simpel-veilig-login-systeempje
Gesponsorde koppelingen
PHP script bestanden
///////////// config.inc.php ////////////////
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<?php
/**
* @author Arwin van der Velden
* @copyright 2009
* @name config.inc.php
* @version 1.0.1
*/
$db['username'] = '';
$db['password'] = '';
$db['host'] = 'localhost';
$db['database'] = '';
$settings['db_gebruikers_table'] = 'gebruikers';
$settings['db_sessions_table'] = 'sessions';
$settings['db_login_attempts_table'] = 'login_attempts';
$settings['max_login_pogingen'] = '3';
$mysqli = new mysqli($db['host'], $db['username'], $db['password'], $db['database']); // Host - Username - Password - Database
if(mysqli_connect_errno())
{
trigger_error('Fout bij verbinding: '.$mysqli->error);
}
unset($db);
include('functies.inc.php');
?>
/**
* @author Arwin van der Velden
* @copyright 2009
* @name config.inc.php
* @version 1.0.1
*/
$db['username'] = '';
$db['password'] = '';
$db['host'] = 'localhost';
$db['database'] = '';
$settings['db_gebruikers_table'] = 'gebruikers';
$settings['db_sessions_table'] = 'sessions';
$settings['db_login_attempts_table'] = 'login_attempts';
$settings['max_login_pogingen'] = '3';
$mysqli = new mysqli($db['host'], $db['username'], $db['password'], $db['database']); // Host - Username - Password - Database
if(mysqli_connect_errno())
{
trigger_error('Fout bij verbinding: '.$mysqli->error);
}
unset($db);
include('functies.inc.php');
?>
///////////// functies.inc.php ////////////////
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
/**
* @author Arwin van der Velden
* @copyright 2009
* @name functies.inc.php
* @version 1.0.1
*/
function isingelogd(){
global $settings, $mysqli;
// Kijken of er cookies zijn gezet, en controleren of ze valid zijn
if(isset($_COOKIE['user_id']) && ctype_digit($_COOKIE['user_id']) && isset($_COOKIE['user_hash']) && ctype_alnum($_COOKIE['user_hash'])) {
$query = " SELECT
gebruikerID, hash_key
FROM
".$settings['db_sessions_table']."
WHERE
gebruikerID = '".$mysqli->real_escape_string($_COOKIE['user_id'])."'
AND
hash = '".$mysqli->real_escape_string($_COOKIE['user_hash'])."'
AND
ip = '".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'";
// Query uitvoeren
if ($result = $mysqli->query($query)) {
$userId = $result->fetch_assoc();
if(ctype_digit($userId['gebruikerID'])) {
// Controleren of de hash ook klopt (browsercheck)
if(sha1($_COOKIE['user_id'] . $_SERVER['HTTP_USER_AGENT'] . $userId['hash_key']) == $_COOKIE['user_hash']) {
return true;
} else { // Browser is veranderd
// Niet ingelogd
$query = " UPDATE
".$settings['db_sessions_table']."
SET
hash = NULL,
hash_key = NULL,
ip = '".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'
WHERE
gebruikerID = '".$mysqli->real_escape_string($_COOKIE['user_id'])."'";
$mysqli->query($query);
// Cookies verwijderen
setcookie('user_id', 0, time() - 3600, '/');
setcookie('user_hash', '', time() - 3600, '/');
return false;
}
}
}
} else {
// Geen geldige cookies gezet
// Niet ingelogd
return false;
}
}
?>
/**
* @author Arwin van der Velden
* @copyright 2009
* @name functies.inc.php
* @version 1.0.1
*/
function isingelogd(){
global $settings, $mysqli;
// Kijken of er cookies zijn gezet, en controleren of ze valid zijn
if(isset($_COOKIE['user_id']) && ctype_digit($_COOKIE['user_id']) && isset($_COOKIE['user_hash']) && ctype_alnum($_COOKIE['user_hash'])) {
$query = " SELECT
gebruikerID, hash_key
FROM
".$settings['db_sessions_table']."
WHERE
gebruikerID = '".$mysqli->real_escape_string($_COOKIE['user_id'])."'
AND
hash = '".$mysqli->real_escape_string($_COOKIE['user_hash'])."'
AND
ip = '".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'";
// Query uitvoeren
if ($result = $mysqli->query($query)) {
$userId = $result->fetch_assoc();
if(ctype_digit($userId['gebruikerID'])) {
// Controleren of de hash ook klopt (browsercheck)
if(sha1($_COOKIE['user_id'] . $_SERVER['HTTP_USER_AGENT'] . $userId['hash_key']) == $_COOKIE['user_hash']) {
return true;
} else { // Browser is veranderd
// Niet ingelogd
$query = " UPDATE
".$settings['db_sessions_table']."
SET
hash = NULL,
hash_key = NULL,
ip = '".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'
WHERE
gebruikerID = '".$mysqli->real_escape_string($_COOKIE['user_id'])."'";
$mysqli->query($query);
// Cookies verwijderen
setcookie('user_id', 0, time() - 3600, '/');
setcookie('user_hash', '', time() - 3600, '/');
return false;
}
}
}
} else {
// Geen geldige cookies gezet
// Niet ingelogd
return false;
}
}
?>
///////////// index.php (login pagina)////////////////
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
<?php
/**
* @author Arwin van der Velden
* @copyright 2009
* @name index.php
* @version 1.0.1
*/
error_reporting(E_ALL);
ini_set('display_errors', '1');
include('config.inc.php');
/* ----------------------------------------------------------------------------------------------- */
if(!isingelogd()) {
// Anti-flood, na 5 keer verkeerd inloggen wordt je IP adres 24 uur geband
$query = " SELECT
COUNT(id) AS attempts
FROM
".$settings['db_login_attempts_table']."
WHERE
date_time > (NOW() - INTERVAL 24 HOUR)
AND
ip = '".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'
AND
sys_info = '".$mysqli->real_escape_string($_SERVER['HTTP_USER_AGENT'])."'";
if ($result = $mysqli->query($query)) {
$login_attempt = $result->fetch_assoc();
if($login_attempt['attempts'] > $settings['max_login_pogingen']) { // Controleren of je bent geband
echo 'U bent tijdelijk geband<br>';
} else {
if (mb_strtoupper($_SERVER['REQUEST_METHOD']) != 'POST') {
$formulier = true;
} else {
$formulier = false;
if(ctype_digit($_POST['form']) && time() < strtotime("+1 minute", $_POST['form'])) {
$username = htmlspecialchars($_POST['username']);
$hashedPass = sha1($username.$_POST['pass']);
$query = " SELECT
ID
FROM
".$settings['db_gebruikers_table']."
WHERE
gebruikersnaam = '".$mysqli->real_escape_string($username)."'
AND
wachtwoord = '".$mysqli->real_escape_string($hashedPass)."'";
if ($result = $mysqli->query($query)) {
$userId = $result->fetch_assoc();
if(ctype_digit($userId['ID'])) {
$hash_key = uniqid(mt_rand(), true);
$hash = sha1($userId['ID'] . $_SERVER['HTTP_USER_AGENT'] . $hash_key);
// Cookies maken
setcookie('user_id', $userId['ID'], time() + 60*60*24*365, '/');
setcookie('user_hash', $hash, time() + 60*60*24*365, '/');
// Update query samenstellen, ip en hash updaten
$sql = " INSERT INTO
".$settings['db_sessions_table']."
(
gebruikerID,
hash,
hash_key,
datum,
ip
)
VALUES (
'".$mysqli->real_escape_string($userId['ID'])."',
'".$hash."',
'".$hash_key."',
NOW(),
'".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'
)";
// Query uitvoeren
if(!$result = $mysqli->query($sql)) {
trigger_error('Fout in query: '.$mysqli->error);
} else {
if($mysqli->affected_rows > 0) {
echo 'Je bent ingelogd!';
}
}
} else {
$sql = " INSERT INTO
".$settings['db_login_attempts_table']."
(
date_time,
ip,
sys_info
)
VALUES (
NOW(),
'".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."',
'".$mysqli->real_escape_string($_SERVER['HTTP_USER_AGENT'])."'
)";
if(!$result = $mysqli->query($sql)) {
trigger_error('Fout in query: '.$mysqli->error);
}/*else {
if($mysqli->affected_rows > 0) {
echo 'Attempt ingevoerd<br>';
}
}
*/
echo 'Het wachtwoord of gebruikersnaam was incorrect';
$formulier = true;
}
}
} else {
echo 'Fout bij inloggen. Probeer het opnieuw.';
}
}
if($formulier) {
echo ' <form method="post" action="'.end(explode('/', $_SERVER["REQUEST_URI"])).'">
<p><label>Username:</label><input type="text" name="username" value="" /></p>
<p><label>Password:</label><input type="password" name="pass" value="" /></p>
<br><input type="hidden" name="form" value="'.time().'" />
<p><input type="submit" value="Inloggen" /></p>
</form>
';
}
}
} else {
trigger_error('Fout in query: '.$mysqli->error);
}
} else {
echo 'U bent al ingelogd.';
}
?>
/**
* @author Arwin van der Velden
* @copyright 2009
* @name index.php
* @version 1.0.1
*/
error_reporting(E_ALL);
ini_set('display_errors', '1');
include('config.inc.php');
/* ----------------------------------------------------------------------------------------------- */
if(!isingelogd()) {
// Anti-flood, na 5 keer verkeerd inloggen wordt je IP adres 24 uur geband
$query = " SELECT
COUNT(id) AS attempts
FROM
".$settings['db_login_attempts_table']."
WHERE
date_time > (NOW() - INTERVAL 24 HOUR)
AND
ip = '".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'
AND
sys_info = '".$mysqli->real_escape_string($_SERVER['HTTP_USER_AGENT'])."'";
if ($result = $mysqli->query($query)) {
$login_attempt = $result->fetch_assoc();
if($login_attempt['attempts'] > $settings['max_login_pogingen']) { // Controleren of je bent geband
echo 'U bent tijdelijk geband<br>';
} else {
if (mb_strtoupper($_SERVER['REQUEST_METHOD']) != 'POST') {
$formulier = true;
} else {
$formulier = false;
if(ctype_digit($_POST['form']) && time() < strtotime("+1 minute", $_POST['form'])) {
$username = htmlspecialchars($_POST['username']);
$hashedPass = sha1($username.$_POST['pass']);
$query = " SELECT
ID
FROM
".$settings['db_gebruikers_table']."
WHERE
gebruikersnaam = '".$mysqli->real_escape_string($username)."'
AND
wachtwoord = '".$mysqli->real_escape_string($hashedPass)."'";
if ($result = $mysqli->query($query)) {
$userId = $result->fetch_assoc();
if(ctype_digit($userId['ID'])) {
$hash_key = uniqid(mt_rand(), true);
$hash = sha1($userId['ID'] . $_SERVER['HTTP_USER_AGENT'] . $hash_key);
// Cookies maken
setcookie('user_id', $userId['ID'], time() + 60*60*24*365, '/');
setcookie('user_hash', $hash, time() + 60*60*24*365, '/');
// Update query samenstellen, ip en hash updaten
$sql = " INSERT INTO
".$settings['db_sessions_table']."
(
gebruikerID,
hash,
hash_key,
datum,
ip
)
VALUES (
'".$mysqli->real_escape_string($userId['ID'])."',
'".$hash."',
'".$hash_key."',
NOW(),
'".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'
)";
// Query uitvoeren
if(!$result = $mysqli->query($sql)) {
trigger_error('Fout in query: '.$mysqli->error);
} else {
if($mysqli->affected_rows > 0) {
echo 'Je bent ingelogd!';
}
}
} else {
$sql = " INSERT INTO
".$settings['db_login_attempts_table']."
(
date_time,
ip,
sys_info
)
VALUES (
NOW(),
'".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."',
'".$mysqli->real_escape_string($_SERVER['HTTP_USER_AGENT'])."'
)";
if(!$result = $mysqli->query($sql)) {
trigger_error('Fout in query: '.$mysqli->error);
}/*else {
if($mysqli->affected_rows > 0) {
echo 'Attempt ingevoerd<br>';
}
}
*/
echo 'Het wachtwoord of gebruikersnaam was incorrect';
$formulier = true;
}
}
} else {
echo 'Fout bij inloggen. Probeer het opnieuw.';
}
}
if($formulier) {
echo ' <form method="post" action="'.end(explode('/', $_SERVER["REQUEST_URI"])).'">
<p><label>Username:</label><input type="text" name="username" value="" /></p>
<p><label>Password:</label><input type="password" name="pass" value="" /></p>
<br><input type="hidden" name="form" value="'.time().'" />
<p><input type="submit" value="Inloggen" /></p>
</form>
';
}
}
} else {
trigger_error('Fout in query: '.$mysqli->error);
}
} else {
echo 'U bent al ingelogd.';
}
?>
///////////// logout.php ////////////////
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
<?php
/**
* @author Arwin van der Velden
* @copyright 2009
* @name logout.php
* @version 1.0.1
*/
include('config.inc.php');
setcookie('user_id', 0, time() - 3600, '/');
setcookie('user_hash', '', time() - 3600, '/');
$query = " UPDATE
".$settings['db_sessions_table']."
SET
hash = NULL,
hash_key = NULL,
ip = '".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'
WHERE
gebruikerID = '".$mysqli->real_escape_string($_COOKIE['user_id'])."'";
if(!$result = $mysqli->query($query)) {
trigger_error('Fout in query: '.$mysqli->error);
} else {
if($mysqli->affected_rows > 0) {
echo 'U bent uitgelogd';
}
}
?>
/**
* @author Arwin van der Velden
* @copyright 2009
* @name logout.php
* @version 1.0.1
*/
include('config.inc.php');
setcookie('user_id', 0, time() - 3600, '/');
setcookie('user_hash', '', time() - 3600, '/');
$query = " UPDATE
".$settings['db_sessions_table']."
SET
hash = NULL,
hash_key = NULL,
ip = '".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."'
WHERE
gebruikerID = '".$mysqli->real_escape_string($_COOKIE['user_id'])."'";
if(!$result = $mysqli->query($query)) {
trigger_error('Fout in query: '.$mysqli->error);
} else {
if($mysqli->affected_rows > 0) {
echo 'U bent uitgelogd';
}
}
?>
/////////////// voorbeeld beveiligde pagina ///////////////
Code (php)
/////////////// voorbeeld registratie script ///////////////
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<?php
include('config.inc.php');
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$formulier = true;
} else {
$formulier = false;
//controles uitvoeren
if(!ereg("^[A-Za-z0-9]+$",$_POST["username"]) || strlen($_POST["username"]) < 3) {
echo '<b style="color:#FDB839">• Uw gebruikersnaam is ongeldig.</b><br>';
$_POST["Gebruikersnaam"] = ""; $formulier = true;
}
$result = $mysqli->query("SELECT ID FROM ".$settings['db_gebruikers_table']." WHERE gebruikersnaam LIKE '".$mysqli->real_escape_string($_POST['username'])."'");
if(!empty($_POST["username"]) && $result->num_rows > 0) {
echo '<b style="color:#FDB839">• Deze gebruikersnaam is al bezet.</b><br>';
$_POST["Gebruikersnaam"] = ""; $formulier = true;
}
if(empty($_POST["pass"])) {
echo '<b style="color:#FDB839">• Uw password is ongeldig.</b><br>';
$_POST["pass"] = ""; $formulier = true;
}
if(empty($_POST["email"]) || preg_match("/^[A-Za-z0-9._\-]+\@[A-Za-z0-9._\-]+\.[A-Za-z]{2,4}$/", $_POST["email"])) {
echo '<b style="color:#FDB839">• Uw emailadres is ongeldig.</b><br>';
$_POST["email"] = ""; $formulier = true;
}
if($formulier) { // Wel of niet verzenden
echo '<br>';
$_POST["pass"] = "";
} else { // Verzenden
$sql = "
INSERT INTO ".$settings['db_gebruikers_table']." (
gebruikersnaam,
wachtwoord,
voornaam,
achternaam,
emailadres,
ipadres,
startdatum )
VALUES (
'".$mysqli->real_escape_string(htmlspecialchars($_POST['username']))."',
'".$mysqli->real_escape_string(sha1(htmlspecialchars($_POST['username']).$_POST['pass']))."',
'".$mysqli->real_escape_string(htmlspecialchars($_POST['fname']))."',
'".$mysqli->real_escape_string(htmlspecialchars($_POST['lname']))."',
'".$mysqli->real_escape_string($_POST['email'])."',
'".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."',
NOW()
)";
if(!$result = $mysqli->query($sql)) {
trigger_error('Fout in query: '.$mysqli->error);
echo '<br />Er is een fout opgetreden, de gebruiker is niet toegevoegd.';
} else {
echo 'De gebruiker is succesvol toegevoegd.';
}
}
}
if($formulier) {
echo ' <form method="post" action="'.end(explode('/', $_SERVER["REQUEST_URI"])).'">
<p><label>Username:</label><input type="text" name="username" value="" /></p>
<p><label>Password:</label><input type="password" name="pass" value="" /></p>
<p></p>
<p><label>First Name:</label><input type="text" name="fname" value="" /></p>
<p><label>Last Name:</label><input type="text" name="lname" value="" /></p>
<p><label>E-mail Address:</label><input type="text" name="email" value="" /></p>
<p><input type="submit" value="Send form" /></p>
</form>
';
}
?>
include('config.inc.php');
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$formulier = true;
} else {
$formulier = false;
//controles uitvoeren
if(!ereg("^[A-Za-z0-9]+$",$_POST["username"]) || strlen($_POST["username"]) < 3) {
echo '<b style="color:#FDB839">• Uw gebruikersnaam is ongeldig.</b><br>';
$_POST["Gebruikersnaam"] = ""; $formulier = true;
}
$result = $mysqli->query("SELECT ID FROM ".$settings['db_gebruikers_table']." WHERE gebruikersnaam LIKE '".$mysqli->real_escape_string($_POST['username'])."'");
if(!empty($_POST["username"]) && $result->num_rows > 0) {
echo '<b style="color:#FDB839">• Deze gebruikersnaam is al bezet.</b><br>';
$_POST["Gebruikersnaam"] = ""; $formulier = true;
}
if(empty($_POST["pass"])) {
echo '<b style="color:#FDB839">• Uw password is ongeldig.</b><br>';
$_POST["pass"] = ""; $formulier = true;
}
if(empty($_POST["email"]) || preg_match("/^[A-Za-z0-9._\-]+\@[A-Za-z0-9._\-]+\.[A-Za-z]{2,4}$/", $_POST["email"])) {
echo '<b style="color:#FDB839">• Uw emailadres is ongeldig.</b><br>';
$_POST["email"] = ""; $formulier = true;
}
if($formulier) { // Wel of niet verzenden
echo '<br>';
$_POST["pass"] = "";
} else { // Verzenden
$sql = "
INSERT INTO ".$settings['db_gebruikers_table']." (
gebruikersnaam,
wachtwoord,
voornaam,
achternaam,
emailadres,
ipadres,
startdatum )
VALUES (
'".$mysqli->real_escape_string(htmlspecialchars($_POST['username']))."',
'".$mysqli->real_escape_string(sha1(htmlspecialchars($_POST['username']).$_POST['pass']))."',
'".$mysqli->real_escape_string(htmlspecialchars($_POST['fname']))."',
'".$mysqli->real_escape_string(htmlspecialchars($_POST['lname']))."',
'".$mysqli->real_escape_string($_POST['email'])."',
'".$mysqli->real_escape_string($_SERVER['REMOTE_ADDR'])."',
NOW()
)";
if(!$result = $mysqli->query($sql)) {
trigger_error('Fout in query: '.$mysqli->error);
echo '<br />Er is een fout opgetreden, de gebruiker is niet toegevoegd.';
} else {
echo 'De gebruiker is succesvol toegevoegd.';
}
}
}
if($formulier) {
echo ' <form method="post" action="'.end(explode('/', $_SERVER["REQUEST_URI"])).'">
<p><label>Username:</label><input type="text" name="username" value="" /></p>
<p><label>Password:</label><input type="password" name="pass" value="" /></p>
<p></p>
<p><label>First Name:</label><input type="text" name="fname" value="" /></p>
<p><label>Last Name:</label><input type="text" name="lname" value="" /></p>
<p><label>E-mail Address:</label><input type="text" name="email" value="" /></p>
<p><input type="submit" value="Send form" /></p>
</form>
';
}
?>
/////////////// DATABASE ///////////////
CREATE TABLE `gebruikers` (
`ID` int(11) NOT NULL auto_increment,
`gebruikersnaam` varchar(90) NOT NULL,
`wachtwoord` varchar(255) NOT NULL,
`voornaam` varchar(255) NOT NULL,
`tussenvoegsel` varchar(255) NOT NULL,
`achternaam` varchar(255) NOT NULL,
`emailadres` varchar(255) NOT NULL,
`rechten` int(11) NOT NULL,
`ip` varchar(16) NOT NULL,
`startdatum` datetime NOT NULL,
`bevestigen` varchar(45) NOT NULL,
PRIMARY KEY (`ID`),
UNIQUE KEY `gebruikersnaam` (`gebruikersnaam`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ;
CREATE TABLE `sessions` (
`sessionID` int(11) NOT NULL auto_increment,
`gebruikerID` int(11) NOT NULL,
`hash` varchar(40) NOT NULL,
`hash_key` varchar(41) NOT NULL,
`datum` datetime NOT NULL,
`ip` varchar(16) NOT NULL,
PRIMARY KEY (`sessionID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ;
ALTER TABLE sessions ADD FOREIGN KEY ( gebruikerID ) REFERENCES gebruikers( ID ) ;
CREATE TABLE `login_attempts` (
`id` int(11) NOT NULL auto_increment,
`date_time` datetime NOT NULL,
`ip` varchar(16) NOT NULL,
`sys_info` varchar(610) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ;