Plan a Great Client Login System

Freelance Website designers, small Web design businesses, and large development enterprises should consider using a client login page for their customers.

A client login lets your clients access all their available features in one handy place, with the minimum fuss for the client and yourself. It allows you to keep confidential information confidential, while permitting collaboration between your business and the client online. It can substantially increase your credibility in the client’s eyes, as well as reducing the chance for mis-communication, making the client management process occur more smoothly.

Let’s look at the features you should consider for inclusion in your client login system. We’ll also address some of the key problems you may encounter, and explore how you can overcome them.

Before you Start

Your client login page doesn’t always need to be a complicated system, however there are some factors that need to be carefully thought out before you start. Attention to these details now can save you a lot of time in the long run.


You need to store certain client information in order to access it — so the user can change settings easily, and not have to enter their name or email address each time they want to do something on the site. Before you begin development, pick the storage method of your choice, and stick to it! Don’t store half the information in MySQL, and use flat text files for the rest. Choose one, and use one. Here are some ideas for storage methods:

  • MySQL
  • Microsoft Access
  • Flat Text files

MySQL is excellent in that it’s secure and can be easily accessed. It is also the PHP programmer’s method of choice. Microsoft Access works extremely well with ASP, and is brilliant for more organised storage. Flat text files are in no way secure, and not a good idea for information you don’t want hackers to be able to see.

The method you select from the suggestions above is an easy decision — all you need to do is choose the option that your server best supports. However, you must be careful in deciding what to store. You may wish to store all the details you have of your clients, but if a hacker gets in, they will have access to some potentially sensitive and confidential information. For this reason, limit the amount of information you store to a bare minimum, for example:

  • Customer’s site name — the full name of their Website
  • Customer’s site address — the URL to their Website
  • Customer’s full name — so you can greet them personally on each page
  • Customer ID Number (if applicable) — for support requests and correspondence
  • All services the customer has bought — and which ones they have paid for

Never store plain text passwords anywhere on your Web space, database, or wherever else a potential hacker could find them. If you have to store them, encrypt them. Take a look at the MySQL password function, and the PHP functions MD5 and crypt for help with protecting passwords.


Making your client information pages secure is an important part to remember. Not only does it protect hackers, it lets the page know who’s using the page. As I said before, you can give a personal touch to each page the user visits (e.g. "Welcome, Mr. Mickiewicz"), and when a user wants to change their settings or information, they can do so without having to enter their username and password each time.

There are many ways to authenticate your users — I won’t go into much detail, but here are a couple of suggestions:

  • .htaccess
    You know those login boxes that pop up in your browser sometimes? This can be done with minimal fuss using .htaccess authentication. For more information on this, see Kevin Yank’s Apache HTTP Authentication in PHP.

    However, there are certain security risks involved — usernames and passwords are both sent to the server in plain text and it is easy to "hijack" along the way.
  • PHP/MySQL Authentication
    This is the method I recommend you use for your client login page. It is extremely flexible and customisable, unlike those ugly .htaccess popup boxes. See Kevin Yank’ s article, Managing Users with PHP Sessions and MySQL for more details on this.

Get to the Drawing Board!

Now, draw out a plan on paper. Outline the links, colours, and text you want, to help when it comes to programming your pages. Your plans don’t need to be concise — you don’t need to write out the full text you’re going to include, and sketch each image out in general terms; just an overview of what will be in each place is fine.

The last step before you start is to decide upon the features you’ll include in your client login page. I’ve put together a few suggestions here for you to chew the end of your pen over.

Website Control Panel Access

If you offer Website hosting with your design services, you should provide a link for users to log in to their site’s online control panel, where they can set up and manage accounts, email addresses, etc.

Update Profile

You can provide a form through which users can update their customer profile if they change an address or phone number, for example. If you’ve decided not to store the client’s full information in your database, then you could set up a form-mailer to email the form contents to you for a manual update.

Work in Progress Page

Let your customers see how far you’ve got with their project. This could consist of a diary-style script where you can post major parts of the site that have been completed. A link to the site as it stands can also be included, along with a schedule, so they know when the site is due to be finished.

Support Area

This section might include details on how the client can contact you if they have a question or problem relating to their site. A simple mail form can be included to allow them to send you an email without leaving the page — they don’t even need a mail client such as Outlook or Eudora! You may also have support forums for clients — if this is the case, link to them from here.

Content Management

If you’ve supplied your user with a content management system it could be handy to include a link directly to the administration panel so they can add new content at the touch of a button.

Webmail Access

You can install a simple Webmail system so your customers can check their email over the Web. Hotscripts has a good list of free and licensed scripts.

Domain Expiry and Billing Data

Let your clients see when their next payment is due, or when they need to renew their hosting account.

Server Status Page

If you offer your own hosting to clients, you could include a server status page, where users can view and report downtime.

Logout Link

It sounds obvious, but you can’t afford to forget this, especially if the user is on a shared computer. Also worth considering is a "change password" page.

Of course, there are loads of other possibilities that you can include in your client login system. Remember that as most Website design companies’ services differ as their clients’ needs vary, it may be difficult to provide links to certain areas. For example, there is no point linking to a hosting control panel if all you’ve done is designed a logo for the client: a control panel won’t exist for them, and they’ll get a 404 error.

One way around this is to set up a separate database table or page with "Yes/No questions". For example, the field names could include "has_hosting", "has_domain", "has_cms" and the values for each user can differ depending on what they actually do have. Then you only need to display the links that are relevant to that specific user on your pages.

Get Programming!

Enough talk, you haven’t even started to make your client login page yet! After taking all the features we’ve discussed into account, you can get started on your programming, designing, and whatever else you need to do. However, there are some things you still need to remember — I know, there’s too much, but you want to make it look nice and professional, and work properly, don’t you?

It’s OK to Patronise

It’s OK to patronise your clients. Most people that hire a professional to make their site, do so because they don’t know how. Therefore they are highly unlikely to be Web professionals. You may need to spoon-feed your clients with "layman’s terms" and basic information, so they understand exactly what you mean.

Example: Instead of "Click here to enter your MySQL driven Web-based PHP content management system admin panel", consider "Click here to enter your Website’s content management control panel".

Consistency is Key

All your pages need to have the same layout, colours, fonts etc. to minimise user confusion. A lot of hosting control panels use frames, as this ensures a consistent layout, so you might consider it, too.

The fact that only a handful of users are going to be able to see your login system is no excuse to make it look boring and rushed. Put effort into your design to make it attractive and usable, and you’ll find your clients will want to come back.

The factors I have discussed in this article should give you an idea of the sort of features you should consider when making a client login page. Of course, as all Website design companies are different in almost every respect, there will certainly be other factors that you’ll want to build into the type of basic system we’ve discussed here. I hope this has inspired you to create your new client login page. Good luck!


Category: business Time: 2003-01-14 Views: 4

Related post

  • Is Open ID better than the usual LogIn system? 2009-06-10

    We are developing a web system and considering using the Open Id feature. Do you think it is any better than the usual way of loggin users in? If we use the Open Id feature that means the users will be redirected to the site of their choice of Open I

  • Client Login before accessing the internet 2012-12-21

    I wanted to create an internet gateway server where the client connecting to my network must enter a username and password, where the server checks if username and password is correct before they can access the internet. More like AUTHENTICATION via

  • First PHP login system 2014-05-05

    This is my first attempt at a login system! I've only had roughly 2 days of experience with MySQL and PHP so far and this is what I came up with: <?php session_start(); //Start Database $IP = ""; $user = ""; $pass = ""; $d

  • Login system security 2014-06-19

    Here is a login system I am working on. I just want an opinion on it and whether I am going in the right direction or am just completely missing something. The main thing I would like to know is: am I initializing my user session IDs correctly? Basic

  • Is my login system secure? 2015-02-07

    I am recently making a CMS and I need a secure login system, so this is my code. How is it? First: the HTMLcode for signup and login: <div id="login" style="display: none"> <input type="text" name="email" i

  • How to create a secure login system with cookies? 2015-12-09

    For my personal education, I am trying to create a secure login system using cookies. I have read a lot of articles and Stack Overflow questions on how to achieve that, but couldn't find anything useful. Everyone is suggests different ways of achievi

  • Login System Security Suggestions 2012-06-16

    I am creating a login system and was wondering if anybody had any suggestions. Here is my current setup: nonce to check if the login originated from our login form session and cookie auth mixed - in a session cookie sha256(username-set-in-a-session,s

  • How to make custom client Login page for a specific page 2013-08-03

    I want to make client login form on the home page and when client login, I want the client to land into to specific page. Unless logged in, if tried to land to that page must be redirected to home page. I have tried to use, Theme my login but did not

  • Which login system should I use? 2014-04-09

    I am currently developing a website with a login system. The server will not have HTTPS available and will not handle critical data such as credit card info or addresses, the most critical data transmitted would be email, full name, personal files (W

  • What is the best strategy for tracking USER ID on a website without login system? 2014-05-15

    Considering a brand new feature of USER ID in Google Universal Analytics I'm wondering what is the best model to track the full customer journey for a company which sells software products and has no login system? From which touch point (before or af

  • Virtualbox vm lstp client login blank for lstp server on ubuntu 14.04 , what I'm missing here..? 2015-05-09

    I am trying to configure a lstp server ( ip of lstp server : ) on a 64bit ubuntu 14.04 and check it network booting virtualbox vm (harddisk less vm) I configured everything according to this doc

  • Creating Original Database Algorithm--Login System 2015-07-07

    For fun, I have been making a very basic login system in Python. I was going to look up an algorithm or something for user info storage and transfer, but then decided it would be more fun to come up with and implement it myself. What I would like to

  • Client login without sending a password 2015-08-24

    I would love to have a system where the password is never send in plaintext (even with TLS) to authenticate a user. I've come up with this protocol, but I'd rather use something proven. Registration: Client (javascript in a browser) generates a 2048

  • $_SESSION - PHP to Login System 2016-01-27

    It is correct use $_SESSION for save data to the login system on my web pages? I have read which session data is stored on the server side. Therefore my client will be safe when did the login on my web site on the page which use the session to save d

  • The most secure login system [on hold] 2016-02-13

    I'm developing a professional administrative software. I've implemented a login system where administrators can login. The login system is fairly basic. It utilizes MySQL where the administrator username and password are matched against the entries i

  • Client wants a Client Management System 2009-10-30

    I have a client of mine that wants a Client Management System. They want something web based, priced well (free would be amazing) where they can keep track of their clients information, when they've contacted that client and what that client has purc

  • Are two database trips reasonable for a login system? 2011-02-10

    I am designing a login system for a project, and have an issue about it requiring two trips to the database when a user logs in. User types in username and password Database is polled and password hash is retrieved for comparative purposes (first tri

  • What do I lose if I use OpenID instead of the custom login system I built 2011-06-06

    I'm trying to make the decision whether to use OpenID or stay with a well-built custom login system. I think the appeal of OpenID is clear, in that the user doesn't have to create yet another account to log into your site. But can you help me answer

  • What plugin should I use for a basic user signup/login system 2012-01-17

    I need to present a user signup/login system on the front end of my site. My requirements are pretty straight forward: I don't want the user to ever wind up in the WP admin panel. A signed up user will have access to one additional page I want to kee

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C), All Rights Reserved.

processed in 0.763 (s). 13 q(s)