Xavier – PHP Login Script & User Management Admin Panel

March 2017 – Log in with your e-mail address

We’ve finally added an update people have been screaming for, for ages. You can now login with your e-mail address. It’s no longer possible however to have duplicate email addresses for your users.

We also recently updated the hash algorithm to SHA256, but it is still backwards compatible with SHA1 – in fact you can use your own hash algorithm! In January we added Unique User Home Pages & full logging is now available! Check when your users log off, on, change passwords and much more!

The script can easily be dropped in to an existing website allowing you to protect pages by adding one line of PHP code at the top of a page. You can also protect sections of pages. Secure your web pages or sections of content dependant on whether your users are logged in or out, or whether they are a member of a User Group. Or secure your pages dependent on whether you are logged on as an administrator. The example pages and scripts (login, registration, forgotten password, etc.) included in the script can be customised to be used in your own website or can fit neatly in to your existing website.

The administration panel allows you to administer your users and change various site settings. As an admin you can add, edit, ban or delete users or user groups. It is built on Bootstrap and is highly customizable.

Main Features

  • Can be dropped in to an existing website or used ‘out of the box’.
  • Protect your site’s pages or sections of pages by login status, group status and/or group level status.
  • Optional Captcha (and other failsafes) to avoid registration of automated bots.
  • User login using PHP sessions, navigate across pages and stay logged on.
  • Full Logging Facility.
  • User Groups with optional levels.
  • Promote regular users to admins who will have some admin functions.
  • User timeout after inactivity.
  • Unique User Home Pages
  • Users can change profile settings, change passwords, e-mail addresses.
  • Forgot Password feature.
  • Optional admin or e-mail activation.
  • Optional welcome e-mail.
  • Admin can add, activate, ban, edit or delete users.
  • View and display Active Users.
  • Records user’s registration date, last login date and IP addresses.
  • Records Most Ever Users Online
  • Passwords are individually encrypted and salted.
  • Change minimum / maximum username or password length.
  • Confirm password & e-mail address on registration.
  • Customizable Admin Skin which uses Bootstrap CSS
  • Plus much more….


Try the online demo here at the Angry Frog website. Logon as admin with username: admin / password: P4ssw0rd


Support is provided by the author. Click on the support tab and e-mail us if you are having any issues with the script or you can post any general queries or observations in the comments section. You can also post in the Forums at the Angry Frog website here. There are also detailed instructions provided with the script.


v 2.4
[Changes] Allow logon with e-mail address
[Changes] No longer allowed duplicate email addresses - option removed from admin panel (and database)
[Changes] Admin Registration Summary page gives better error info on unsuccessful admin registration
[Updated] Updated Database - removed ALLOW_DUPE_EMAIL column from configuration table
v 2.3
[Updated] - Added SHA256 hash algorithm for hashing user passwords.

v 2.2.1

[fixed] Could not change user details correctly when 'Allow Duplicate Email' is Off
[Updated] admin/includes/Adminfunctions.php - Updated adminEditAccount function
v 2.2.0
Added Logging and other small fixes.
v 2.1.0
Added Unique User Home Pages - Pages users are sent to after initial login. This can be set by the admin or individually for each user.
v 2
New Release - complete update and redesign of the admin GUI with lots of improvements. Folder structure changes. No database changes.
Fixed isMemberOfGroup function
Change where site redirects to after login. <strong>Database update is required!);</strong> Run this SQL on your database - INSERT INTO `configuration` (`config_name`, `config_value`) VALUES ('login_page', 'index.php');
v 1.1.1
Fixed Bug - removing user from all groups.
v 1.1.0
Added User Groups.
Made improvements to the banning system.
Added ability to promote regular users to admin, who then have limited admin permissions.
Fixed some bugs.

- Enter Your Location -
- or -
Register New Account
Reset Password