your application.

How to install

It's simple.
What you need to do, is to edit the configuration file, located at simpleusers/, then run the install script which is located at simpleusers/install.php

How do I use it?

Include and use

You simply make sure that your sessions has been started (, include the, located at simpleusers/ and finally, you create an instance of the SimpleUsers object - now you're ready to go.

Sample files are included with this package

The following files are simply sample files and should not be used as useradministration `as is`.
The sample files are only for reference and learning purposes, so you can build SimpleUsers into your own application.

Not all the methods available in SimpleUsers is covered in these files.
A full reference can be found in reference.html.


Please make sure you configured the config file!

It might seem like a trivial thing to mention, but when things doesn't work as expected, the most likely cause is a misconfigured configuration file.
The config file is located at simpleusers/ and is fairly simple to understand.

Did you run the install script?

If not, you would probably want to; this will create the tables in your database needed for this to work.
The install script is located at simpleusers/install.php.

If you did, you should remove or rename the file or something similar, to avoid unwelcome users having access to it.