Official website for Web Designer - defining the internet through beautiful design
Author: Imagine Admin
18th March 2009

Enabling single signon using Open ID login, PHP and MySQL


Enabling single signon using Open ID login, PHP and MySQL


Think about the number of username and password combinations you have to remember on a daily basis – bank logins, social networking sites, Flickr, Twitter, Basecamp and so on. The more security-conscious of us will accept that using the same username and password isn’t a great idea, as if you use that combination on an untrusted site, they could use it to log in as you into everywhere else. We would rather be storing more useful things than passwords in our brains, so we’re very happy that Open ID is becoming a popular way for websites to authenticate users. So what is an Open ID? You can get an Open ID by various methods; the simplest is to choose a trusted Open ID provider and sign up with them. You might also find that one of the sites you already sign into is an Open ID provider – AOL, LiveJournal and most recently Yahoo! can all act as your Open ID. You will then be given a username, something like http://yourname.myOpen When you log in on an Open ID-enabled site, you simply enter this URL into their login box. The site will then redirect out to your Open ID provider where you will log in and the provider then checks that you are happy to give the other site your details. You will then be sent back to the website and are logged in. The benefits to users are that they don’t need to remember lots of different sets of login details, and can also keep the actual password details on one trusted site. For the site owner, you don’t need to store password details on your site and deal with forgotten passwords and so on. If you have built a password login system for a site before, then enabling Open ID just means a small shift in thinking – for storing a username and password on your site and writing a script to check them, to firing out a request to an external site and getting information back as to whether your user is logged in or not. You can still tie any information specific to your site to a user, by linking that information to their Open ID in your database. So now you know what Open ID is, this tutorial will have a look at how you might enable your site for Open ID logins. We’ll be using PHP and MySQL, although the principles are the same whichever language you choose.

1. Get your Open ID

Enabling single signon using Open ID login, PHP and MySQL

The first step is to have an Open ID to use to test your sign-on. If you already have an Open ID or are signed up for a site that gives you one, then you are all set. Otherwise, sign up at a provider such as and get your own Open ID URL.

2. Download the PHP class

Enabling single signon using Open ID login, PHP and MySQL

We will use a PHP class in order to simplify the process of communicating with the Open ID provider. The class we are going to use is the Simple Open ID Class that is available from The version of the class we have used is available in the code sample, however, if you are going to use this in a live application, check the site for any updates to it. In the zip that you have downloaded, the file you will need is class.openid.v2.php. Save this into your site, naming it anything you like.

3. Create a form

In a new PHP file, add a form; all we need is a field for the user to enter their Open ID URL and a Submit button. Set the form to post back to itself for this example. We’ve also added a link to so the user can go and get an Open ID if they don’t have one yet.

<form action=”index.php” method=”post”>
<h1>Login with your openID</h1>
<div><label for=”openid”>Your OpenID</label><input
ype=”text” name=”openid_url” id=”openid” class=”text” />
<input type=”submit” name=”login” value=”Login” class=”btn”
<p><a href=””>Get an OpenID</a></p>

4. Posting the form

We now need to deal with what happens when the user posts the form containing their Open ID. At the very top of this script inside PHP tags, include the class we downloaded earlier and create a new instance of that class.

if ($_POST) {
$openid = new OpenIDService();

5. Set up the request

In addition to checking whether the user is valid, we can ask the Open ID server to send us back some information about the user, such as their email address, full name and gender. The user needs to have already entered this information into their profile and agree to send it to you when they get to the Open ID site. The following lines of code set the user’s identity (this is the URL they entered into the text box), the site that is asking to be authorised, some required fields that we need and some optional fields.

$openid->SetIdentity($_POST[‘Open ID_url’]);
$openid->SetTrustRoot(‘http://’ . $_SERVER[“HTTP_HOST”]);

Pages: 1 2 3

Tags: , ,
  • Tell a Friend
  • Follow our Twitter to find out about all the latest web development, news, reviews, previews, interviews, features and a whole more.
    • Caroline

      Hmm is anyone else having problems with the images on this blog loading?
      I’m trying to determine if its a problem on my end or if it’s the blog.

      Any feedback would be greatly appreciated.

    • YouTube

      Thanks for the marvelous posting! I actually enjoyed reading it, you may
      be a great author. I will make certain to bookmark your blog and will come back
      in the foreseeable future. I want to encourage one
      to continue your great work, have a nice holiday weekend!

    • seo adelaide

      Wonderful beat ! I would like to apprentice while you amend your
      web site, how could i subscribe for a blog site? The account aided
      me a acceptable deal. I had been a little bit acquainted of this your broadcast offered bright clear idea

    • mobile web design

      nice application. it is like i have my own financial toolbar like money-bar on my phone. this truly can make my life easier.

    • SEO Leicester

      How does Pageonce Pro compare? What about Pageonce\’s free offerings?

    • jailbreak android

      This is a good tip especially to those fresh to the blogosphere. Short but very precise info… Thanks for sharing this one. A must read article!

    • Inkasso Forum

      It’s actually a nice and useful piece of info. I’m glad that you simply shared this helpful info with us. Please stay us up to date like this. Thank you for sharing.

    • wholesale hcg

      Aw, this was an exceptionally nice post. Taking the time and actual effort to make a great article… but what can I say… I hesitate a whole lot and never seem to get nearly anything done.

    • Android App Developer

      This is really informative for me.As I am new in this field so it requires to choose the right path.Thanks for sharing it..

    • Camcorder Reviews

      One of the better cross-over prosumer camcorders is Sony’s upgrade of the DSR-PD150, the newly improved PD170. A lot of the buttons that may have been originally found on Canon cameras are no longer existent. The second step is finding the one with all characteristics that you need. Next to the lens is a flash, and above that is the external sensor for the Instant AF system, a Canon Camcorder Charger specialty feature.

    • painting contractors

      It’s really a cool and helpful piece of information. I’m satisfied that you simply shared this helpful info with us.
      Please keep us up to date like this. Thank you for sharing.


      Unfortunately, different people produce this hormone at different rates,
      which is why some people have trouble generating lean muscle growth.
      By making tonics and teas they have promoted optimal reproductive function throughout their people for centuries
      upon centuries. One of the more popular releases is Hyper – GH 14x.

    • Pingback: Top PHP Coding Tutorials, Tips and Tricks | Tutorial